Back to home
Your data, protected

Privacy Policy

Last updated:

Introduction

Welcome to Qrcode. ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you create, manage, and share QR codes through our platform.

This policy applies to all information collected through our website, dashboard, and QR redirect service. Please read it carefully. By using our services, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Account Information

When you register for an account, we collect:

  • Name
  • Email address
  • Authentication credentials (securely hashed; we never store plain-text passwords)
  • Workspace and account preferences

QR Code & Scan Data

When a QR code you own is scanned, we record limited analytics so you can measure its performance. Each scan may capture:

  • Approximate location (country, region, and city) derived from a one-way hashed IP address
  • Device type, operating system, and browser
  • Referring source and timestamp of the scan
  • The destination URL the QR code resolves to

IP Address Handling

We hash IP addresses with SHA-256 before they are written to our analytics records. We do not store raw IP addresses, and hashed values cannot be reversed to identify an individual scanner.

How We Use Your Information

We use the information we collect for the following purposes:

  • To provide and maintain our service: account creation, authentication, QR redirection, and scan analytics
  • To improve our service: analyzing aggregate usage patterns to enhance the platform
  • To communicate with you: sending product updates, security alerts, and support messages
  • To prevent abuse: monitoring for malicious links, fraud, and security threats
  • To meet legal obligations: complying with applicable data protection and consumer laws

Legal Basis for Processing

Where applicable data protection laws require it, we process your personal data on one or more of the following grounds:

  • Performance of a contract: processing necessary to deliver the services you sign up for
  • Legitimate interests: operating, securing, and improving the platform, where your rights do not override those interests
  • Legal obligation: processing necessary to comply with the law
  • Your permission: where you have given us clear, specific permission to process your data

Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this policy. Scan analytics are retained according to your plan, after which they may be aggregated or deleted. We keep certain records to comply with legal obligations, resolve disputes, and enforce our agreements.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information only in the following circumstances:

  • Service providers: trusted vendors that help us operate the platform (hosting, payment processing, geolocation, and email delivery)
  • Legal requirements: when required by law or to protect our rights and the safety of our users
  • Business transfers: in connection with a merger, acquisition, or sale of assets

Your Privacy Rights

Depending on where you live, applicable data protection laws may give you the following rights over your personal data:

  • Right to access: request a copy of the personal data we hold about you
  • Right to rectification: correct inaccurate or incomplete data
  • Right to erasure: request deletion of your personal data
  • Right to restrict processing: limit how we use your data
  • Right to data portability: receive your data in a portable format
  • Right to object: object to certain processing of your data
  • Right to withdraw permission: withdraw any permission you have given us at any time

To exercise any of these rights, contact us using the details below. We will respond within 30 days of receiving your request.

Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Secure, one-way hashing of credentials and IP addresses
  • Regular security reviews
  • Access controls and authentication

However, no method of transmission over the internet is completely secure. While we strive to protect your personal information, we cannot guarantee absolute security.

QR codes you create can point to any destination, and our service may contain links to third-party websites. We are not responsible for the privacy practices of external sites. We encourage you to review the privacy policy of any site you visit.

Children's Privacy

Our service is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete it.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this policy and applicable data protection laws.

Changes to This Privacy Policy

We may update this policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have questions about this policy or want to exercise your privacy rights, reach out and we'll be glad to help:

Filing a Complaint

If you believe your privacy rights have been violated, you have the right to file a complaint with your local data protection authority. We encourage you to contact us first so we can try to resolve your concern directly.