What is the best enterprise asset management software?

Keyco is an enterprise asset management platform that combines asset management, IT asset tracking, and smart asset tags into one solution. It replaces three separate tools with a single platform that supports QR, NFC, and batteryless BLE tracking. Deploy in under 10 minutes with a free tier available.

What is the best IT asset management software?

Keyco provides IT asset management through Digital Dub software agents that run on Windows, Chromebooks, and Android devices. Track endpoints with live GPS, geofencing alerts, and 30-second heartbeat check-ins. Combined with physical asset tags (QR, NFC, BLE), it covers both IT and physical assets in one platform.

What is the best asset tracking software for construction?

Keyco is ideal for construction asset tracking with rugged QR and NFC tags, real-time BLE beacon tracking, and GPS geofencing to monitor equipment across job sites. Active Dub tags require no batteries — they use energy harvesting for 10+ year lifespan in the field.

Does Keyco offer mobile asset tracking software?

Yes. Keyco has a native mobile app for iOS and Android that lets you scan QR and NFC tags, view your asset dashboard, track active assets on a map, and manage workflows from anywhere. All asset tags work with any smartphone camera — no special hardware needed.

What makes Keyco's Active Dub different from other IoT asset trackers?

Active Dub is the only batteryless IoT asset tag on the market. It uses energy harvesting to power itself from ambient RF energy — no batteries to replace, no charging, no maintenance. It provides real-time BLE tracking, motion detection, temperature and vibration sensors, with a 10+ year operational lifespan.

How long does it take to implement Keyco?

Keyco deploys in under 10 minutes. Sign up, tag your assets with QR/NFC/BLE DUB tags, and start tracking. No infrastructure required for QR and NFC tags. BLE gateways for Active Dubs set up in minutes. Free tier available with no credit card required.

Dashboard

Home Products Developers Enterprise Partners About Contact API Docs

Try Dashboard

Privacy Policy

Effective Date: February 18, 2026

Your privacy is a foundational principle at Keyco. This policy explains exactly what data we collect, why we collect it, and the protections we put in place — in plain English.

We do not sell, rent, or share your personal data with any third party for advertising or marketing purposes. Ever.

Contents

1. Who We Are
2. Data We Collect
3. Location Data
4. How We Use Your Data
5. No Third-Party Sharing
6. Data Storage & Security
7. Data Retention
8. Your Rights
9. Cookies & Tracking
10. Children's Privacy
11. Changes to This Policy
12. Contact Us

1. Who We Are

Keyco Inc. ("Keyco," "we," "us," or "our") operates the Keyco platform, including the web dashboard at qrdub.com, the Digital Dub Client mobile application, related APIs, and physical asset-tagging products (collectively, the "Services").

We are headquartered in Northern Virginia, United States. For the purposes of applicable data protection laws, Keyco Inc. is the data controller responsible for your personal information.

2. Data We Collect

We collect only what is necessary to provide and improve the Services. The categories of data we collect are:

2.1 Account & Identity Data

When you create a Keyco account, we collect:

Full nameEmail addressPassword (encrypted/hashed — never stored in plaintext)Organization name and roleProfile photo (optional)Google account info (if Google OAuth is used)

2.2 Asset & DUB Interaction Data

When you tag, scan, or manage an asset through any DUB product:

Asset name, description, and metadataDUB identifier (unique tag ID)Scan timestampScan location (see Section 3)Device type and operating system of the scanning deviceWorkflow and lifecycle events tied to the asset

2.3 Usage & Technical Data

IP addressBrowser type and versionPages visited and features usedSession duration and activity logsError logs and crash reports

This data is used exclusively for platform stability, security monitoring, and service improvement.

2.4 Payment & Billing Data

Payment processing is handled by Stripe, Inc., a PCI-DSS Level 1 certified payment processor. Keyco never stores, sees, or processes raw credit/debit card numbers. We retain only billing metadata such as subscription tier, invoice history, and last four digits of card (as provided by Stripe) for account records.

2.5 Communications Data

If you contact us via email or the contact form, we store your name, email address, and the content of your message to respond to your inquiry and maintain a record of the communication.

