Security & PrivacyYour safety and privacy are our priority!
Since the development phase of the Nuki Smart Locks your security and privacy have been our top priority. We communicate our encryption technologies and data usage in a transparent way, guaranteeing that you are always in control of your data.
To use the Nuki Smart Lock, Opener or Smart door you neither need a user account nor will your personal data be stored in any cloud.
This is true for using Nuki in Bluetooth range as well as via WI-FI if you have connected your device to the Nuki Bridge.
Wherever and whenever possible, your data will be processed only on your end devices.
Of course you can also use our Nuki Web Cloud service, which requires the caching of data on our servers. However, Nuki Web is an optional service and you decide if or how long you want to use this service.
Learn more about the three ways to use your Nuki devices
A maximum of security is our key principle in the development of the Nuki devices. We have dedicated ourselves to this value in the development of our product range and have consistently pursued this path over the past years. This is also shown through regular testing and certification by independent security experts and institutes.
The communication of the Nuki Smart Lock, Nuki Opener and Smart Door is end-to-end encrypted and our security standards are comparable to those in the online banking sector. For this, we have been tested and awarded. Furthermore, numerous features of the Nuki devices and the Nuki app allow you to keep an eye on the security of your door. For example, you can deactivate permissions at any time or limit their duration, and you always keep track of who opens your door with the activity log.
Under the following links you will find further information on the topics of security and data protection:
The Nuki Smart Lock, Opener and Smart Door use Bluetooth Low Energy (BLE) in order to communicate with the Nuki app. The current Bluetooth standard (BLE 5) is remarkably energy-efficient and has excellent range. For security reasons, we have created our own encryption protocol to use alongside normal Bluetooth communication.
How your data is managed
If you use your Nuki Smart Lock, Opener or Smart door via Bluetooth, all personal information generated while using Nuki will be stored exclusively on your end devices. Neither do you need a user account nor are personal data collected and transferred to our servers or stored in a cloud.
Communication between the Nuki app and the Nuki device uses a unique key that is known only to the two devices. In order to protect against attackers, the data is encrypted before it is transmitted. This encrypted data is transmitted via Bluetooth and decrypted by the Nuki device. You can read the details about our encryption technologies in the blogpost about our security concept.
As soon as you want to control your Nuki device not only in Bluetooth range but also remotely, you need the Nuki Bridge. The Nuki Bridge brings your Smart Lock, Opener or Smart Door into your Wi-Fi and gives you full access to your Nuki device even if you are not on site. This way you can lock your door remotely, assign permissions, check the status or change settings.
How your data is managed
Even when using the Nuki Bridge, no user data is stored on the Nuki server.
All personal information generated while using Nuki will be stored exclusively on your end devices. Neither do you need a user account nor are personal data collected or stored in a cloud.
The server only forwards commands, but can neither read nor execute them. That means we don’t save any information on our servers regarding the communication between the Nuki app and the Nuki Smart Lock.
All data sent to your Nuki device to or from the Nuki Bridge is encrypted, using the same key known only to your Nuki app and to your Nuki device. This key is otherwise unable to be deciphered in transit, either by the Bridge or the Nuki server. You can find more detailed information about the encryption technologies we use in the blog post about our security concept.
Cloud (Nuki Web)
With the cloud service Nuki Web, you can easily, quickly, and clearly manage and operate your Smart Lock, Opener or Smart Door with your computer. In addition, you can use Nuki Web to very easily integrate your Nuki device into your Smart Home environment.
To use Nuki Web you need the Nuki Bridge to connect your Nuki device to the Wi-Fi and a Nuki Web account.
By choosing a secure password and activating the two-step verification, you protect your Nuki Web account and ensure maximum security.
In order for you to access your Nuki device from any Internet-enabled device, data required for the management and control of the Nuki device must be stored on our server.
The digital keys stay on your devices
The individual digital keys of users are stored exclusively on the end devices – i.e. the Smart Lock and the smartphone – and these are never stored in the cloud.
Nuki Web gets its own key. With this key you can control your Nuki device via your Nuki Web account. All other keys are not transmitted to the cloud!
Personal and security-related data stored on the Nuki server
Your email address
The location of the Nuki device
The username as well as the email address of the users
The encrypted passwords of the users
The activity log of the users
Your four-digit security code
The configuration data of your device such as time zone, door handle or button settings
Encrypted data transmission to the server
The transmission between your browser and the Nuki server is done via HTTPS. Since the communication is TLS encrypted, no third party can read the communication between these two systems.
Backups of the database are stored encrypted in an external cloud in Germany and deleted after seven days. The external storage of data is done for security reasons in case of physical disturbances in our data center.
Secure location of the Nuki server
The Nuki server is located in Germany. This way we ensure that the requirements of the General Data Protection Regulation are met and your data is managed securely.
You have control over the deletion of your data
If you no longer wish to use the Nuki cloud service, you can delete the data stored there on your own at any time.
By removing your Nuki device from your Nuki Web account and deleting the account, all data will be deleted immediately.
When using Nuki Web, a secure authentication is especially important since data of your devices is synchronized to the server.
The protection of your data is important to us!