Is app-based access control secure and GDPR compliant?

Yes. A well-designed app-based access control system is secure and GDPR compliant when it encrypts communications, authenticates devices and users, and stores only essential data. PuertApp encrypts all traffic with AES-256 and TLS over AWS IoT infrastructure, identifies each device with unique credentials, and is designed to comply with the General Data Protection Regulation.

How communications are protected

All communications between your phone, the cloud and the garage device travel encrypted with AES-256 and TLS. This prevents anyone from reading or copying the signal to open the door without permission, unlike some radio-frequency remotes that can be cloned.

Bluetooth opening without Internet also uses secure rotating credentials, so a captured command cannot be used to open later. Security holds both remotely and up close.

Device and user authentication

Each installed device is identified with unique, encrypted credentials; only authorized equipment can interact with the door. On the people side, each resident has their own user and registration is by invitation: the administrator registers the right people, you cannot just walk in.

Platform access uses robust authentication and permissions are assigned per door, so each user can only open what they are entitled to.

GDPR compliance

PuertApp is designed to comply with the General Data Protection Regulation. Data minimization is applied: only what is essential to provide the service and ensure access security is stored. Data is kept for the minimum time needed, with retention policies that automatically delete old information. It is not sold or shared with third parties for commercial purposes. [VERIFICAR: textos legales concretos, encargado de tratamiento y DPO publicados]

Frequently asked questions