Privacy Policy

We respect your privacy and are committed to protecting your personal information. This policy explains how we collect, use, and safeguard your data.

Last updated: January 2025 • Effective Date: January 1, 2025

Our Privacy Commitment

Data Protection

Industry-standard encryption and security

Transparency

Clear information about data collection

Your Control

Full access to your data and settings

1. Information We Collect

Account Information:

  • Email address (required for account creation)
  • Full name (optional, for personalization)
  • Password (encrypted and never stored in plain text)
  • Account preferences and settings

QR Code Data:

  • QR code content (URLs, text, contact info, etc.)
  • QR code metadata (creation date, type, title)
  • Customization settings (colors, styles, logos)
  • Usage analytics (scan counts, scan locations, device types)

Usage Information:

  • Pages visited and features used
  • Time spent on different sections
  • Browser type and operating system
  • IP address and general location (city/country level)
  • Referrer information (how you found our site)

Payment Information:

  • Billing name and address
  • Payment method details (processed by Lemon Squeezy)
  • Transaction history and receipts
  • Subscription status and billing dates
2. How We Use Your Information

✅ We Use Your Data To:

  • Provide and improve QR-Forge services
  • Create and manage your QR codes
  • Process payments and manage subscriptions
  • Provide customer support
  • Send important account notifications
  • Analyze usage to improve our platform
  • Ensure security and prevent abuse

❌ We DO NOT:

  • Sell your personal data to third parties
  • Share your QR code content publicly
  • Use your data for unrelated advertising
  • Track you across other websites
  • Store unnecessary personal information
  • Share data without your consent
  • Keep data longer than necessary
3. When We Share Information

We only share your information in limited circumstances:

Service Providers:

  • Lemon Squeezy: Payment processing and subscription management
  • Supabase: Database hosting and authentication services
  • Vercel: Web hosting and content delivery
  • Analytics Services: Aggregated usage statistics (no personal data)

All service providers are contractually required to protect your data and use it only for specified purposes.

Legal Requirements:

We may disclose information if required by law, court order, or to protect our rights, your safety, or the safety of others. We will notify you unless legally prohibited.

Business Transfers:

If QR-Forge is acquired or merged, your information may be transferred to the new owners with the same privacy protections.

4. Data Security

We implement industry-standard security measures to protect your information:

Technical Safeguards:

  • TLS/SSL encryption for all data transmission
  • Encrypted data storage
  • Secure authentication protocols
  • Regular security audits and updates
  • Access controls and monitoring

Operational Safeguards:

  • Limited employee access to personal data
  • Background checks for staff with data access
  • Regular privacy and security training
  • Incident response procedures
  • Data backup and recovery systems

Note: While we implement strong security measures, no system is 100% secure. We encourage you to use strong passwords and keep your account information confidential.

5. Your Privacy Rights

You have the following rights regarding your personal information:

Access & Control:

  • Access: View all data we have about you
  • Update: Correct inaccurate information
  • Download: Export your QR codes and data
  • Delete: Remove your account and data

Privacy Controls:

  • Opt-out: Unsubscribe from marketing emails
  • Restrict: Limit how we use your data
  • Object: Disagree with certain data processing
  • Portability: Transfer data to another service

How to Exercise Your Rights:

  • Most rights can be exercised through your account settings
  • For additional requests, email privacy@qrforge.com
  • We'll respond to requests within 30 days
  • Identity verification may be required for security
6. Cookies and Tracking

We use cookies and similar technologies to improve your experience and analyze usage:

Types of Cookies:

Essential Cookies (Required):
  • Authentication and session management
  • Security and fraud prevention
  • Basic website functionality
Optional Cookies:
  • Usage analytics and performance
  • Preferences and personalization
  • Error reporting and diagnostics

Cookie Controls:

You can manage cookie preferences through your browser settings or our cookie banner. Note that disabling essential cookies may affect website functionality.

7. International Users

GDPR Compliance (EU Users):

If you're in the European Union, we comply with GDPR requirements including lawful basis for processing, data minimization, and enhanced rights. You can exercise all GDPR rights through your account or by contacting our Data Protection Officer.

CCPA Compliance (California Users):

California residents have additional rights under CCPA including the right to know what personal information is collected, sold, or disclosed. We do not sell personal information and provide easy access to all your data.

Data Transfers:

Your data may be processed in the United States where our servers are located. We ensure appropriate safeguards are in place for international data transfers.

8. Children's Privacy

QR-Forge is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at privacy@qrforge.comand we will delete the information.

Users between 13-18 must have parental consent to use our services.

9. Data Retention

How Long We Keep Data:

  • Account Data: Until you delete your account, then 30 days for backup recovery
  • QR Code Content: As long as your account exists or until you delete specific QR codes
  • Analytics Data: Aggregated data kept for 2 years, personal data for 1 year
  • Payment Records: 7 years as required by financial regulations
  • Support Communications: 3 years for quality and legal purposes

Account Deletion:

When you delete your account, we immediately stop processing your personal data and begin secure deletion. Some data may be retained for legitimate business purposes (fraud prevention, legal compliance) but will be anonymized where possible.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. We'll notify you of material changes via email or through our service at least 30 days before they take effect.

We encourage you to review this policy periodically. The "Last updated" date indicates when the policy was most recently revised.

11. Contact Us About Privacy

If you have questions about this Privacy Policy or our data practices:

Email: qrforge.app@gmail.com