3. Location Data (Important)

Location data is the most sensitive category of data we collect. We are transparent about exactly when and how it is captured.

3.1 When Location Is Collected

Location data is captured in the following specific circumstances:

Scanning a DUB tag — When a QR Dub™, Pro Dub™, or Active Dub™ is scanned using the Digital Dub Client mobile app or any browser with location permissions, the GPS coordinates of the scanning device at the moment of the scan are recorded and attached to the scan event.
Active Dub™ BLE tracking — Active Dubs periodically broadcast their location signal via Bluetooth Low Energy (BLE). The Digital Dub Client, when running with location permissions, logs these coordinates to associate the physical tag with its detected position.
Manual location assignment — Users may manually assign a location to an asset record within the platform.

3.2 What Location Data Is Used For

Associating scan events with a geographic position for audit trails
Generating geographic insights and analytics within your organization's dashboard
Asset lifecycle tracking (e.g., last known location of a tagged item)
Enabling map views within the Keyco dashboard

Location data is never used for advertising, never sold, and never shared with third parties outside of secure cloud infrastructure hosting (see Section 5).

3.3 Your Control Over Location Data

Mobile app: You can revoke location permissions for the Digital Dub Client at any time through your device's system settings (iOS: Settings → Privacy → Location Services; Android: Settings → Apps → Permissions). Revoking location permissions will prevent scan-level location capture but will not affect other platform functionality.
Browser: When scanning via a web browser, your browser will prompt for location permission before any location is recorded. You may deny or revoke this at any time in your browser settings.
Deletion: You may request deletion of all location data associated with your account at any time (see Section 8).

4. How We Use Your Data

We use your data only for the following purposes:

Providing the Services — Creating and managing your account, processing asset tags and scan events, enabling organization and multi-user management, and delivering workflow automation.
Security & Fraud Prevention — Detecting unauthorized access, protecting accounts, and enforcing our Terms of Service.
Billing & Subscriptions — Managing your subscription tier, processing payments, and maintaining billing records.
Communications — Sending transactional emails (scan alerts, workflow notifications, account verification, password resets). We do not send unsolicited marketing emails without your explicit consent.
Analytics & Improvement — Understanding how the platform is used in aggregate to fix bugs, improve performance, and develop new features. These analytics are internal only.
Legal Compliance — Complying with applicable laws, regulations, or valid legal processes.

We do not use your data for automated profiling, targeted advertising, or resale to data brokers.

5. No Third-Party Sharing

Keyco does not sell, rent, license, or share your personal data with any third party for their own commercial purposes.

The only entities that may access your data are sub-processors — companies we use solely to operate our infrastructure on your behalf. These are not "third parties" in a marketing or advertising sense; they act as data processors under contractual obligations to protect your data.

Sub-Processor	Purpose	Data Accessed
Amazon Web Services (AWS)	Cloud infrastructure, database, storage, email delivery (SES)	All platform data (hosted and processed)
Stripe, Inc.	Payment processing (PCI-DSS Level 1)	Billing info only — no personal usage data
Google LLC	OAuth 2.0 authentication (login with Google)	Email, name, and Google account ID only

We may also disclose data when required by law (e.g., valid court order or subpoena) or when necessary to protect the rights, property, or safety of Keyco, our users, or the public. In such cases, we will notify affected users to the extent permitted by law.

6. Data Storage & Security

6.1 Infrastructure

All data is stored on AWS infrastructure located in the United States. We use Amazon Aurora (PostgreSQL-compatible) for the primary database, Amazon S3 for file storage, and AWS CloudFront for content delivery. All data in transit is encrypted using TLS 1.2 or higher. All data at rest is encrypted using AES-256.

6.2 Access Controls

Passwords are stored using industry-standard one-way hashing with salting (bcrypt).
Authentication uses short-lived JWT access tokens and secure refresh token rotation.
Role-based access control (RBAC) limits data access within organizations to authorized roles.
Administrative access to production systems is restricted to authorized engineering personnel only.

6.3 Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users without undue delay and in accordance with applicable law (including GDPR Article 33/34 and relevant US state breach notification statutes).

