This Privacy Policy explains how Qorvex(“Qorvex”, “we”, “us”) collects, uses, and protects your information when you visit our website, create an account, or generate apps using our AI engine.
We aim to collect only what we need to deliver and improve the Service. We never sell your data, and we never use the contents of your prompts or generated code to train third-party AI models on your behalf.
01Information we collect
Account information. When you sign up, we collect your email address, full name (if provided), authentication identifiers, and — for paid plans — payment details (crypto transactions via NOWPayments, or the bank-transfer screenshot you upload for manual card verification).
Content you submit. The prompts, project names, descriptions, colours, templates, and features you configure, along with any chat messages you send to the AI editor.
Generated output. The React Native / Expo source files, version history, and project metadata produced by the Service.
Usage data. Pages visited, device and browser information, IP address (hashed for abuse detection), AI credit consumption, and error logs.
Integration data. If you connect GitHub, we store the OAuth token and the repositories you authorise us to publish to.
02How we use your information
- To operate the Service: authenticate you, generate code, store and version your projects.
- To enforce fair usage and detect abuse (e.g., duplicate accounts, runaway credit consumption).
- To process payments, manage subscriptions, and send transactional emails (receipts, password resets).
- To improve product quality and reliability — error monitoring, feature analytics, performance.
- To send occasional product updates and tips. You can opt out at any time.
- To comply with legal obligations and respond to lawful requests.
03Third-party processors
We share data with carefully selected providers strictly to operate the Service. Each is bound by data-processing agreements.
- Supabase — authentication and primary database for accounts, projects, and credits.
- NOWPayments — crypto payment processing for subscriptions.
- Vercel — application hosting, edge functions, and CDN delivery.
- AI infrastructure providers — to perform code generation. Prompts are processed in transit and not used to train third-party foundation models on your behalf.
- GitHub — only when you explicitly connect a repository for export.
04Cookies & local storage
We use a minimal set of cookies and browser storage entries required for authentication, session management, and remembering your preferences (such as theme or selected language). We do not use cross-site advertising cookies. You can clear cookies at any time through your browser settings; doing so will log you out.
05Data retention
We retain your account data for as long as your account is active. When you delete your account, we delete or anonymise your personal data within 30 days, except where retention is required by law (e.g., for invoicing) or for legitimate security purposes (e.g., abuse logs).
Project files and chat history can be deleted at any time from the project view.
06Your rights
Depending on your jurisdiction (GDPR, UK GDPR, CCPA, etc.), you have rights to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Request deletion of your account and associated data.
- Export your data in a portable format.
- Object to or restrict certain processing activities.
- Withdraw consent for optional processing at any time.
To exercise these rights, email privacy@qorvex.mov. We will respond within 30 days.
07Security
We apply industry-standard safeguards: encryption in transit (TLS), encryption at rest for sensitive fields, scoped access controls, audit logging, and regular dependency updates. No system is perfectly secure — if you discover a vulnerability, please report it responsibly to security@qorvex.mov.
08International transfers
Qorvex's infrastructure may process data in regions outside your own (typically the EU and the United States). Where required, we rely on Standard Contractual Clauses or equivalent safeguards to protect data during international transfers.
09Children
Qorvex is not directed at children under 16. We do not knowingly collect personal data from anyone in this age group. If you believe a child has provided us with personal data, contact us and we will delete it.
10Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be announced through the dashboard or by email before they take effect. The “Last updated” date at the top reflects the most recent revision.
11Contact
Privacy questions or requests can be sent to privacy@qorvex.mov. For general legal enquiries, use legal@qorvex.mov.