Terms & Conditions

Effective & last updated: May 2026

These Terms & Conditions ("Terms") govern your use of the Visitor Desk platform — including the web admin panel, the Android app, and any related services (the "Service"), operated by Black & White Studio ("we", "us", "our"). By creating an account, signing in, or using the Service in any way, you agree to be bound by these Terms.

        Heads-up. Visitor Desk is offered in two configurations:
        Standalone (Android app only, no business attached — your data lives only on the device) and
        Attached (an approved business code, with cloud sync and web-admin oversight).
        Different parts of these Terms apply to each — please read carefully.
    

What's in these Terms

Acceptance
Description of service
Accounts & eligibility
Subscription, trial & billing
Acceptable use
Your data & responsibilities
Cloud sync & business attachment
QR visitor cards
ONLINE / OFFLINE mode & remote config
Standalone use & offline risks
Availability, updates & force updates
Intellectual property
Disclaimer of warranties
Limitation of liability
Indemnification
Suspension & termination
Changes & contact

1. Acceptance of Terms

If you do not agree with any part of these Terms, do not use the Service. Continued use of the web admin or the Android app constitutes acceptance of these Terms and any future revisions. Where you use the Service on behalf of an organisation, you confirm you have authority to bind that organisation to these Terms.

2. Description of service

Visitor Desk is a visitor-management platform consisting of:

A web admin where managers create businesses, destinations, QR visitor cards, approve app users, and view live activity.
An offline-first Android app for front-desk staff to log entries / exits, scan QR codes, manage destinations and incidents, and (optionally) sync to a business backend.

3. Accounts & eligibility

To use the web admin, you must sign up with a valid name, email, phone, company, and address, and create a password.
To use the Android app, you must sign in with a valid Google account.
You are responsible for keeping your password, refresh tokens, device, and business code secure.
You must provide accurate profile information and update it when it changes.
You must be at least the age of majority in your jurisdiction to create an account.
You agree to a minimum supported app version. A force update may be required to keep using the app.

4. Subscription, trial & billing

Each new web-admin account starts with a default business limit of 1 and a 30-day subscription (the trial period). The trial gives access to paid features for 1 business.
Paid plans unlock additional businesses, higher limits, and premium features. The plan you select governs your maximum number of businesses and app users.
Subscriptions auto-renew unless cancelled before the renewal date displayed on your dashboard. Renewal fees are non-refundable except where required by law.
Attempts to exceed your plan's business limit will be blocked with a clear message — you may upgrade to continue.
If your subscription lapses, cloud sync and admin features may be suspended. Local data on the Android app remains accessible.
We may change pricing on future renewal periods with reasonable notice; you may decline renewal by cancelling.

5. Acceptable use

You agree to use Visitor Desk only for lawful purposes. You must not:

Enter false, misleading, or unlawful visitor information.
Use the Service to harass, profile, or discriminate against individuals.
Collect or process personal data without a lawful basis or required consent.
Share or reuse a business code for users who have not been properly approved.
Attempt to bypass authentication, approval gating, validity windows, entry limits, or other security measures.
Reverse engineer, decompile, or tamper with the Service.
Use the Service in violation of applicable privacy or data-protection laws.
Attempt to interfere with the Service's availability or other users' access.

6. Your data & responsibilities

You are responsible for the visitor and personal data you collect, store, and process using the Service. By using Visitor Desk you confirm that:

You have the right to collect and process the visitor data you enter.
You provide visitors with appropriate notice where required (e.g. a sign at the front desk).
You will respect lawful access, correction, deletion, and objection requests from visitors.
If you run multiple businesses, you ensure each business's data is treated separately and lawfully.
Incident notes and security remarks are accurate, relevant, and proportionate.

7. Cloud sync & business attachment

Cloud sync requires the Android user to submit a valid business code and be approved by the manager. Pending or rejected users cannot upload data.
You are responsible for protecting your business code. Anyone with it can request access — but they cannot sync until you approve.
You may revoke an app user's access at any time by detaching them from the business; sync stops immediately.
Each sync batch is identified by a unique batch ID and validated server-side. Partial failures are reported back to the device.

