This Privacy Policy explains how the Verigate application ("Verigate", "we", "us", "our") handles information when you use it on your iPhone. We are Georgii Shilovskii, an individual developer registered in Mexico, contactable at support@shilovskii.dev.
If you do not agree with this Privacy Policy, please do not install or use Verigate.
Verigate does not collect, transmit, or share any data. Everything it produces — scan results, the hashed records of people you have scanned, your lists, your settings — stays on your iPhone. There is no account, no cloud sync, no backend, no telemetry, no advertising, and no third-party analytics. When you scan a license, Verigate reads only the barcode; it never captures a photo and never stores the raw license number — only an irreversible one-way fingerprint (a SHA-256 hash) used to recognise repeat or flagged guests. Apple processes your purchase through the App Store under Apple's own terms.
This policy covers two roles: how we handle your data (we receive none), and your own responsibility for the data you collect about your guests when you use Verigate in a business — see section 7.
All of the following lives locally on your iPhone only:
| Data | Where it lives | Why |
|---|---|---|
| Scan events — time, outcome, age-at-scan, jurisdiction, the active profile | A local SwiftData store inside the app sandbox | The History log and Insights. |
| Person records — a SHA-256 hash of the license number; first/last name; date of birth; expiry; jurisdiction; your VIP/banned flag, nickname, and note | Same store | To recognise repeat, VIP, and banned guests by document — never by a photo. |
| Profiles — staff/door name, type, optional PIN | Same store | Per-door / per-staff logging and stats. |
| Settings (age threshold, auto-return, log retention, etc.) and a cached Premium flag | iOS UserDefaults |
To remember preferences and unlock Premium instantly at launch. |
We never store a photo or image of any ID, and we never store the raw license number. None of this data is uploaded, transmitted to a server we control, or shared with any third party. We cannot see it and cannot recover it for you.
None. We do not collect personal data, usage data, diagnostics, advertising identifiers, or analytics events. Verigate contains no third-party SDKs and no analytics, telemetry, or crash-reporting code.
Verigate opens a network connection in exactly one situation: Apple's StoreKit framework communicates with the App Store when you start, restore, or refresh a purchase. That traffic is handled by iOS and governed by Apple's Privacy Policy; we receive only the resulting entitlement signal ("you have Premium"), never payment details.
Verigate makes no other outbound connection — it does not phone home, sync, or report anything. The website/support/privacy/terms links in Settings open in your browser only when you tap them. The list-transfer feature produces a file you move between your own devices yourself; it never touches a server.
To recognise a returning, VIP, or banned guest, Verigate computes a SHA-256 hash of the license number and stores only that hash. A hash is one-way: it cannot be reversed to recover the license number. It is derived from the document number, not from a face or fingerprint, so it is not biometric data. This lets the app say "this is the same person you banned" without ever keeping anything a data breach could leak.
Verigate requests only the Camera, and uses it solely to read the barcode on the back of a license. No photo is captured. It does not request Photos, Location, Microphone, Contacts, Local Network, or any other permission.
If you use Verigate in a business (a bar, club, shop, or event), you decide to scan other people's identity documents and you control the resulting on-device records. In doing so you may be a "data controller" (or equivalent) under the laws of your jurisdiction — for example US state privacy and ID-scanning statutes, Illinois BIPA and similar biometric laws, Canadian PIPEDA, or the EU/UK GDPR.
You are responsible for scanning lawfully, for any notices or consent your local law requires, for retention limits, and for how you use flags and notes. We provide on-device, privacy-preserving tooling (no photo, no raw number, no cloud); we are not a party to, and have no access to, the data you collect about your guests, and we are therefore not a processor of it.
Verigate is a business tool for venue staff and is not directed to children, and we collect nothing from anyone. Note that the people an operator scans may themselves be under the age threshold — detecting that is the point of the check. The operator is responsible for handling any such data — including minors' data — lawfully under applicable law (see section 7).
Because all data stays on your device and we never receive it, the rights typically granted under the GDPR, CCPA, and similar privacy laws — access, correction, deletion, and export — are exercised by you, on the device:
If you nonetheless have questions about your rights, contact us at support@shilovskii.dev. Note that we will only be able to confirm that we do not hold any data about you, since we do not collect any.
Verigate is a native iOS application. It does not use cookies, web beacons, pixels, or any other web-tracking technology, and it does not perform any online tracking. Do-Not-Track signals are therefore not applicable — there is nothing for us to track.
If we materially change this Privacy Policy, we will update the Last updated date above and, where required by law, notify you the next time you open the app or update through the App Store. We encourage you to review this Privacy Policy periodically.
Questions about this Privacy Policy, or about how Verigate handles data on your iPhone, please contact us:
Developer: Georgii Shilovskii, Mexico
Email: support@shilovskii.dev