7. Data Retention

We retain your data only for as long as necessary:

Account data — Retained for the lifetime of your account. Upon account deletion, personal data is permanently purged within 30 days, except where required for legal, tax, or fraud-prevention purposes.
Scan and location data — Retained as part of asset history for the lifetime of your account. You may request deletion at any time (see Section 8).
Billing records — Retained for 7 years to comply with tax and accounting regulations, even after account deletion.
Server logs — Retained for up to 90 days for security and debugging purposes, then automatically purged.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data. We honor these rights regardless of jurisdiction.

Access

Request a copy of all personal data we hold about you.

Rectification

Correct inaccurate or incomplete personal data.

Erasure ("Right to be Forgotten")

Request deletion of your personal data, subject to legal retention obligations.

Portability

Receive your data in a machine-readable format to transfer to another service.

Restriction

Request that we limit how we process your data in certain circumstances.

Objection

Object to processing of your data where we rely on legitimate interests.

Withdraw Consent

Withdraw consent for location or marketing communications at any time.

Opt-Out of Sale (CCPA)

We do not sell personal data. No opt-out required, but you are entitled to this right.

To exercise any of these rights, contact us at privacy@keycomagix.com. We will respond within 30 days (or within any shorter period required by applicable law). We may need to verify your identity before fulfilling requests.

8.1 GDPR (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) or equivalent legislation. Our legal bases for processing your data are: (a) performance of a contract (providing the Services), (b) legitimate interests (security, fraud prevention, platform improvement), (c) compliance with legal obligations, and (d) your explicit consent (for location data and optional communications). You also have the right to lodge a complaint with your local supervisory authority.

8.2 CCPA / CPRA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) grant you rights to know, delete, correct, and opt out of the sale or sharing of your personal information. As stated throughout this policy, Keyco does not sell or share personal information with third parties for commercial purposes. You may submit any CCPA request to privacy@keycomagix.com.

8.3 Virginia CDPA (Virginia Residents)

If you are a Virginia resident, the Consumer Data Protection Act (CDPA) grants you rights to access, correct, delete, and obtain a copy of your personal data, and to opt out of targeted advertising or sale of personal data. Keyco does not conduct targeted advertising or sell personal data. Submit requests to privacy@keycomagix.com.

9. Cookies & Tracking

9.1 Cookies We Use

We use a minimal set of cookies necessary to operate the Services:

Authentication cookies — Used to keep you logged in securely. These are session-based, HTTP-only, and Secure-flagged.
Preference cookies — Used to remember your settings (e.g., UI preferences).

9.2 What We Do Not Use

We do not use:

Third-party advertising or tracking cookies
Cross-site behavioral tracking
Social media tracking pixels
Analytics platforms that share data with ad networks (e.g., Google Analytics with advertising features)

You can disable cookies through your browser settings. Note that disabling essential cookies may prevent you from logging in to the platform.

10. Children's Privacy

The Keyco Services are intended for use by businesses and individuals who are 18 years of age or older. We do not knowingly collect personal data from children under the age of 13 (or the applicable minimum age in your jurisdiction). In compliance with the Children's Online Privacy Protection Act (COPPA), if we become aware that we have collected personal data from a child under 13 without verifiable parental consent, we will delete that data immediately.

If you believe we may have collected data from a child under 13, please contact us at privacy@keycomagix.com immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

Update the "Effective Date" at the top of this page.
Send an email notification to all registered users.
Display a prominent notice on the Keyco dashboard for at least 30 days.

Your continued use of the Services after the effective date of any update constitutes your acceptance of the revised policy. If you do not agree with the updated policy, you may delete your account at any time.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Privacy Team:

privacy@keycomagix.com

Keyco Inc. · Privacy Team · Northern Virginia, United States

We aim to respond to all privacy-related inquiries within 30 days. For urgent matters, please include "URGENT" in your email subject line.

Last updated: February 18, 2026 · Keyco Inc.

This policy applies to all Keyco products and Services including the web dashboard, Digital Dub Client mobile app, public DUB viewer, and Keyco API.