Last Updated: May 3, 2026
Allegion PLC ("we", "us", or "our") operates the Romanworks Access system, which includes the realtime.romancontrols.com website and the Romanworks Access mobile application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect information in connection with this Service.
The Romanworks Access iOS app is an enterprise tool that allows employer-provisioned users to authenticate and provision NFC mobile access credentials into Apple Wallet. Users cannot create accounts within the app — accounts are provisioned by your employer or administrator.
The Service collects the following categories of information:
We use the collected information to:
The Service uses the following third-party services. Each processes data as described below. We encourage you to review their respective privacy policies.
openid email profile, which allows Auth0 to share your email address, name, and profile information with the app. Authentication tokens are stored in the iOS Keychain on your device and cleared when you log out.
As a user of the Service, you have the right to:
SDK Analytics Opt-Out: The Allegion mobile access SDK automatically collects usage analytics events via Microsoft AppCenter. These events do not include personal information. To request opt-out of SDK analytics data collection, please contact developer.support@allegion.com. We will work with our SDK provider to process your request.
To exercise any of these rights, please contact us using the information provided in Section 13.
The Romanworks Access mobile application is an enterprise tool for iPhone that allows employees to provision NFC mobile access credentials into Apple Wallet. The app requires an employer-provisioned account and cannot be used to create new accounts. An NFC-capable iPhone is required.
Authentication: The app uses Auth0 web-based authentication. When you log in, your browser opens Auth0's login page and the app requests your email address, name, and profile information via the OAuth2 scopes openid email profile. Authentication tokens are stored securely in the iOS Keychain on your device and are cleared when you log out.
NFC Credential Provisioning: After authentication, the app retrieves your NFC access rights from Allegion's servers using your authentication token. You are then guided through adding those credentials to Apple Wallet using Apple's PassKit framework. The data exchanged during this process includes your authentication token and NFC credential data.
SDK Analytics: The Allegion mobile access SDK used by this app automatically sends usage analytics events to Microsoft AppCenter when the SDK initializes. These events include SDK initialization status, authentication flow success or failure, and NFC rights retrieval status. No personally identifiable information is included in any of these events. See Section 4 for details and Section 6 for opt-out instructions.
Security: The app performs a jailbreak detection check at launch using a local security library. If your device is detected as jailbroken, the app will immediately terminate to protect the security of your access credentials. No jailbreak detection data is transmitted externally.
The following table describes how the data collected by this app is classified in accordance with Apple App Store privacy standards.
| Data Category | Classification | Collected By |
|---|---|---|
| Email address, name, Auth0 user ID | Linked to your identity | Auth0 / Allegion backend |
| NFC access credentials and access rights | Linked to your identity | Allegion backend |
| Authentication tokens | Linked to your identity — stored locally in iOS Keychain | Auth0 (stored locally) |
| SDK analytics events (app bundle ID, generic init/auth/NFC events) | Not linked to your identity — no user identifiers included | Microsoft AppCenter |
| Jailbreak detection result | Not transmitted externally — local only | On-device only |
Tracking: We do not use your data to track you across third-party apps or websites for advertising purposes.
We do not sell, trade, or rent your information. We may share data only in the following limited circumstances:
The Service is not intended for use by individuals under the age of 18. We do not knowingly collect information from children under 18. If you believe a child has provided information to the Service, please contact us immediately.
The Service is hosted in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using the Service, you consent to such transfer.
We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this policy. For material changes, we will make reasonable efforts to notify you. Continued use of the Service after changes constitutes acceptance of the updated policy.
If you have questions, concerns, or requests regarding this Privacy Policy or the Service — including requests to exercise your data rights or opt out of analytics — please contact us at:
Email: developer.support@allegion.com
Company: Allegion PLC
© 2026 Allegion PLC. All rights reserved.