Privacy Policy

1. Data We Collect

When you create an account, we collect your name, email address, company name, and password (stored as a salted hash). When you create batches, we store the product data you enter including lab analysis values, origin information, and uploaded photos.

When consumers scan your QR codes, we record the language selected, device type, and country (derived from request headers). We do not collect or store IP addresses, in compliance with GDPR requirements.

2. How We Use Your Data

Your account data is used to authenticate you and manage your subscription. Batch data is displayed on public product pages accessible via QR codes. Scan analytics are aggregated and shown on your dashboard.

We do not sell your data to third parties. We do not use your product data for advertising purposes.

3. Cookies

We use essential cookies only: an authentication token to keep you signed in, a refresh token for session continuity, and a language preference cookie. We do not use tracking cookies or third-party analytics.

4. Data Storage and Security

Your data is stored on servers within the European Union. Passwords are hashed using bcrypt. Authentication tokens are signed with JWT. All connections use HTTPS in production.

5. Your Rights

Under GDPR, you have the right to access, correct, or delete your personal data. You may export your batch data at any time. To exercise these rights or delete your account, contact us at the address below.

6. Contact

For privacy-related inquiries: support@oritrace.com