Privacy Policy

QR-V™ Global Verification Network
Effective Date: March 2026

1. Overview

QR-V™ (“QR-V”, “the Network”) operates as a registry-based verification infrastructure where QR-based identifiers resolve to structured records stored in a verification registry.

The system is designed to:

• minimize unnecessary data exposure
• separate identifiers from underlying data
• support controlled disclosure through verification responses

2. Scope

This policy applies to all QR-V domains and services, including:

• qrv.network
• verify.qrv.network
• issuer.qrv.network
• registry.qrv.network
• api.qrv.network

3. Data Categories

3.1 Identifier Data

• QR-V identifiers (QRVIDs)
• encoded QR references
• resolution paths

3.2 Registry Record Data

• record type (certificate, identity, product, document)
• issuer identity
• subject or owner name (if provided)
• metadata (description, status, timestamps)
• cryptographic hash values

3.3 Verification Data

• verification timestamps
• verification results (verified, revoked, expired, not found)
• response payloads

3.4 Technical Data

• IP address
• device/browser metadata
• API request logs

4. Use of Data

Data is processed strictly to:

• resolve QR-V identifiers
• retrieve registry records
• validate authenticity and integrity
• return verification results
• maintain audit logs

QR-V does not use registry data for advertising or resale.

5. Registry-Based Model

QR-V uses a registry-anchored architecture:

• QR codes contain identifiers, not full data
• records are stored in a centralized registry
• verification responses are derived from authoritative records

6. Privacy Modes

Public Verification

Full record details are returned.

Restricted Verification

Limited data is returned.

Private Verification

Only verification status is returned (e.g., “Verified”).

7. Data Storage & Security

QR-V implements:

• cryptographic hash validation
• secure API communication (TLS)
• issuer-controlled record access
• audit logging

Registry infrastructure is designed as the authoritative verification datastore.

8. Data Integrity

All records are linked to cryptographic hashes to ensure:

• tamper detection
• record integrity validation
• consistent verification results

9. Data Sharing

QR-V does not sell or trade personal data.

Data may only be disclosed:

• as part of verification responses
• under issuer-defined conditions
• to comply with legal obligations

10. Issuer Responsibility

Issuers are responsible for:

• accuracy of submitted data
• lawful handling of personal data
• selecting appropriate privacy modes

QR-V acts as infrastructure, not the originator of record content.

11. Data Retention

• active records are stored in the registry
• revoked records remain for audit purposes
• logs may be retained for security and compliance

12. Cookies & Tracking

QR-V may use minimal cookies for:

• session handling
• performance optimization

No advertising or behavioral tracking is performed.

13. API & Developer Use

Developers must:

• comply with this policy
• use APIs only for intended verification purposes
• avoid unauthorized data aggregation

14. Security Limitations

No system is immune to risk. Users and issuers should:

• protect credentials
• verify sources
• follow best practices

15. Policy Updates

This policy may be updated to reflect:

• protocol changes
• infrastructure updates
• legal requirements

16. Contact

Privacy inquiries:
support@qrv.network
legal@qrv.network

17. Legal Position

QR-V operates as:

• a verification infrastructure platform
• a registry-based resolution system
• a protocol-driven network

QR-V does not guarantee:

• legal validity of issuer content
• accuracy of external data sources

18. Final Statement

QR-V is designed to balance:

• Verifiability (authenticity, integrity)
• Control (issuer-managed data)
• Privacy (selective disclosure)

• Registry-based verification
• Deterministic resolution
• Issuer-controlled data
• Audit traceability
• Privacy-aware disclosure