Privacy Policy
Effective date: 2026-03-01
1. Purpose of Processing Personal Information
Roviq (hereinafter "the Service") processes the minimum necessary personal information for the following purposes. Collected personal information will not be used for purposes other than stated.
- Registration & management: Identity verification, account provision, prevention of unauthorized use, dispute resolution, and complaint handling
- Service provision: Dynamic QR creation & management, redirect URL storage & modification, scan count tracking, payment & subscription processing (for paid services)
- Service improvement & security: Error analysis, usage statistics, security, and fraud prevention
- Customer support: Inquiry & complaint processing, and delivering notices
2. Personal Information Collected and Retention Period
| Collected Items | Purpose | Retention Period |
|---|---|---|
| Email address | User identification, login, notice & inquiry response | Until account deletion (or as required by applicable law) |
| Password (encrypted) | Login authentication | Until account deletion |
| Service usage records (QR data, target URLs, etc.) | Service provision, scan tracking | Until account deletion or QR deletion |
| Access logs (IP address, access time, etc.) | Security, fraud prevention, statistics | Up to 1 year (may be shortened per internal policy) |
| Payment information (for paid services) | Payment, refund, and subscription management | Retained as required by consumer protection laws (up to 5 years, etc.) |
When a QR code is scanned, only a redirect is performed. No personal information of the scanner is collected. (Statistical information such as country and device may be collected as an optional feature, with separate notice provided.)
3. Cookies and Similar Technologies
The Service uses cookies for login persistence, language settings, etc. You may reject cookies through your browser settings, but some features may be limited.
4. Third-Party Provision and Processing Delegation
The Service does not provide personal information to third parties without user consent in principle. Exceptions include:
- When the user has given prior consent
- When required by law
- When delegating within the scope necessary for service provision (see processors below)
Data Processing Delegation
- Supabase: User authentication, database storage (email, service data, etc.) — data storage region is subject to the Service terms and Supabase policies.
5. User Rights
Users may exercise the following rights as data subjects:
- Request to access personal information
- Request correction or deletion in case of errors
- Request to suspend processing (exceptions apply where legally required)
These rights may be exercised through Service settings (account & data management) or by contacting support@roviq.app. Upon account deletion, personal information processed based on consent will be promptly destroyed, and information required to be retained by law will be stored only for the designated period before destruction.
6. Security Measures
The Service takes technical and administrative measures to prevent leakage, alteration, and damage of personal information, including password encryption, access control, transmission encryption (HTTPS), and security updates.
7. Children Under 14
The Service does not knowingly collect personal information from children under 14. If it is confirmed that a child under 14 has registered, the account and personal information may be deleted.
8. Changes to This Policy
This privacy policy may be changed in accordance with laws and service policies. Changes will be announced within the Service at least 7 days before the effective date. Significant changes will be announced 30 days in advance or notified via email.
9. Contact
For inquiries regarding personal information processing, access, correction, deletion, or suspension requests: support@roviq.app