Master Key Manager

FAQ

FREQUENTLY ASKED QUESTIONS

Security, Privacy & Everything You Need to Know

Data Security

“Why cloud-based instead of on-device?”

The old way was paper workbooks or Excel files on one computer. If that computer crashed, you lost everything. With cloud storage, your data is automatically backed up across multiple data centers. You could lose your phone today and log in on a new one tomorrow — all your master key systems are still there.

“Who can see my data?”

Only people in your company. When you invite an employee, they can see your company’s systems. But they can never see another locksmith’s data — not their workbooks, not their customers, not their QR codes. The system checks every single request to make sure you belong to that company before showing anything.

“What about hackers?”

This runs on enterprise-grade cloud infrastructure — the same type that powers major tech services. Every connection is encrypted. The security rules are enforced at the server level, not in the app. So even if someone reverse-engineered the app, the server would still block unauthorized access.

“Can even YOU (Jerry) see my data?”

I have admin access for support purposes — things like resetting a locked account or troubleshooting issues. But I’m not sitting here browsing through your master key systems. The app doesn’t even have a feature for that. And honestly, I’ve got my own locksmith work to worry about!

“What about employees who leave?”

When you remove an employee from your company, they immediately lose access. They can’t log back in and see your systems. The owner has full control over who’s in and who’s out.

“Account sharing protection”

We built in protection against account sharing. If someone tries to share their login between multiple devices constantly swapping back and forth, the system detects it and locks the account temporarily. This protects your subscription and keeps the system fair for everyone.

“QR codes — aren’t those scannable by anyone?”

The QR code itself just contains an ID number — it doesn’t expose any sensitive information. When you scan it, the app looks up that ID in your company’s database. If you’re not logged into that company, you get nothing. So even if a stranger found a key tag on the ground and scanned it, they’d just see an error.

“40 years in the trade — why trust this?”

I’ve been a locksmith for over 40 years. I know what’s at stake — master key systems protect buildings, businesses, people’s homes. I wouldn’t put my name on something that wasn’t secure. I built this the way I’d want it built if I were the customer.

Backup & Recovery

“What if I accidentally delete something?”

We’ve built in safeguards to prevent accidental deletions. Critical actions like deleting a master key system require confirmation. Only the company owner can delete systems — employees can’t accidentally wipe out your work. If something does get deleted and you need help recovering it, contact support and we can look at restoring from our backups.

“How often is my data backed up?”

Your data is stored on enterprise-grade cloud infrastructure, which automatically replicates your data across multiple data centers in real-time. This isn’t a once-a-day backup — every change you make is instantly saved and protected. The infrastructure is designed for 99.99% uptime, so your data is always there when you need it.

Business Continuity

“What happens if Master Key Manager goes out of business?”

I understand this concern — you’re trusting your business data to my software. First, I’m not going anywhere. This is my legacy project after over 40 years in the trade. But if something ever did happen, you’d have advance notice and the ability to export all your data. Your master key systems, door schedules, and records would be yours to keep. I’d never leave customers stranded.

“Can I export my data?”

Yes. You can generate PDF reports of your master key systems, door schedules, and workbooks at any time. These are professional documents you can save, print, or share with customers. Your data is never locked inside the app with no way out.

Privacy & Compliance

“Do you sell my data to third parties?”

Absolutely not. Your data is yours. We don’t sell it, share it, or use it for advertising. The only people who can see your master key systems are you and the employees you invite. Period. This isn’t a free app that makes money off your information — you’re paying for a professional tool, and that means your data stays private.

“Is this GDPR compliant?”

Yes. We take privacy seriously for all our customers, whether they’re in the US, Europe, or anywhere else. You control your data. You can request to see what we have, correct it, or delete your account entirely. We only collect what’s necessary to run the service — no tracking, no profiling, no selling your information.

Practical Security

“What if I lose my phone?”

Your data isn’t stored on your phone — it’s in the cloud. If you lose your phone, just log into Master Key Manager on a new device and everything is right where you left it. If you’re worried about someone accessing the app on your lost phone, you can change your password from any device and that immediately locks out the old one.

“Can I require two-factor authentication for my employees?”

Currently, we use strong password requirements and account lockout protection to secure accounts. Two-factor authentication is something we’re considering for a future update. In the meantime, the best practice is to use unique, strong passwords and remove employees from your company immediately when they leave.

“What happens if someone guesses my password?”

We require strong passwords — at least 8 characters with a mix of uppercase, lowercase, numbers, and special characters. This makes guessing nearly impossible. If someone does try to brute-force their way in with repeated wrong guesses, the account gets locked. And if you ever suspect your password has been compromised, you can reset it immediately through the app.

Technical Summary

For those who want the technical details:

  • Company-level isolation — Every piece of data is stored under a company’s document with strict access rules
  • Authentication required — Users must be signed in and verified before accessing any data
  • Role-based access — Some actions (deleting systems, managing employees) restricted to owners only
  • Encrypted in transit — All data uses HTTPS/TLS encryption
  • Encrypted at rest — Data stored on servers is automatically encrypted
  • Enterprise-grade infrastructure — Same security standards as major tech services
  • Real-time replication — Data automatically copied across multiple data centers
  • Audit logging — Sensitive actions are tracked for security reporting
  • Session management — Account sharing detection and lockout protection
  • Strong password enforcement — Minimum 8 characters with complexity requirements

Master Key Manager — Built by a locksmith, for locksmiths.