Privacy Policy
Last updated: December 2, 2024
Your privacy matters to us. This Privacy Policy explains how QR Code Maker collects, uses, shares, and protects your personal information when you use our services.
By using QR Code Maker, you agree to the collection and use of information in accordance with this policy. This policy applies to information we collect through our website, applications, and services.
1. Who We Are
QR Code Maker provides QR code generation and management services. We are committed to being transparent about our data practices and protecting your privacy.
Contact Information:
- Email: support@qr-code-maker.app
- Website: qr-code-maker.app
2. Information We Collect
We collect different types of information depending on how you interact with our services:
2.1 Account Information
When you create an account, we collect:
- Email address — Required for account creation, login, and communication
- Password — Securely hashed and stored; we never store plain-text passwords
- Name — Optional, used for personalization
- Organization name — If you create an organization account
2.2 Payment Information
If you purchase a paid subscription, payment information is collected and processed by our payment processor, Stripe. We do not store complete credit card numbers. We receive:
- Billing name and address
- Last four digits of your card (for display purposes)
- Payment transaction records
2.3 QR Code Data
When you create QR codes, we store:
- QR code content — URLs, contact information, text, or other data you choose to encode
- Customization settings — Colors, logos, design choices
- Organization and folder structure — How you organize your QR codes
- Creation and modification timestamps
2.4 Scan Analytics
When someone scans a dynamic QR code created with our service, we collect limited analytics data:
- Scan timestamp — When the scan occurred
- Device type — Mobile, tablet, or desktop
- Operating system — iOS, Android, Windows, etc.
- Approximate location — Country, region, and city derived from IP address
Privacy-First Approach to Scan Analytics
- • IP addresses are hashed — we do not store full IP addresses
- • We do not create profiles of people who scan QR codes
- • We do not track individuals across different QR codes
- • Analytics are aggregate only and provided to QR code creators
2.5 File Uploads
If you upload files (logos, PDFs, images, audio), we store:
- The file itself
- File name and type
- File size
- Upload timestamp
2.6 Usage Data
We automatically collect information about how you use our services:
- Pages visited and features used
- Browser type and version
- Device information
- Referring website
- Time spent on pages
This data is collected through cookies and similar technologies. See our Cookie Policy for details.
2.7 Communication Data
If you contact us for support or other inquiries, we keep records of the communication, including your email address and message content.
3. How We Use Your Information
We use your information to:
3.1 Provide Our Services
- Create and manage your account
- Generate and host QR codes
- Provide scan analytics
- Process payments
- Store and serve your uploaded files
3.2 Improve Our Services
- Analyze usage patterns to improve features
- Debug and fix technical issues
- Develop new features
3.3 Communicate With You
- Send service-related notifications (account changes, billing)
- Respond to support requests
- Send product updates (with your consent)
3.4 Security and Fraud Prevention
- Detect and prevent fraud, abuse, and security threats
- Enforce our Terms of Service and Acceptable Use Policy
- Comply with legal obligations
4. Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), we process your personal data under the following legal bases:
- Contract Performance: Processing necessary to provide our services to you (account management, QR code generation, payment processing)
- Legitimate Interests: Processing for our legitimate business interests (service improvement, security, fraud prevention) where these don't override your rights
- Consent: Processing based on your explicit consent (analytics cookies, marketing communications)
- Legal Obligation: Processing required to comply with applicable laws
5. How We Share Your Information
Our Data Sharing Principles
- • We do NOT sell your personal data
- • We do NOT share your data with advertisers
- • We do NOT use your data for ad targeting
- • We only share data with service providers necessary to operate our business
5.1 Service Providers
We share data with trusted service providers who help us operate our business:
- Supabase — Database hosting, user authentication, and file storage (Privacy Policy)
- Stripe — Payment processing (Privacy Policy)
- Vercel — Website hosting and content delivery (Privacy Policy)
- Google Analytics — Website analytics, with your consent (Privacy Policy)
- Resend — Transactional email delivery (Privacy Policy)
5.2 Legal Requirements
We may disclose your information if required by law, such as:
- To comply with a legal obligation or valid legal process
- To protect our rights, privacy, safety, or property
- To detect or prevent fraud or security issues
- To enforce our Terms of Service
5.3 Business Transfers
If QR Code Maker is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.
6. International Data Transfers
Our services are hosted in the United States. If you are accessing our services from outside the United States, your data will be transferred to and processed in the United States.
For users in the EEA, UK, or Switzerland, we ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses approved by the European Commission.
7. Data Retention
We retain your data for as long as necessary to provide our services:
- Account data: Retained while your account is active and for a reasonable period after deletion to comply with legal obligations
- QR code data: Retained until you delete the QR codes or your account
- Scan analytics: Retained for 24 months after collection
- Payment records: Retained as required by tax and accounting laws (typically 7 years)
- Support communications: Retained for 3 years after resolution
8. Your Rights
Regardless of where you are located, you have certain rights regarding your personal data:
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your personal data
- Export: Request your data in a portable format
- Opt-out: Opt out of marketing communications and analytics cookies
To exercise these rights, contact us at support@qr-code-maker.app. We will respond within 30 days.
9. Additional Rights for EU Users (GDPR)
If you are in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to Rectification: Request correction of inaccurate personal data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restrict Processing: Request that we limit how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Rights Related to Automated Decision-Making: We do not use automated decision-making that significantly affects you
Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.
10. Additional Rights for California Residents (CCPA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request information about the categories and specific pieces of personal information we have collected about you
- Right to Delete: Request deletion of personal information we have collected from you
- Right to Opt-Out of Sale: We do not sell your personal information, so this right does not apply
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
To exercise these rights, contact us at support@qr-code-maker.app. We will verify your identity before processing your request.
Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of personal information:
- Identifiers: Email address, name, account ID
- Commercial information: Purchase history, subscription information
- Internet activity: Browsing history, interactions with our website
- Geolocation data: Approximate location derived from IP address
11. Children's Privacy
Our services are not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at support@qr-code-maker.app and we will delete the information.
12. Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption: Data is encrypted in transit (TLS) and at rest
- Access Controls: Access to personal data is restricted to authorized personnel
- Secure Authentication: Passwords are hashed using industry-standard algorithms
- Regular Security Reviews: We regularly review and update our security practices
While we strive to protect your personal data, no method of transmission over the Internet is 100% secure. If you have reason to believe your interaction with us is no longer secure, please contact us immediately.
13. Cookies and Tracking Technologies
We use cookies and similar technologies to provide and improve our services. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.
14. Third-Party Links
Our services may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read the privacy policies of any third-party websites you visit.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by:
- Posting the updated policy on our website
- Sending an email to the address associated with your account
- Displaying a notice in our application
Your continued use of our services after the effective date of the updated policy constitutes acceptance of the changes.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Email: support@qr-code-maker.app
- Website: qr-code-maker.app/contact
We will respond to your inquiry within 30 days.