Privacy Policy

This Privacy Policy describes how ScanForge (“ScanForge,” “we,” “us”) collects, uses, shares, and protects information when you use our website, applications, and APIs (the “Service”), and the rights you have with respect to your personal data. If you have questions, email privacy@scanforge.co or write to us at the address in Section 12.

1. Information We Collect

We collect three broad categories of information:

• Account information you provide — name, email address, hashed password, workspace name, and, if applicable, billing contact details. Payment-card data is collected directly by Stripe and is not stored on ScanForge systems.
• QR content you create — destination URLs, routing rules, branding elements, and analytics configuration associated with the QR codes you generate.
• Scan telemetry — when your QR codes are scanned, we record approximate country (derived from IP at redirect time), device type, browser, language, referrer URL, and a timestamp. We also apply bot filtering to reduce junk traffic.

2. How We Use Your Information

We use your information to:

• operate the Service, including redirecting scans and displaying analytics in your dashboard;
• process subscription payments (via Stripe) and handle billing inquiries;
• send transactional emails (verification, password reset, billing, scan alerts);
• generate AI summaries and briefings on your own scan data (on-account, not across accounts);
• detect abuse, fraud, and prohibited use of the Service;
• communicate product updates you have opted into, and respond to support requests.

We do not sell your personal data. We do not share your scan data across customer accounts, and we do not train public AI models on it.

3. Legal Bases (GDPR / UK GDPR)

If you are in the EEA, UK, or Switzerland, we rely on the following legal bases:

• Contract. To create and manage your account, process payments, deliver the Service, and provide customer support.
• Legitimate interest. To secure the Service, prevent abuse, maintain audit logs, and produce analytics for you on your own scan traffic.
• Legal obligation. To retain billing records as required by tax and commercial law.
• Consent. For optional marketing emails (which you can unsubscribe from at any time) and any optional features where we say “we will ask first.”

4. Scan Analytics & IP Addresses

When someone scans your QR code and hits our redirect endpoint, the request includes an IP address at the network layer. We use the IP to derive approximate country and to apply bot filtering, and we do not retain raw IP addresses in our analytics store; in our analytics records, the IP is replaced by derived fields (country, device, browser) only.

Our infrastructure provider (Vercel) may briefly retain raw IP addresses in edge and server request logs for operational security purposes (abuse prevention, DDoS defense) under its own retention policy.

Customer-configured pixels. If you, as a ScanForge customer, configure a Meta Pixel ID or Google Tag ID on a QR code, our redirect page will load that pixel in the end scanner’s browser and those third parties will receive the scanner’s IP and user-agent under their own terms. You are the controller for that data collection; ScanForge acts as a processor on your instructions. You are responsible for ensuring any required disclosures and consents for scanners of your QR codes.

5. Cookies

We use strictly necessary cookies for authentication and session state (e.g., next-auth session cookies, a CSRF token, and your theme preference). These are required for the Service to work and do not require consent under EU ePrivacy rules.

We do not use third-party analytics, advertising, or cross-site tracking cookies on the ScanForge site. If that changes, we will update this policy and present an in-product consent choice before loading any such cookies.

The redirect page that serves your QR codes may load Meta or Google pixels if you configured them on that QR — see Section 4.

6. Sub-Processors & Third Parties

We engage the following sub-processors to operate the Service. Each is bound by a data processing agreement that restricts their use of your data to providing services to us:

• Vercel — hosting, edge routing, server logs (United States).
• Neon — managed PostgreSQL database (United States).
• Stripe — payment processing, card storage, subscription management.
• Resend — transactional email delivery.
• Cloudflare — bot / CAPTCHA verification (Turnstile).
• Anthropic — large-language-model inference for AI briefings (data is sent per request and not used to train their models per their commercial terms).
• Replicate — image generation for branded QR styling (on request only).

We will update this list when we add or change sub-processors. If you require advance notice, contact privacy@scanforge.co.

7. Data Retention

We retain account information for as long as your account is active. Scan telemetry is retained for the life of the account unless you delete the QR code or request earlier deletion. Billing records are retained as required by applicable tax law (typically 7 years in the United States). On account deletion, we delete or anonymize account data within 30 days, except where retention is required by law.

8. Your Rights

Depending on where you live, you may have rights to access, correct, delete, port, restrict, or object to processing of your personal data. To exercise these rights, email privacy@scanforge.co. We will respond within thirty (30) days, with an extension of up to an additional sixty (60) days where permitted and necessary. We will not discriminate against you for exercising these rights.

California residents (CCPA / CPRA). You have the right to know, delete, correct, and limit the use of sensitive personal information, and the right to opt out of the sale or sharing of personal information. ScanForge does not sell or share personal information (including for cross-context behavioral advertising) as those terms are defined under California law. To submit a “Do Not Sell or Share” request or any other CCPA request, email privacy@scanforge.co. Verified requests will receive a response within 45 days (extendable by 45 days where necessary).

EEA / UK residents. In addition to the rights above, you have the right to lodge a complaint with your local data protection authority. For EEA users our lead point of contact is privacy@scanforge.co.

9. International Transfers

Our infrastructure is primarily located in the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S. Where required, we rely on Standard Contractual Clauses (SCCs) and equivalent transfer mechanisms with our sub-processors.

10. Security

We implement administrative, technical, and organizational measures designed to protect your data, including encryption in transit (TLS), encryption at rest, scoped database credentials, principle-of- least-privilege access, audit logging, and secret rotation. No system is completely secure; we cannot guarantee absolute security.

11. Marketing Email & CAN-SPAM

Transactional emails (account verification, billing receipts, scan alerts you have configured) are sent as part of the Service. Marketing and product-update emails are opt-in; every marketing email includes a one-click unsubscribe link, and we honor unsubscribes within ten (10) business days. Our physical mailing address is included in the footer of every marketing email, as required by the CAN-SPAM Act.

12. Contact

Privacy questions, access requests, and formal notices:

Email: privacy@scanforge.co

13. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated by email to account holders or by prominent notice within the Service at least seven (7) days before they take effect, unless a shorter timeline is required for legal or security reasons.