GUNR Security — 14 Years, Zero Data Breaches
Your firearms data deserves proof, not promises. Here is exactly how we protect it.
Built on Google Cloud
Your data sits in the same infrastructure that protects Gmail, Google Drive, and YouTube. GUNR runs on Firebase and Firestore, Google's enterprise-grade app platform, across multiple data centres with automatic redundancy and failover.
Google Cloud holds SOC 1/2/3, ISO 27001, ISO 27017, and ISO 27018 certifications. These are Google's certifications — your data benefits from the same security posture that protects billions of users.
99.999% uptime SLA from Google Cloud's multi-region Firestore deployment.
Encrypted everywhere
In transit: All data is encrypted using TLS 1.2+ — the same bank-grade standard that protects online banking. Every API call between your device and our servers travels over HTTPS. No exceptions.
At rest: All data stored on Google Cloud servers is encrypted with AES-256. Encryption keys are managed by Google's Key Management Service and stored separately from your data — not beside it, not on the same server.
Your data is invisible to everyone else
Firestore security rules enforce strict per-user data isolation at the database level. This is not application logic that can be bypassed — it is enforced by Google's infrastructure before any data is read or written.
Every read and write operation is verified against your authenticated identity. There is no API endpoint, admin panel, or backdoor that exposes one user's data to another.
Even if another user somehow knew your exact document IDs, the database would reject the request. Your data is structurally inaccessible to anyone who is not you.
Multiple layers of access control
Authentication: Sign in with email and password, Google, or Apple. Your identity is verified by Firebase Authentication, not a home-grown system.
Multi-factor authentication: Optional MFA adds a second verification step via SMS or authenticator app. Even if someone has your password, they cannot access your account.
Biometric lock: Fingerprint and Face ID authentication available on supported devices. Your data stays locked even if someone picks up your unlocked phone.
App verification: Firebase App Check verifies that only the genuine GUNR app can communicate with our backend services, blocking bots, scrapers, and spoofed clients.
What we never do
Your data belongs to you
Export anytime: Download your data as PDF or CSV whenever you want. Your data is never held hostage.
Full backup and restore: Built into every app in the GUNR suite. Your data is always recoverable.
Delete means delete: When you delete your account, all associated data is permanently destroyed. No 90-day soft-delete window, no archived copies, no exceptions.
Your legal rights: GUNR is fully compliant with POPIA (South Africa) and GDPR (EU). Your rights to access, correct, and delete your personal data are honoured under both frameworks. Read the full details in our Privacy Policy.
Restricted employee access
Only officially verified, validated, and approved employees have limited access to production data — solely for debugging purposes. Never for browsing. Never out of curiosity.
Production database access requires explicit authorisation. There is no open door.
We built the system so we do not need to look at your data. When we do, it is to fix a problem you reported.
Proven track record
Live since July 2012 — nearly 14 years of continuous production operation.
Zero data breaches in that entire history. Not one.
Active development with regular security updates and patches. This is not abandoned software.
South African company, legally bound by POPIA and GDPR. Thousands of active users trust GUNR daily on iOS and Android. Still have questions? Check our FAQ.
Your firearms data is safer here than anywhere else.
14 years. Zero breaches. Download GUNR and see for yourself.
