Let’s Clear a Few Things Up: How Patronscan Actually Works

At Patronscan, our mission has always been simple: help create spaces where people feel safe enough to just enjoy their night. No stress, no looking over their shoulder, no wondering if someone in the room means them harm. Just good times with good people. 

When we saw articles circulating this week suggesting our system uses facial recognition and collects biometric data on patrons, or that we sell patron data to third-party companies, we had to speak up because that’s simply not true, and the communities protected by our system deserve accurate information about the tools being used in their spaces. 

Let’s clear a few things up: 

  • We do not use facial recognition or collect biometric data. 
  • We do not sell or share your personal information with any third-party company. 
  • We do not save or share your home address on our Flag Network. 

What we do is scan a government-issued ID to confirm you are who you say you are, and that you’re old enough to be there. That’s it. 

For clients using our Flag Network, the goal is to provide one thing that’s missing in a lot of social spaces these days: accountability. Bad behaviour doesn’t just disappear when someone gets kicked out, and they don’t get to walk into the bar across the road and start over. Any venue running our system will see that flag at the door and can turn them away before they ever get inside. 

For venues like our clients in The Castro, this matters deeply. When someone brings hatred, prejudice, or harmful intent into an LGBTQ+ space and gets removed and flagged, our system makes sure they can’t just dust themselves off and walk into the next bar down the street. If they’ve been flagged at one Patronscan venue, other venues on our network will see that at the door. They don’t get a second chance to ruin someone else’s night. 

Your data is yours. You can request deletion at any time, and if you haven’t been involved in an incident, it’s automatically deleted after typically 21 days anyway. If you’ve been flagged and believe it’s wrong, you can dispute it directly on our website. We’re fully compliant with CCPA and all applicable privacy legislations, and we take that responsibility seriously. 

Our venues in The Castro represent a community that has fought hard for the right to exist freely and joyfully. We want to help protect that. That’s why we’re here. 

If you have more questions, we’d love to answer them. Reach out any time at privacy@patronscan.com to get in touch with our Privacy team. 

 

UPDATE – June 19, 2026: Since sharing this post, the writer of one of the articles mentioned reached out for comment and clarification on how our system works. We always welcome the opportunity to share accurate information and were happy to answer their questions. We’re also publishing the questions and our responses here in full, so the complete context is available to anyone who wants it.

 

1. Has Servall Data Systems, the company that does business as Patronscan, ever been called Servall Biometrics? When and what was the nature of that name change?

Our Response: Servall Data Systems is and always has been our legal company name. Like many businesses, we’ve gone through rebranding cycles over the years, including operating under the DBA Servall Biometrics. 

 

2. Previous reporting on Patronscan claimed the company “logged where customers live, household demographics for that area, how far each customer traveled to a bar, and how many different bars they had visited.” (That article includes a Patronscan Public Safety Report on Sacramento from 2018.) Do you still collect this information? Do you still release Public Safety Reports? If you do, could you please provide me with the most recent report from San Francisco?

Our Response: Previous reporting contained inaccuracies that were left uncorrected. Our Public Safety Reports used fully anonymized data in accordance with privacy laws to show information such as visitor counts by zip code and average ages. No personal information was included in these reports, and no individual could ever be identified from them.  

The reports also cross-referenced publicly available US census data to show average demographics by zip code, and showed aggregate visit frequency (for example, 500 patrons visited one venue, 200 patrons visited two venues). This was part of a short-term public safety initiative, and we no longer produce these reports in California. We do still collect zip codes as part of our standard data collection, which is outlined in our response to question 3.  

 

3. Your privacy policy currently states “Patronscan may collect, on behalf of the Customer or on its own behalf: Information printed or encoded on your identification document, including name, DOB, address, document number…” In your statement yesterday you say you do not “save or share” home addresses. Can you clarify the privacy policy for me?

Our Response: For bar and nightclub clients, we collect: Full Name, Date of Birth, Gender (if available on ID), Zip Code (if available on ID), and Expiry Date (if available on ID). If an additional authenticity check is required, a venue can run a one-time comparison of the full address against publicly available information to confirm it is a real address (e.g. Google Maps). This comparison is not saved in our system and is not shared on our flag network. Patronscan limits data collection to only what is needed to verify age, avoid an inaccurate match to our known flag list, and complete formal data requests made in connection with a reported crime.

 

4. The privacy policy also states you collect “a facial image captured at the time of the scan, where the Customer has enabled facial comparison features.” Part of the IL lawsuit’s biometric claim was about Patronscan performing a “scan of facial geometry.” Can you clarify this distinction for me?

Our Response: Facial comparison features are not enabled for North American customers and never have been. The live image captured at the time of scan is a photograph taken so door staff can compare it against the photo on the ID and is deleted along with all other personal information at the end of the data retention period – in California, this is 21 days. Our privacy policy includes a section titled “Is Patronscan privacy compliant in California” which details our compliance with California privacy laws. Patronscan does operate in other countries where facial comparison features may be required. 

 

5. When a patron is flagged for bad behavior, how long is their data stored in the Patronscan system?

Our Response: Flags are either single-venue or networked across participating venues. 

Single-venue flags are visible only to the venue or ownership group that placed them. No other venue can see them. The maximum flag period for a single-venue flag is 5 years. 

Networked flags are visible to other venues on the network, but only when a patron’s ID is scanned at a participating venue. Venues cannot search or browse other businesses’ flags. The maximum flag period for a networked flag is 1 year. 

A flag is an alert only. As of 2026, 82% of flags on our network are single-venue flags. Networked flags are typically placed in connection with the most serious incidents, such as violent or sexual assaults, and help prevent repeat harmful behaviour across venues. Patrons who believe they have been flagged unfairly can file a Flag Dispute on our website at any time. 

 

6. The bouncer one bar in the Castro told me patrons’ personal data is stored for 30 days (unless they are flagged, in which case they said it is stored indefinitely, see question above). Your privacy notice says it is stored for 21 days. Can businesses decide to store personal data for longer than 21 days for unflagged patrons?

Our response: For bar and nightclub venues in California, data for unflagged patrons is retained for 21 days before being permanently deleted. This window exists to give crime victims sufficient time to report an incident and for law enforcement to complete the steps required to request access for records that may help identify a suspected assailant. Victims frequently report crimes days or weeks after they occur. This retention period is published on our website and displayed on the notice sticker on every Patronscan kiosk, or at a suitable entry point where it is visible. Businesses do not have the ability to extend or change this retention period on their account for unflagged patrons. Our Data Retention policies are tailored to the relevant privacy laws of each jurisdiction and to the compliance obligations of the business in question.