QR STUDIO PRIVACY POLICY

Last Updated: December 1, 2025

This Privacy Policy explains how QR Studio LLC ("QR Studio," "we," "us," or "our") collects, uses, discloses, and protects information when you access or use our digital products and services including websites, virtual reality (VR) and augmented reality (AR) applications, mobile applications, software solutions, analytics platforms, and learning management systems (collectively, the "Services").

By using our Services, you agree to this Privacy Policy.

1. SCOPE

This Privacy Policy applies to information we process in connection with the Services. It does not cover third-party websites, products, or services that may be linked from the Services.

2. INFORMATION WE COLLECT

We collect information in three main ways: (a) information you provide, (b) information collected automatically when you use the Services, and (c) information provided by Institutions or integrated systems.

2.1 INFORMATION YOU PROVIDE

· Account and profile information, such as name, email address, username, role (e.g., student, instructor, administrator), and password or authentication token.

· Support and communications, such as requests submitted to our support channels, emails, and feedback.

· Institutional or course information you submit, such as class identifiers or cohort labels, where enabled by the Institution.

· User-generated content you upload or submit to the Services, if applicable (e.g., documents, notes, or comments).

2.2 INFORMATION COLLECTED AUTOMATICALLY

· Device and technical data, such as device type/model (including compatible VR headsets), operating system, browser type, language settings, and approximate location derived from IP address.

· Usage and log data, such as access times, pages viewed, actions taken within the Services, error logs, and performance diagnostics.

· Session identifiers and similar technologies (e.g., cookies or local storage) used to maintain sessions, security, and preferences.

2.3 LEARNING AND PERFORMANCE DATA

When the Services are used for training or education, we may process learning and performance data ("Training Data") generated by users while interacting with connected XR/VR/Mobile or Desktop applications and the platform.

· Progress and completion status (e.g., module completion, timestamps, attempt counts).

· Performance metrics (e.g., scores, rubrics, pass/fail indicators, and instructor-defined evaluation data).

· Interaction events (e.g., key steps completed, confirmations, and other in-simulation events recorded for assessment).

Training Data is typically owned or controlled by the Institution, and QR Studio processes it to provide analytics, reporting, troubleshooting, and service improvements as permitted by contract and applicable law.

3. HOW WE USE INFORMATION

We use information for the following purposes:

· Provide, operate, maintain, and secure the Services, including authentication and access control to connected applications.

· Generate analytics and reports for Institutions and authorized administrators.

· Provide customer support, respond to requests, and communicate about service issues or updates.

· Improve the Services, including diagnosing bugs, optimizing performance, and developing new features.

· Comply with legal obligations and enforce our agreements.

4. LEGAL BASES FOR PROCESSING (WHERE APPLICABLE)

If you are located in a jurisdiction that requires a legal basis (e.g., the EU/EEA), QR Studio processes personal data under one or more of the following bases:

· Performance of a contract (providing the Services under an agreement with an Institution or enterprise customer).

· Legitimate interests (operating and securing the Services, preventing fraud, and improving product reliability), balanced against your rights.

· Compliance with legal obligations.

· Consent, where required (for example, certain optional cookies or features).

5. HOW WE SHARE INFORMATION

We may share information in the following circumstances:

5.1 WITH INSTITUTIONS AND AUTHORIZED USERS

Institutions and their authorized instructors/administrators may access Training Data, user rosters, and reports for their authorized users, consistent with their internal policies and applicable law (including FERPA where applicable).

5.2 WITH SERVICE PROVIDERS

We use vetted service providers to help operate the Services (for example, cloud hosting, backups, monitoring, analytics, and customer support tools). These providers are permitted to process information only to perform services for us and must protect it under contractual obligations.

· Cloud infrastructure and hosting providers (e.g., Microsoft Azure).

· Security monitoring, logging, and incident response tooling.

· Customer support and ticketing systems.

5.3 FOR LEGAL, SAFETY, AND COMPLIANCE

We may disclose information if we believe it is reasonably necessary to (a) comply with applicable law or legal process, (b) protect the security, rights, or property of QR Studio, our users, or others, or (c) investigate fraud or security issues.

5.4 BUSINESS TRANSFERS

If QR Studio is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction, subject to appropriate confidentiality protections.

6. DATA RETENTION

We retain personal data only for as long as necessary to provide the Services, meet contractual commitments to Institutions, comply with legal obligations, resolve disputes, and enforce our agreements.

Institutions may request deletion or return of institutional data according to the applicable contract, Data Processing Agreement (if any), and our operational capabilities. Backups may persist for a limited period consistent with our backup and disaster recovery practices.

7. SECURITY

We maintain administrative, technical, and physical safeguards designed to protect information against unauthorized access, loss, misuse, or alteration. Security measures may include access controls, encryption in transit, and monitoring. No method of transmission or storage is 100% secure; therefore, we cannot guarantee absolute security.

8. EDUCATION AND CHILDREN’S PRIVACY

8.1 FERPA (UNITED STATES)

For Institutions subject to the Family Educational Rights and Privacy Act (FERPA), certain Training Data may constitute “education records.” In those cases, QR Studio acts as a “school official” with a “legitimate educational interest” and uses such data only as directed by the Institution and in accordance with applicable agreements and FERPA requirements.

8.2 COPPA (UNITED STATES)

The Services are not intended for use by children under 13 outside of Institution-managed accounts. We do not knowingly collect personal information directly from children under 13. If access is provided to children under 13 through an Institution, the Institution is responsible for obtaining any required parental or guardian consent in accordance with the Children’s Online Privacy Protection Act (COPPA).

8.3 MINORS UNDER 18

Where minors under 18 are permitted to use the Services, access must be provisioned and managed by the Institution, which is responsible for obtaining any required consents under applicable law.

9. INTERNATIONAL DATA TRANSFERS

QR Studio is based in the United States, and information may be processed in the United States or other locations where our service providers operate. Where required by law, we use appropriate transfer safeguards (such as standard contractual clauses) for cross-border data transfers.

10. YOUR RIGHTS AND CHOICES

Depending on your location and relationship to an Institution, you may have rights to access, correct, delete, or restrict the processing of your personal data, and to object to certain processing. You may also have the right to data portability and to withdraw consent where processing is based on consent.

If your account is managed by an Institution, please direct privacy requests to your Institution in the first instance. We will support the Institution in responding to requests as required by contract and applicable law.

10.1 COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies to maintain sessions, support authentication, remember preferences, and help secure the Services. You may be able to control cookies through your browser settings; however, disabling cookies may affect functionality.

11. DE-IDENTIFIED AND AGGREGATED DATA

We may create de-identified or aggregated data from information we process. We may use and disclose such data for product improvement, analytics, research, and benchmarking, provided it cannot reasonably be used to identify an individual.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice through the Services or other reasonable means. The “Last Updated” date at the top indicates when this Privacy Policy was most recently revised.

13. CONTACT US

If you have questions about this Privacy Policy or our privacy practices, please contact:

QR Studio LLC
30 North Gould Street, Ste N

Sheridan, WY 82801
United States
Email: br@qrstudioai.com
Website: qrstudioai.com