· ИП AOM (“we”, “us”, the “Company”) operates QRGen at qrgen.app. We comply with the laws of the Republic of Kazakhstan on personal data protection (No. 94-V dated 21 May 2013) and apply best-effort GDPR-equivalent practices for non-KZ visitors.
· 1. Data we collect
- 账户: email, hashed password, optional display name, optional company.
- · Billing: Plexy / Stripe transaction IDs and amounts. We do not store full card numbers.
- · QR code content: destinations and styles you upload.
- 扫描 events: IP address, user agent, device, OS, browser, country, referrer, scan token, timestamp. Stored at row level for 90 days, then aggregated into anonymized daily roll-ups.
- · Operational logs (request, error, deploy) — 14-day rotation.
· 2. Why we collect
To deliver the Service, attribute your scans inside the 分析 dashboard, prevent abuse / phishing, comply with Kazakh tax + AML obligations, and improve the product.
· 3. Sharing
· We share data only with: Plexy + Stripe (billing), Google Safe Browsing (URL screening), Sentry (error tracking — Almaty-based deployment), and Kazakh authorities when legally compelled. We never sell scan data.
· 4. Your rights
Access, rectification, deletion, portability — exercise via 支持@qrgen.app. We respond within 30 days.
· 5. Cookies
Strictly necessary cookies for session + CSRF. Optional 分析 cookies (GA4 / Yandex Metrica) are gated by your consent on first visit.
· 6. Retention
账户 data: until deletion. 扫描-event rows: 90 days. Daily roll-ups: 7 years (KZ tax requirement). Operational logs: 14 days.
· 7. Contact
· Privacy Officer: privacy@qrgen.app. Postal: Республика Казахстан, г. Алматы, 10 МКР, дом 7А/1.