Gatepicker

Privacy policy

Small auth backend. Local door command.

Gatepicker uses sign-in only to decide who should have an app session. Opening the relay still happens locally over Bluetooth Low Energy between your phone and the ESP32 relay.

Data Gatepicker Uses

During sign-in, the app sends an Apple or Google identity token to the Gatepicker auth Worker. The Worker verifies that token with the sign-in provider and stores session records in Cloudflare KV.

  • Apple or Google identity token during sign-in.
  • Provider name and provider subject ID.
  • Issued and expiry timestamps for the server session.
  • Opaque Gatepicker session token returned to the app.
  • Local display name or account identifier saved by the mobile client.

Why It Is Used

Gatepicker uses this data to authenticate access, keep the user signed in, validate or revoke active sessions, and let the mobile client open the nearby relay locally over BLE.

What Is Not Collected

The app and site do not provide a public door-open API. The auth Worker does not collect BLE door command history, relay proximity history, or a log of successful local opens.

This page does not claim that analytics are disabled across all future versions. If analytics or cookies are added later, this policy should be updated to describe them plainly.

Retention

Server sessions stored in Cloudflare KV expire after 30 days. Signing out asks the auth Worker to delete the active server session on a best-effort basis and clears the active local session from the client.

Remembered display names or account identifiers can remain on the device after sign-out so the app can show familiar account choices the next time it opens.

Third Parties

Gatepicker relies on Apple or Google for sign-in, depending on the platform and account you choose. Gatepicker uses Cloudflare for Pages hosting, the auth Worker, and KV session storage.

Contact

Questions about this privacy page can be sent to privacy@tair.dev.