Privacy Policy

This Privacy Policy explains how Quikero collects, uses, stores, shares, and otherwise processes personal data when you use our website, applications, and related services.

Quikero is operated by Valor Cosmetic LTD, ul. Marko Balabanov 22A, Varna, Bulgaria. If you have privacy questions, you can contact us at [email protected].

This Privacy Policy applies to visitors to our website, account holders, trial users, paying customers, and individuals whose personal data is processed through Quikero.

If you use Quikero on behalf of a business or organization, some personal data in the service may be controlled by that business rather than directly by Quikero.

We may collect account and profile information such as name, email address, authentication identifiers, and account credentials or credential-related information handled through our authentication provider.

We may collect billing and transaction information, including subscription details, billing status, and payment-related records provided by our payment processor.

We may collect workforce and scheduling data uploaded or entered into Quikero, including employee names, contact details, working hours, schedules, time-off records, restrictions, preferences, and related operational data.

We may collect technical and usage data such as device information, browser type, IP address, logs, timestamps, diagnostics, and activity information about how the Service is used.

We may collect communications and support data when you contact us, submit requests, or correspond with us.

Quikero may use cookies and similar technologies for essential functionality, authentication, security, analytics, and marketing.

Some cookies are necessary to operate the Service. Others help us understand usage patterns, improve the Service, and communicate with users about Quikero.

Depending on applicable law and your location, we may request consent for certain non-essential cookies or similar technologies.

We use personal data to provide, operate, maintain, and improve Quikero.

We use data to create and manage accounts, authenticate users, process subscriptions, provide support, maintain security, and communicate with you.

We use workforce and scheduling data to provide scheduling, reports, exports, employee access features, and AI-assisted scheduling functionality.

We may use data to send transactional messages, service notices, account notices, and, where permitted, optional product updates or marketing communications.

Quikero includes AI-assisted or automated scheduling functionality designed to help create schedule recommendations.

These outputs are intended as operational recommendations and are reviewed and controlled by human users. Quikero does not make final employment or operational decisions on its own.

When an individual or business uses Quikero directly for its own account, Quikero may act as a controller for the personal data needed to operate the account, website, billing relationship, and service communications.

For employee and workforce data uploaded by a business customer into Quikero, the customer is generally the data controller and Quikero acts as a data processor or service provider on that customer's behalf.

If you are an employee or worker whose information was uploaded by your employer or another organization using Quikero, requests concerning that data may need to be directed to that organization first.

Where applicable under data protection law, we rely on legal bases including performance of a contract, compliance with legal obligations, legitimate interests, and consent where required.

Our legitimate interests may include operating the Service, securing the Service, improving product performance, preventing abuse, handling support requests, and understanding aggregate usage patterns.

We may share personal data with service providers that help us operate Quikero, such as authentication providers, cloud hosting providers, database providers, infrastructure providers, background job providers, and payment providers.

At the time of this Policy, those providers may include Clerk, MongoDB, Fly.io, Trigger.dev, and Dodo Payments.

We may also disclose information where required by law, legal process, regulatory request, to protect rights or safety, to investigate fraud or abuse, or in connection with a business transaction such as a merger, financing, or acquisition.

Your personal data may be processed in countries outside Bulgaria or the European Economic Area where our service providers or infrastructure operate.

When we transfer personal data internationally, we take appropriate steps to protect it, including contractual safeguards and other measures appropriate under applicable law.

We retain personal data for as long as needed to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and protect our business and users.

Account and workspace data are generally retained while an account remains active.

Following termination or account closure, we may delete customer data without undue delay, except where retention is required by law, legitimate recordkeeping needs, dispute handling, fraud prevention, security, or backup processes.

Backups may persist for up to 30 days before deletion in the normal course.

Security and operational logs may be retained for up to 90 days where reasonably necessary.

Support records may be retained for up to 24 months.

Billing, transaction, and tax-related records may be retained for longer where required by applicable law.

Subject to applicable law, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, and to request data portability.

You may also have the right to withdraw consent where processing is based on consent.

To exercise privacy rights, contact us at [email protected].

If you are an employee or worker whose data was submitted by a business customer, we may direct you to that customer where they act as the controller of the relevant data.

If you believe your personal data has been handled unlawfully, you may contact us first at [email protected].

You may also have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection or another competent supervisory authority.

Quikero is not intended for children, and we do not knowingly collect personal data from children.

If you believe a child has provided personal data to us, contact us and we will take appropriate steps to investigate and delete the information where required.

We use commercially reasonable technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, or alteration.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

We may send transactional messages related to accounts, subscriptions, billing, service updates, and operational notices.

We may also send optional product updates or marketing communications where permitted by law. You can opt out of marketing communications using the unsubscribe mechanism in the message or by contacting us.

Requests for access, export, correction, or deletion of personal data may be submitted by contacting support at [email protected].

At this time, such requests are handled through support rather than self-service tooling.

We may update this Privacy Policy from time to time.

If we make material changes, we may provide notice through the Service, by email, or by updating the date at the top of this page.

Your continued use of Quikero after an updated Privacy Policy takes effect means you acknowledge the updated Policy.

If you have questions or requests relating to privacy or data protection, contact us at [email protected].