Effective Date: November 18, 2025
Last Updated: May 26, 2026
This Privacy Policy explains how ProofLookup collects, uses, stores, shares, and protects information when you use our verification, certificate lookup, QR code, product proof, and related services.
1. Information We Collect
We may collect information you provide directly, information generated by your use of the Service, and information received from third parties.
This may include:
– account name, display name, email address, password credentials, account settings, support messages, and verification information;
– certificate records, proof records, product records, verification codes, QR code data, issuer details, recipient details, dates, custom fields, status values, uploaded files, images, documents, notes, and metadata;
– lookup queries, searched codes, viewed records, timestamps, IP addresses, user agents, referrers, approximate location derived from IP address, browser type, device type, operating system, language settings, and click or scan events;
– abuse reports, security alerts, scan results, enforcement history, risk indicators, blocklist matches, screenshots, and technical evidence.
2. Sensitive Information
ProofLookup is not designed to store unnecessary sensitive personal information. You should not upload or publish sensitive information unless you have a lawful basis and a legitimate verification need.
Sensitive information may include government ID numbers, medical data, financial data, precise addresses, children’s data, biometric data, criminal records, or confidential business information. If you submit sensitive data, you are responsible for obtaining consent, providing notices, limiting access, and complying with applicable laws.
3. How We Use Information
We may use information to provide, operate, maintain, and improve the Service; create and manage accounts; generate and display verification records and lookup results; provide QR codes, certificate pages, product proof pages, and public lookup pages; provide analytics and administrative records; prevent fraud, abuse, phishing, malware, forged certificates, fake credentials, hidden links, public safety risks, and other prohibited activity; review, suspend, disable, delete, or block records and accounts; respond to support requests and abuse reports; enforce our Terms and policies; comply with legal obligations and lawful requests; and protect users, third parties, the Service, and the public.
4. Legal Bases for Processing
Where applicable, we process information based on one or more legal bases, including performance of a contract, consent, legitimate interests, legal obligations, protection of vital interests, public safety, fraud prevention, and security.
5. How We Share Information
We do not sell personal information for money in the ordinary sense. We may share information with hosting providers, CDN providers, database providers, email providers, analytics providers, security vendors, payment processors, support tools, administrators or issuers associated with a record or account, users who view public verification pages, relevant providers and safety organizations for abuse prevention, and parties involved in a merger, acquisition, financing, sale of assets, restructuring, or similar business transfer.
6. Public Records and Lookup Pages
Some verification records may be public or accessible to anyone with a code, QR code, direct link, or search query. If you publish a public record, information in that record may be viewed, copied, indexed, saved, shared, or archived by others. You should not place private or sensitive information in public fields unless you understand the risk and have legal authority to do so.
7. Cookies and Similar Technologies
We may use cookies, local storage, pixels, tags, scripts, and similar technologies to keep users logged in, remember preferences, protect accounts, prevent abuse, measure traffic, and improve the Service. More details are provided in our Cookie Policy.
8. Data Retention
We retain information for as long as reasonably necessary to provide the Service, maintain records, support verification, prevent abuse, resolve disputes, comply with law, preserve evidence, and enforce policies.
Account information may be retained while the account is active and for a reasonable period afterward. Verification records may remain available until deleted, expired, archived, or disabled. Abuse and enforcement records may be retained longer where needed for fraud prevention, legal compliance, public safety, or repeat abuse prevention.
9. Your Choices and Rights
Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, request portability, withdraw consent, or opt out of certain data uses. To submit a request, contact [email protected]. We may verify your identity before responding.
We may decline or limit requests where retention is necessary for security, fraud prevention, legal compliance, record integrity, dispute resolution, public safety, or enforcement of our policies.
10. California Privacy Notice
If you are a California resident, applicable California privacy laws may provide rights to know, delete, correct, opt out of sale or sharing, limit use of sensitive personal information, and avoid discrimination for exercising privacy rights.
We may collect identifiers, internet or electronic network activity, approximate geolocation, user-provided content, commercial information if payments are used, and inferences related to security or abuse prevention.
11. International Users
ProofLookup may be operated from or hosted in the United States or other countries. If you use the Service from outside the United States, your information may be transferred to, stored in, or processed in countries with different data protection laws.
12. Children’s Privacy
The Service is not intended for children under 18. We do not knowingly collect personal information from children under 18. If you believe a child has provided personal information to us, contact us and we may delete the information and terminate the account.
13. Security
We use reasonable technical, administrative, and organizational measures to protect information. However, no online service is completely secure. You are responsible for protecting account credentials and limiting what you publish in public verification records.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The revised version will be posted on the Service with an updated date. Continued use means you accept the revised policy.
Questions about this page may be sent to [email protected].