We welcome media inquiries and believe transparency and open conversation leads to better public understanding of how our technology works. Below is our record of this inquiry, the questions we received, our responses, and a quick fact check of the published article as it relates to Patronscan.
| Publication Name
The San Francisco Standard |
Method of Contact
|
| Date Contacted
26 June, 2026 |
Contact Name
Heather Kelly, Technology Editor |
Questions & Responses
Questions are listed as received. Our responses below are the complete, unedited text of what we submitted.
Q1. I’m working on a story about Patronscan’s use in local San Francisco bars and lounges. I wanted to see if you had a statement on recent reactions and coverage of the devices in The Castro during Pride, as well as ask a few questions and fact checks.
Our Response: We’ve published our response to recent media interest in San Francisco on our website to correct some inaccuracies in local media coverage and to provide additional context to anyone who wants it: https://patronscan.com/articles/lets-clear-a-few-things-up-how-patronscan-actually-works/
The most persistent misconception in recent coverage is that Patronscan is a facial recognition system or that we collect biometric data. Neither is true for our North American product. We understand why people have concerns about technology and privacy; those are legitimate conversations worth having and we take our part in them seriously. But when inaccurate claims circulate without correction, it makes the conversation harder for everyone, including the small, independent venues that invest in tools like ours because they want their spaces to be safer.
Q2. Do you respond to disclosure requests submitted via the form and email within 10 days?
Q3. Is there a deletion request form I am missing or is that only via email or snail mail?
Q4. Since you request a copy of ID to do a data or deletion request, can you share how you save that information and for how long?
Our Response to Q2, Q3, and Q4: Yes, our practice is to respond to all disclosure requests within 10 days regardless of how they are submitted. We do not have a separate deletion request form. We direct deletion requests to complete a disclosure request form first to securely confirm identity and verify whether we hold information for that individual. They are then able to continue the conversation via email or phone to request deletion of any identified information. Any copy of ID submitted for identity verification on deletion or disclosure requests is permanently deleted once verification is complete.
Q5. Do deletion requests also delete “non-personally identifiable data” that has been collected by Patronscan and used for things like reports?
Our Response: As permitted under CCPA, deletion requests do not apply to non-personally identifiable information. The only non-PII data we collect is anonymized and aggregated, meaning we are not able to separate or identify individual information from it.
Q6. Why is this data “cross-referenced with publicly available census data”?
Our Response: The reference to census data cross-referencing relates to our past Public Safety Reports, which we no longer produce. The only current use of publicly available census data in our product is limited to venue-specific reporting that provides community demographic context based on zip code, such as average household size. This data is anonymized, aggregate, and accessible only to Admin level users at the subscribing venue.
Q7. There is research on and examples of these limited data sets being used to re-identify people. Are there any precautions being taken by the company with this in mind?
Q8. And I wanted to confirm that you do not require a warrant from law enforcement to hand over data, just proof of an active investigation.
Our Response to Q7 and Q8: We have detailed information available at www.patronscan.com/privacy that should answer most of the questions you sent over, including outlines of what data is collected, how long it is stored, how data is protected, and what is required for law enforcement requests.
Fact Check
The resulting article from this inquiry was published on June 29, 2026. The following Fact Check is only relating to statements directly relating to Patronscan, our technology or our operations. We’re not commenting on the broader article, its sources, or unrelated claims.
| AS PUBLISHED | PATRONSCAN’S CLARIFICATION |
| “Patronscan says it keeps this data for unflagged people for 21 days in the U.S.” | Our data retention policies are tailored to the state and industry regulatory or legal requirements. Data retention periods will be clearly stated on Patronscan info stickers on or near the scanner. In California, our bar and nightclub venues have a 21 day retention period. |
| “Patronscan’s core selling point is that it lets bars flag problematic customers, then share that information with other participating businesses.” | As of July 2026, the vast majority of flags on the Patronscan network (82%) are Private flags, meaning they are only visible to the venue or ownership group that placed them. No other venue can see them.
Networked flags are visible to other venues on the Patronscan network, but only when a patron’s ID is scanned at a participating venue. Venues cannot search or browse other businesses’ flags; networked flags are typically only placed in connection with the most serious incidents, such as violent or sexual assaults. |
We understand that news reporting is a challenge of gathering and presenting a large amount of information in a short, readable format. We publish all media responses here so you can read exactly what we said, in full. We believe open, fact-based conversation is the best way to promote understanding of our technology and the role it plays in venue safety. If you have questions or would like to speak with us directly, we’d love to hear from you at media@patronscan.com.