Privacy Policy
Effective Date: March 1, 2026
Introduction
This Privacy Policy describes how BaseQR.ai, a product and subsidiary of BaseMonkeys LLC ("Company," "we," "us," or "our"), collects, uses, discloses, and retains information in connection with the BaseQR.ai platform, website, and related services (collectively, the "Services"). By using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, you must discontinue use of the Services immediately. This Privacy Policy applies to Company's own data practices. It does not apply to data collected by Client-operated QR code destinations, third-party websites, or any other services outside of Company's direct control.
Information We Collect
We collect information in the following categories: a. Account and Business Information Name, email address, company name, and contact details provided at registration Billing and payment information, processed exclusively by third-party payment providers (Company does not store full payment credentials) Account credentials and preferences b. QR Code and Campaign Data QR code configurations, destination URLs, and routing rules Campaign structure and metadata c. Usage and Analytics Data When QR codes are scanned or Services are used, we may automatically collect: Timestamp of scan or interaction Approximate location (city, region, country — not precise GPS) Device type, operating system, and browser Referrer or source data where technically available d. Technical Data IP address Log files and system activity Device identifiers and usage patterns e. Support and Communication Data Messages, support requests, and feedback submitted to us We may also derive aggregated, de-identified, or anonymized data from any of the above categories. Such data does not identify you individually and may be used by Company for any lawful purpose, including product analytics, benchmarking, and platform improvement, without restriction.
How We Use Information
We use collected information to: Provide, operate, maintain, and improve the Services Enable QR code routing and dynamic destination updates Generate analytics and reporting for Client accounts Process transactions and manage subscriptions Respond to support inquiries and communications Detect, investigate, and address security threats, fraud, and abuse Comply with applicable legal obligations Enforce our Terms of Use, MSA, AUP, and other agreements Protect the rights, safety, and property of Company, its clients, and the public Company may use anonymized or aggregated data derived from usage of the Services for internal analytics, product development, and benchmarking purposes without limitation.
Data Ownership and Client Responsibility
You retain ownership of your QR codes, content, destination URLs, and campaign data. You are solely responsible for ensuring your use of the Services complies with all applicable privacy laws, including providing any required notices to and obtaining any required consents from end users who interact with your QR codes. Company assumes no responsibility for Client's compliance obligations as a data controller.
Sharing of Information
We do not sell your personal information. We may share information in the following circumstances: a. Service Providers We share information with third-party vendors that support our operations, including cloud hosting providers, payment processors, analytics tools, and infrastructure services. These providers are authorized to use information only as necessary to provide services to us. b. Legal and Compliance We may disclose information without prior notice to you if required or permitted to do so in order to: Comply with applicable laws, regulations, legal process, or enforceable governmental requests Respond to lawful requests from law enforcement or regulatory authorities Protect the rights, safety, or property of Company, its clients, or others Detect, prevent, or address fraud, security, or technical issues You waive any claim against Company arising from disclosures made in good faith pursuant to legal process or law enforcement cooperation. c. Business Transfers In connection with a merger, acquisition, reorganization, asset sale, or similar transaction, your information may be transferred to the acquiring entity as a business asset without individual notice. Continued use of the Services following such a transfer constitutes acceptance of the successor entity's privacy practices. d. With Your Direction We may share information in other circumstances with your explicit direction or consent.
Data Retention
We retain information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Upon account termination: Account and campaign data will be deleted within seven (7) days of termination Company has no obligation to export or transfer data on your behalf prior to deletion Limited data (such as billing records, usage logs, security events, and legal correspondence) may be retained for up to twelve (12) months following termination for compliance, audit, fraud prevention, and legal purposes, unless a longer retention period is required by applicable law You are solely responsible for exporting your data before terminating your account. Company is not liable for data loss resulting from account termination or deletion pursuant to this policy.
Security
We implement commercially reasonable administrative, technical, and organizational measures to protect information against unauthorized access, loss, misuse, alteration, or destruction. However, no security system is impenetrable, and we cannot guarantee absolute security of your information or that of end users interacting with your QR codes. You are responsible for maintaining the security of your account credentials, API keys, and access controls. Company is not liable for unauthorized access resulting from your failure to maintain adequate account security.
Cookies and Tracking Technologies
We use cookies and similar technologies on our website and platform to: Maintain session functionality and authentication Analyze usage patterns and platform performance Support platform operations and reliability We use functional and analytics cookies. We do not use cookies for cross-site behavioral advertising. You can control or disable cookies through your browser settings; however, disabling certain cookies may impair functionality of the Services. QR code scanning activity may involve tracking technologies deployed by Client at their destination URLs. Company is not responsible for the cookie or tracking practices of Client-operated destinations.
Third-Party Destinations
QR codes created through the Services link to destinations operated by Clients or third parties. Company exercises no control over the privacy practices, content, or security of those destinations. This Privacy Policy does not apply to any third-party destination. Users who follow QR codes to external destinations do so at their own risk and are subject to those destinations' privacy policies.
International Use
The Services are operated in the United States. If you access the Services from outside the United States, you acknowledge and consent to the transfer, processing, and storage of your information in the United States and any other jurisdiction where Company or its service providers operate. You understand that these jurisdictions may have data protection laws that differ from those in your country. By using the Services, you assume all risk associated with such transfers. Company makes no representation that the Services are appropriate for use in all jurisdictions.
Your Rights
Depending on your jurisdiction, you may have certain rights with respect to your personal information, including rights of access, correction, deletion, or restriction under applicable law (such as CCPA for California residents). To submit a request, contact us through the available channels on the platform or website. We will respond within the timeframe required by applicable law (typically 45 days). We reserve the right to: Verify your identity before processing any request Deny requests that are unfounded, excessive, or not required under applicable law Charge a reasonable fee for repetitive or manifestly excessive requests Rights under this section apply only to the extent required by the law of your jurisdiction. Company makes no representation that these rights apply universally.
Children's Privacy
The Services are not directed to or intended for individuals under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete it promptly. If you believe a child has submitted information to us, contact us immediately.
Changes to This Policy
We may update this Privacy Policy at any time. For material changes, we will make reasonable efforts to notify registered account holders via email at least thirty (30) days before the change takes effect. For non-material changes, updates take effect upon posting. Continued use of the Services after any update constitutes your acceptance of the revised policy. It is your responsibility to review this policy periodically.
Contact
BaseQR.ai A subsidiary of BaseMonkeys LLC Raleigh, North Carolina