Privacy Policy

1. Information We Collect

2. How We Use Your Information

• To provide, maintain, and improve our services
• To process your transactions and manage your account
• To send you technical notices, updates, and support messages
• To respond to your comments, questions, and requests
• To analyze usage trends and improve user experience
• To detect, prevent, and address technical issues and fraud
• To send marketing communications (with your consent)

3. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in these circumstances:

• Service Providers: We share data with third-party vendors who perform services on our behalf (e.g., Stripe for payments, AWS for hosting)
• Legal Requirements: We may disclose information if required by law or in response to valid legal requests
• Business Transfers: Information may be transferred if we are involved in a merger, acquisition, or sale of assets
• With Your Consent: We may share information with your explicit permission

4. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit (HTTPS/TLS) and at rest
• Regular security audits and penetration testing
• Access controls and authentication requirements
• Secure password hashing (bcrypt)
• Regular backups and disaster recovery procedures

5. Data Retention

• Active account data is retained while your account is active
• After account deletion, personal data is removed within 30 days
• QR code scan analytics are retained for 24 months
• Backup copies are purged within 90 days
• Legal requirements may require longer retention periods

6. Your Rights (GDPR Compliance)

If you are in the European Economic Area (EEA), you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing of your data
• Restriction: Request restriction of processing
• Withdraw Consent: Withdraw consent at any time

7. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication and service functionality
• Analytics Cookies: Help us understand how you use our service
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling cookies may affect service functionality.

8. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Privacy Shield Framework compliance (where applicable)
• Adequate country determinations

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or prominent notice on our website. Continued use of the service after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights, contact us at: