Privacy Policy

Last updated: October 28, 2025

Introduction

Welcome to wrm.so. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our QR code and URL shortening service designed for libraries and bookstores.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Organization name (library or bookstore)
  • Password (encrypted)
  • Billing information (processed securely by Stripe)

Usage Data

When visitors use your short links or scan your QR codes, we collect:

  • IP addresses (anonymized after 30 days)
  • Browser type and version
  • Device type (mobile, tablet, desktop)
  • Operating system
  • Referring website
  • Geographic location (country and city)
  • Time and date of visit

Cookies

We use essential cookies to maintain your session and preferences. We do not use tracking cookies or third-party analytics beyond what's necessary for service functionality.

How We Use Your Information

We use your information to:

  • Provide and maintain our service
  • Generate analytics for your short links and QR codes
  • Process payments and manage subscriptions
  • Send service updates and important notifications
  • Respond to support requests
  • Improve our service and develop new features
  • Prevent fraud and abuse

Data Sharing and Disclosure

We do not sell your personal data. We only share data with:

  • Service providers: Vercel (hosting), Supabase (database), Stripe (payments)
  • Legal requirements: When required by law or to protect our rights
  • Business transfers: In the event of a merger or acquisition (you will be notified)

Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest for sensitive data
  • Regular security audits
  • Access controls and authentication
  • Automatic backups

Data Retention

We retain your data as follows:

  • Account data: Until you delete your account
  • Visit analytics: For 2 years
  • IP addresses: Anonymized after 30 days
  • Financial records: For 7 years (legal requirement)

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Opt out of marketing communications
  • Object to processing of your data

To exercise these rights, contact us at privacy@wrm.so

Children's Privacy

Our service is designed for organizations (libraries and bookstores), not individuals under 18. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or through our service. Continued use after changes constitutes acceptance.

Contact Us

If you have questions about this privacy policy or our data practices: