Privacy Policy

Last updated: January 2026

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use our QR code generator web application (the “Service”).

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Data Controller

We act as the data controller for personal data processed through the Service.

Contact email: [email protected]

2. Personal Data We Collect

2.1 Data You Provide Directly

  • Account information (if you create an account): email address and encrypted password
  • QR code content you submit, such as URLs, text, or other data encoded into QR codes

Creating an account is optional. You may use the Service as a guest.

2.2 Automatically Collected Data

When you access or use the Service, we may automatically collect limited technical information, including:

  • IP address
  • Browser type and device information
  • Date and time of requests
  • Basic server and security logs

This information is collected strictly for security, abuse prevention, troubleshooting, and service reliability.

3. Cookies & Local Storage

We use strictly necessary cookies and similar technologies to operate the Service. These cookies are required for:

  • Authentication and session management
  • Security and abuse prevention
  • Remembering basic user preferences

We do not use:

  • Analytics cookies
  • Advertising cookies
  • Behavioral or cross-site tracking
  • Social media tracking pixels

Because these cookies are essential for the Service to function, they cannot be disabled. Under GDPR and CCPA, strictly necessary cookies do not require explicit consent.

4. Legal Bases for Processing (GDPR)

We process personal data under the following legal bases:

  • Contractual necessity – to provide and operate the Service
  • Legitimate interests – security, fraud prevention, and system integrity
  • Consent – where required by law
  • Legal obligation – compliance with applicable laws and regulations

5. How We Use Personal Data

We use personal data to:

  • Generate and manage QR codes
  • Authenticate users and manage accounts
  • Operate, maintain, and improve the Service
  • Prevent abuse, fraud, and illegal activity
  • Respond to legal or regulatory requests

We do not sell, rent, or trade personal data.

6. QR Code Content & Responsibility

QR codes generated through the Service may link to third-party content outside our control.

  • We do not proactively monitor or review QR code destinations
  • Users are solely responsible for the content they encode and distribute
  • We reserve the right to remove or disable access to QR codes that violate applicable laws or our Terms & Conditions

7. Donations

The Service may include optional prompts inviting visitors to make voluntary donations to support development and hosting costs.

If you choose to donate:

  • Payment processing is handled by third-party payment providers
  • We do not store full payment card details on our servers
  • We may receive limited transaction-related information, such as confirmation status, donation amount, and a transaction reference

Donations are voluntary and do not create an entitlement to additional features, services, or guarantees.

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy.

  • Account holders: account data and associated QR codes are retained until deleted by the user or upon account termination
  • Guest users: QR codes may be stored temporarily and may be deleted automatically without notice
  • Logs: retained for a limited period for security, operational, and legal purposes

You may request deletion of your personal data at any time.

9. Data Sharing & Third Parties

We may share personal data only with trusted third-party service providers that help us operate the Service, such as:

  • Hosting and infrastructure providers
  • File storage services
  • Error monitoring and security services

These providers process data solely on our behalf and under confidentiality and data protection obligations.

We do not sell personal data to third parties.

10. International Data Transfers

If personal data is transferred outside the European Union or your jurisdiction, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)
  • Equivalent legal protections required by applicable law

11. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your data (“right to be forgotten”)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time

12. Your Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal data we collect and how it is used
  • Request deletion of personal data
  • Opt out of the sale of personal data (we do not sell data)
  • Not be discriminated against for exercising privacy rights

Requests can be made by contacting us via email.

13. Data Security

We implement reasonable technical and organizational measures to protect personal data, including:

  • Encrypted passwords
  • Access controls and restricted permissions
  • Secure server infrastructure

No system is completely secure, and we cannot guarantee absolute security.

14. Children’s Privacy

The Service is not intended for children under the age of 13.

We do not knowingly collect personal data from children.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Any changes will be posted on this page with an updated “Last updated” date.

16. Contact

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:

Email: [email protected]