Privacy Policy – QrAuth Service

Effective date: 01/01/2025
Service provider: Aram S.r.l. – https://aramx.com

This privacy policy describes how Aram S.r.l. collects and processes information through the QrAuth authentication service when used via the official WordPress plugin.

Data Collected

The QrAuth service processes the following information:

  • The numeric user ID from the WordPress wp_users table (e.g. 1, 2, 3…)
  • A unique site code assigned to your WordPress installation
  • The DNS name of the website using the plugin
  • An encrypted login package sent by the app

No other personal data is transmitted or stored.

Data Collected During Site Registration (not used by Plugin)

To register your site and issue a unique authentication code, we collect the following information:

  • Email address of the site administrator
  • Website domain name (DNS)
  • Name of the organization or entity (if provided)
  • Optional technical contact information

These details are collected solely for the purpose of verifying and enabling your use of the QrAuth authentication service, and are not shared with third parties.

Purpose of the Data

The collected data is used exclusively to:

  • Associate a login request with a WordPress user
  • Verify the origin of the request (site identification)
  • Process authentication using the encrypted package

Data Retention

No personal data is permanently stored.
All information is processed in real time for authentication purposes and discarded immediately after the operation.

Information provided during site registration is stored only for the duration of your active use of the plugin and can be removed upon request by contacting privacy@aramx.com.

If an invoice is requested, we may retain billing and company-related data in compliance with applicable accounting and tax regulations.

Security

All communications between:

  • The WordPress plugin and the QrAuth service
  • The QrAuth app and the service backend
    are encrypted using HTTPS and include validation mechanisms such as tokens and site codes to prevent unauthorized access or replay attacks.

We follow industry best practices to secure the data in transit and avoid storing unnecessary personal information.

Data Sharing

No data is shared with third parties or external services.
Aram S.r.l. does not use the data for profiling, statistics, or marketing.

Cookies and Tracking

The QrAuth service does not use cookies, trackers, analytics tools, or any form of persistent identifiers.

Your Rights

If you have questions or concerns regarding your data or this privacy policy, you may contact us at:

Aram S.r.l.
Via Derganino 24
20158 Milano Italy
Email: qrauth@aramx.com
Website: https://aramx.com

Changes to this Privacy Policy

We may update this Privacy Policy in the future.
In that case, a notice will be posted on this website