8. QR visitor cards

You may issue QR visitor cards from the web admin to regular visitors (tenants, contractors, employees, etc.).
You are responsible for obtaining any consent needed for the personal data displayed on the card.
You must accurately set validity windows, entry limits, and the list of business areas a card is authorised for.
Cards may be revoked or re-activated by you at any time; revocation takes effect immediately at the next scan.
You acknowledge that the Service relies on QR codes for scan-time identification; if a QR is shared with an unauthorised person, the holder is responsible for any resulting misuse until the card is revoked.

9. ONLINE / OFFLINE mode & remote configuration

Managers may set each app user to ONLINE (real-time API) or OFFLINE (local-first, manual sync) at any time. The app respects this setting automatically.
We may remotely toggle sync availability, base URLs, force-update flags, and warning messages via Firebase Remote Config to keep the Service stable and secure.
Mode changes are not retroactive — data already on the device in OFFLINE mode is preserved until the next sync.

10. Standalone use & offline-only risks

You may use the Android app without attaching it to a business. In this standalone mode, all data is stored only on the device. You acknowledge and accept the following risks (covered in detail at our offline-only risk guide):

If the device is lost, stolen, damaged, or factory-reset, the data is lost unless you have a recent backup.
Other staff cannot see entries logged on your device.
Managers cannot oversee or audit the data centrally.
QR visitor card scanning is unavailable in standalone mode.

We strongly recommend using Google Drive backup in standalone mode, or attaching to a business to enable centralised cloud sync.

11. Availability, updates & force updates

We may modify, suspend, or discontinue any feature of the Service at any time, including remotely controlled features such as sync.
We may issue updates, including mandatory updates required to continue using the app (e.g. for security, schema migration, or compatibility).
Scheduled maintenance and unexpected outages may temporarily affect cloud sync; offline functionality is unaffected.

12. Intellectual property

The Service — including its code, design, logo, brand, and content — is owned by us and our licensors. You are granted a limited, non-exclusive, non-transferable, revocable licence to use the Service in accordance with these Terms. You may not copy, resell, sublicense, redistribute, or create derivative works of the Service without our written permission.

You retain all rights in the visitor and business data you input. By using the Service, you grant us a limited licence to host, transmit, and process that data solely to provide the Service to you.

13. Disclaimer of warranties

The Service is provided on an "as is" and "as available" basis without warranties of any kind, whether express, implied, or statutory. We do not guarantee that the Service will be error-free, uninterrupted, free of vulnerabilities, or that data will never be lost. You are responsible for maintaining your own backups (e.g. Google Drive backup in standalone mode) where appropriate.

14. Limitation of liability

To the maximum extent permitted by law, we shall not be liable for any indirect, incidental, special, punitive, or consequential damages — including loss of data, loss of profit, business interruption, or reputational harm — arising from or related to your use of, or inability to use, the Service. Our aggregate liability for any direct damages shall not exceed the fees you paid us in the 12 months preceding the event giving rise to the claim, or USD 100, whichever is greater.

15. Indemnification

You agree to indemnify and hold us harmless from any claim, demand, loss, or expense (including reasonable legal fees) arising from: (a) your violation of these Terms; (b) your violation of applicable law (including privacy or data-protection laws); (c) the visitor data you collect or the way you operate your front desk; or (d) any dispute between you and a visitor, employee, or third party related to your use of the Service.

16. Suspension & termination

We may suspend or terminate your access if you breach these Terms, fail to pay subscription fees, or otherwise put the Service or its users at risk.
You may stop using the Service at any time by uninstalling the app and discontinuing use of the admin.
You may request account deletion by contacting us. We will delete or anonymise your data within a reasonable period, subject to legal retention requirements.
Termination of your subscription does not remove the local data already on Android devices.

17. Changes to these Terms & contact

We may update these Terms from time to time. Material changes will be notified in the app or admin. Continued use of the Service after such notice constitutes acceptance of the revised Terms.

Questions? Email us at info@blacknwhiteStudio.com.