Privacy Policy
Last updated: 2 July 2026
1. Who we are
Qrisen is operated by Ingeniant ("we", "us"). We provide QR-code generation, hosted book landing pages and ONIX metadata services for publishers and authors. Contact: privacy@ingeniant.com.
2. Data we collect
Account data — name, email address and a password hash when you register. Content you provide — book metadata (titles, contributors, descriptions, classifications), uploaded files (PDF/EPUB/Word) used for metadata extraction, and images we host on your behalf. Billing data — handled by Stripe; we store your Stripe customer reference and subscription state, never your card details. Scan analytics — when a QR code we host is scanned we record the time, approximate location derived from network information (country/city), device and browser family, and referrer. This is aggregated for the code's owner. Contact messages — what you send through our contact form.
3. How we use it
To provide the service (generate codes, host pages, build ONIX records, show analytics); to process payments and prevent abuse; to respond to your messages; and to improve the product. Uploaded book content is processed by our AI provider solely to draft your metadata record for your review — we do not use your content to train models.
4. Where your data lives
Our infrastructure runs on Microsoft Azure in the UK South region (database, file storage, hosting). Sub-processors: Microsoft Azure (hosting/storage), Stripe (payments), Anthropic (AI metadata extraction), GitHub (source control). We will keep an up-to-date list on this page.
5. Retention
Account and book data are kept while your account exists. Hosted landing pages and QR redirects are intentionally permanent — printed codes must not break — but you can unpublish or delete a book at any time, which removes the hosted page. Scan analytics are retained according to your plan's retention window. Contact messages are kept for up to two years.
6. Your rights
Under UK/EU data-protection law you may request access, correction, export or deletion of your personal data, and object to or restrict processing. Email privacy@ingeniant.com — we respond within 30 days. You may also complain to the ICO (UK) or your local supervisory authority.
7. Cookies
We use only strictly necessary cookies: your sign-in session. We do not run advertising or cross-site tracking cookies, so there is no consent banner to click.
8. Security
Passwords are stored as strong one-way hashes and checked against known-breach lists at signup; data in transit is encrypted (TLS); secrets live in a managed vault; production data access is restricted. Report security concerns to security@ingeniant.com.
9. Changes
We will post any changes here and update the date below. Material changes will be announced by email to account holders.