Privacy Policy

Gen QR Code ("we," "us," or "our") operates the website located at https://www.genqrcode.app (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit or use our Service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will notify you of any changes by updating the "Effective Date" of this Privacy Policy. Your continued use of the Service after any changes constitutes your acceptance of the new Privacy Policy.

IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DISCONTINUE USE OF THE SERVICE IMMEDIATELY.

2.1 Information You Provide Voluntarily

We may collect the following information when you register or use the Service:

• Email address (for account registration)
• Password (stored in encrypted form; we never have access to your plaintext password)
• QR code content you choose to create and save
• Payment information (processed entirely by Stripe; we do not store card numbers)

2.2 Information Collected Automatically

When you access the Service, certain information may be collected automatically, including but not limited to:

• IP address and approximate geographic location
• Browser type, operating system, and device type
• Pages visited, time spent, and referring URLs
• QR code scan events (for users who have created dynamic QR codes)
• Cookies and similar tracking technologies (see Section 6)

2.3 Information We Do NOT Collect

We do not intentionally collect:

• Sensitive personal data (e.g., health, financial, or government ID information)
• Personal data of children under 13 years of age
• Personal data beyond what is necessary to provide the Service

We use the information we collect solely for the following purposes:

• To create and manage your account
• To provide, operate, and maintain the Service
• To process payments and manage subscriptions
• To send transactional emails (e.g., account confirmation, password reset)
• To display QR code scan analytics to the account owner
• To improve and personalise the Service
• To detect, prevent, and address technical issues or abuse
• To comply with legal obligations

We do not sell, rent, or trade your personal information to any third party for marketing purposes.

We may share your information only in the following limited circumstances:

4.1 Service Providers

We engage trusted third-party service providers who assist us in operating the Service. These providers are contractually obligated to handle your data securely and only for the purposes we specify:

• Supabase — Database and authentication infrastructure. Data is stored on Supabase servers. See Supabase Privacy Policy.
• Stripe — Payment processing. We do not store payment card details. See Stripe Privacy Policy.
• Google AdSense — Advertising on free-tier pages. Google may use cookies to serve personalised ads. See Google Privacy Policy.
• Vercel — Website hosting and content delivery. See Vercel Privacy Policy.

4.2 Legal Requirements

We may disclose your information where required to do so by law, court order, or governmental authority, or where we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In the event of a merger, acquisition, reorganisation, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on the Service of any change in ownership or uses of your personal information.

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account data is retained for the duration of your account and for up to 90 days after deletion.
• QR code scan logs may be retained for up to 24 months for analytics purposes.
• Payment records are retained as required by applicable financial regulations.

You may request deletion of your account and associated data at any time by contacting us at support@genqrcode.app. We will process deletion requests within 30 days, subject to legal retention obligations.

We use cookies and similar technologies (local storage, session storage) to operate and improve the Service. Cookies are small data files stored on your device.

• Essential Cookies: Required for authentication and session management. The Service cannot function without them.
• Analytics Cookies: Used to understand how users interact with the Service (e.g., page views, scan counts).
• Advertising Cookies: Placed by Google AdSense on free-tier pages to serve relevant advertisements.

You may disable cookies through your browser settings; however, doing so may affect certain functionality of the Service. By continuing to use the Service, you consent to our use of cookies.

We implement industry-standard technical and organisational security measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. These include encryption in transit (HTTPS/TLS), hashed passwords, and role-based access controls.

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. You use the Service at your own risk. We are not liable for any unauthorised access to or alteration of your transmissions or data beyond our reasonable control.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data ("right to be forgotten").
• Portability: Request transfer of your data in a machine-readable format.
• Objection: Object to certain processing of your data.
• Opt-out of ads: Manage Google ad personalisation at adssettings.google.com.

To exercise any of the above rights, please contact us at support@genqrcode.app. We will respond within 30 days. We reserve the right to verify your identity before processing any request.

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to remove such information from our records.

The Service may contain links to third-party websites. We have no control over the content, privacy policies, or practices of any third-party sites. We are not responsible for the privacy practices of such websites and encourage you to review their privacy policies independently. Accessing third-party sites is entirely at your own risk.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to these countries. We take reasonable steps to ensure your data receives an adequate level of protection wherever it is processed.

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

IN NO EVENT SHALL GEN QR CODE, ITS OWNERS, OPERATORS, AFFILIATES, OR SERVICE PROVIDERS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING FROM YOUR USE OF OR INABILITY TO USE THE SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. OUR TOTAL LIABILITY TO YOU FOR ANY CLAIM ARISING FROM OR RELATED TO THIS PRIVACY POLICY OR THE SERVICE SHALL NOT EXCEED THE GREATER OF (A) THE AMOUNT YOU PAID TO US IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) USD $10.

We reserve the right to update or modify this Privacy Policy at any time without prior notice. The updated policy will be posted on this page with a revised "Effective Date." Your continued use of the Service after any modifications constitutes your binding acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically. If we make material changes that affect your rights, we will endeavour to notify registered users by email.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: