Book a demo

Privacy Policy

Last updated May 27, 2026 · Effective TBD

This document is a working draft pending legal review. The published version will replace this page before general availability.

1. Overview

Cube Access Inc. (“Cube Access”, “we”, “us”, or “our”) provides a cloud-based access-control platform for offices, multi-site operations, and the security integrators who deploy and manage them (the “Service”). This Privacy Policy explains what information we collect when you use the Service, how we use it, when we share it, and what choices you have.

This policy applies to information collected through cube-access.com, the Cube Access web and mobile applications, the Cube Access API, and any related services that link to this policy. It does not apply to third-party services we integrate with, which have their own privacy practices.

2. Information we collect

Account information. Email address, name, organization, role (installer, administrator, operator), phone number, and authentication credentials, including any factors used for two-factor or multi-factor authentication.

Customer content. Information you and your end users enter into the Service: people records, badge and credential identifiers, schedules, access profiles, site and door configuration, photos used for credential issuance, and video or images captured by integrated cameras.

Usage and device data. IP address, browser type, operating system, device identifiers, time zone, pages and features used, and the dates and times of access. We use this for security, troubleshooting, and product improvement.

Logs and events. Door unlock, denial, alarm, and other physical-access events generated by hardware connected to the Service, along with associated timestamps and the user or credential responsible.

Communications. Messages you send to support, sales, or other Cube Access addresses, and your responses to surveys or product research.

We do not knowingly collect information from children under 13.

3. How we use information

We use the information described above to:

  • Provide, secure, and improve the Service.
  • Authenticate users and prevent unauthorized access.
  • Investigate and respond to security incidents and abuse.
  • Communicate about service changes, outages, and account matters.
  • Comply with legal obligations and respond to lawful requests.
  • Develop new features and conduct internal analytics, using aggregated or de-identified data wherever possible.

We do not sell personal information, and we do not use customer content to train third-party machine-learning models without explicit written agreement.

4. How we share information

We share information only as needed to run the Service, and only with the following categories of recipients:

  • Service providers. Cloud hosting, email delivery, payment processing, monitoring, and similar vendors that act on our instructions and are contractually bound to protect your information.
  • Your organization. Information you generate as part of an organization’s account is available to administrators and other authorized users of that tenant.
  • Integrators and partners. If your tenant is managed by an integrator or vendor partner, that partner has access to configuration, device, and event data scoped to your tenant for support and provisioning.
  • Legal and safety. When required by law, subpoena, or court order, or where we believe in good faith that disclosure is necessary to protect rights, safety, or the integrity of the Service.
  • Corporate transactions. In connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to confidentiality protections.

5. Data retention

We retain account, configuration, and event data for as long as your organization’s tenant is active, and for a reasonable period after termination to satisfy legal, audit, and dispute-resolution requirements. Specific retention periods are configurable per tenant for event and video data and are described in the in-product retention settings.

When the retention period ends, we delete or de-identify the information.

6. Security

We use technical, administrative, and physical safeguards designed to protect information against loss, misuse, and unauthorized access. These include encryption in transit and at rest for sensitive data, role-based access control, audit logging, and regular review of vendor security practices. No system is fully secure; if you believe your credentials or account have been compromised, contact us immediately.

7. Your choices and rights

Depending on where you live, you may have the right to access, correct, delete, port, or restrict processing of your personal information, and to object to certain processing. To exercise these rights, contact us using the details at the bottom of this page. We will respond within the time required by applicable law.

If your organization is the controller of the information (for example, the company that issued your badge), we will direct your request to that organization where appropriate.

8. International transfers

Cube Access is based in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States or other countries where we or our service providers operate. Where required, we use appropriate safeguards for international transfers.

9. Cookies and similar technologies

The Service uses cookies and similar technologies to keep you signed in, remember preferences, secure the Service, and measure usage. You can control cookies through your browser settings. Disabling cookies may affect functionality such as staying signed in.

10. Changes to this policy

We may update this policy from time to time. When we make material changes, we will notify you by email or through the Service before the changes take effect. The “Last updated” date at the top of this page reflects the most recent revision.

11. Contact us

Cube Access Inc., 6240 SOM Center Rd #110, Solon, OH 44139. Email: or@cube-access.com. Phone: 216.245.9629.