Privacy Policy

Scanning and QR generation run mainly on your device. Account, VIP, and sign-in data go to Auufree servers. After scans, decoded text may upload to our API when online.

We do not sell personal information or use your data for third-party ads. No precise location permission on Android.

Account (optional): email, nickname, Google sign-in IDs — for login, profile, web QR sign-in.

Purchases (optional): subscription status from Google Play / Apple, not full card numbers.

Scan content: decoded QR/barcode text, format, timestamp — saved locally; may upload via API when online.

Generate/batch/composite: processed on device, not uploaded for core export.

Support: email/feedback text, device info; guest feedback may log IP on server.

Diagnostics: app/OS version, error logs.

Website only: Firebase Analytics page views on qr.auufree.com (not in mobile app binary).

Camera decoding and QR rendering happen on your device. Local history uses on-device storage (Room on Android).

When you scan, the app may asynchronously POST decoded content to workday.auufree.com (resource/scan), typically when signed in. Raw camera video is not uploaded.

VIP uses Google Play Billing (Android) or Apple IAP (iOS). Google Sign-In uses Google authentication services.

Precise GPS/location (no location permission on Android). Contacts, SMS, call logs, microphone. Health data, bank card numbers, government IDs. Cross-app ad IDs for targeting in the mobile app. Sale of personal information under California law.

Camera — scan QR/barcodes (required for scanning).

Photos/media — import images to scan; save QR to gallery.

Internet — sign-in, VIP, scan sync, APIs.

Vibration — optional haptic feedback in Settings.

iOS Face ID — optionally lock local history.

Revoke anytime in system Settings. Android may show privacy consent (agree / browse-only) on first launch.

Google Play Billing, Apple In-App Purchase, Google Sign-In, Firebase (Google Sign-In config; Analytics on website only), Auufree API (account, billing status, scan sync, web auth, feedback).

See Google and Apple privacy policies for their processing.

Local data: until you delete history or uninstall.

Account: soft-deleted after Profile → Settings → Account, web avatar menu → Delete account, or email help@auufree.com (7 business days for email).

Cancel store subscriptions separately. Details: /delete-account

Access, correct, delete, or object — help@auufree.com.

EEA/UK: contract, legitimate interests, consent, legal obligation.

California: no sale of personal information. Japan: APPI disclosure requests.

Not directed to children under 13.

List this URL in Play Console Privacy policy and Data safety; declarations should match the categories above (account, purchases, app activity/scan text if uploaded, photos processed on device, diagnostics).

We may update this policy; material changes notified in-app when appropriate.

Android com.auufree.auscan · iOS MaskQR · help@auufree.com