Privacy Policy

1. Information We Collect

We collect information you provide directly to us when you create an account, set up feedback forms, or contact us for support.

• Account information — your name, email address, and password when you register
• Business information — your business name, location, type, and Google Review URL
• Profile photo — if you choose to upload one
• Payment information — processed securely by Stripe; we never store card details
• Customer feedback data — responses submitted by your customers via your QR code forms
• Usage data — how you interact with the dashboard (page views, feature usage)

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve the QRFeedback.ai platform.

• To create and manage your account
• To process payments and manage your subscription
• To deliver customer feedback responses to your dashboard
• To send AI-generated complaint summaries and alerts (if enabled)
• To send product updates, invoices, and support communications
• To analyse platform usage and improve our features

3. Customer Feedback Data

When your customers scan your QR code and submit feedback, that data belongs to you. We store it securely in your account and never share it with third parties, use it for advertising, or sell it.

Customer feedback is only accessible to you (the account owner) and is protected by row-level security in our database — meaning no other QRFeedback.ai user can access your customers' responses.

4. AI Processing

On Pro and Business plans, negative feedback responses (1–3 stars) are sent to OpenAI's API for classification, sentiment analysis, and suggested response generation. This processing happens automatically within seconds of submission.

Data sent to OpenAI includes the customer's survey answers only — no personally identifiable information about the customer is included. OpenAI's data handling is governed by their own privacy policy.

5. Data Sharing

We do not sell your data. We share information only with the following trusted service providers who help us operate the platform:

• Supabase — database and authentication (data stored in EU/US regions)
• Stripe — payment processing
• OpenAI — AI complaint analysis (Pro and Business plans only)
• Resend — transactional email delivery
• Vercel — hosting and infrastructure

We may also disclose information if required by law or to protect the rights and safety of Startekk LLC and its users.

6. Data Retention

We retain your account data for as long as your account is active. If you cancel your subscription, your account downgrades to the free plan and your data is retained. If you request account deletion, we will delete your data within 30 days, except where we are required to retain it for legal or financial compliance purposes.

7. Security

We take data security seriously. All data is transmitted over HTTPS, stored in encrypted databases, and protected by row-level security policies. Passwords are hashed and never stored in plain text. We use Supabase's built-in authentication which follows industry-standard security practices.

8. Cookies

We use essential cookies to keep you logged in and maintain your session. We do not use advertising or tracking cookies. No third-party analytics tools are embedded in the platform that would track you across other websites.

9. Your Rights

Depending on your location, you may have rights regarding your personal data, including the right to access, correct, or delete it. To exercise any of these rights, contact us at the email below.

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Startekk LLC
Email: privacy@qrfeedback.ai
Website: qrfeedback.ai