Privacy Policy

Last updated: May 18, 2026

1. Overview

QR Studio ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what data we collect, why we collect it, and how we use and protect it when you use freeqrstudio.online.

2. Data We Collect

2.1 Data You Provide

  • Account data — name, email address, and password (hashed) when you register.
  • QR code content — the data you enter to generate a QR code (URL, contact details, WiFi credentials, etc.). Stored only if you explicitly save the QR code.
  • Digital Menu content — restaurant name, address, menu items, and prices.
  • Payment data — handled entirely by Stripe. We do not store card numbers on our servers.

2.2 Data Collected Automatically

  • Scan analytics — when someone scans your QR code, we record: approximate country and city (via IP geolocation), device type, browser, operating system, and timestamp. Raw IP addresses are not stored beyond deduplication checks (1 unique scan per IP per 24 hours).
  • Usage data — pages visited, features used, referrer URL, session duration.
  • Cookies — session cookies for authentication, language preference cookie (lang), and theme preference. No advertising cookies or third-party tracking pixels.

3. How We Use Your Data

  • To provide, maintain, and improve the service.
  • To send transactional emails (registration, password reset, billing receipts).
  • To display scan analytics for your QR codes.
  • To enforce our Terms of Service and prevent abuse.

We do not sell your data. We do not use it for advertising.

4. Data Sharing

We share data only with necessary service providers:

  • Stripe — payment processing.
  • IP Geolocation provider — to resolve country/city from scan IPs (IPs not stored after lookup).
  • Hosting provider — server infrastructure.

No personal data is shared with other third parties without your explicit consent, except when required by law.

5. Data Retention

  • Account data is retained while your account is active. After deletion, personal data is removed within 30 days.
  • Scan analytics retention depends on your plan: 7 days (free), 90 days (Pro), 365 days (Business).
  • Digital menu data is deleted upon restaurant deletion.

6. Your Rights (GDPR)

If you are in the EU or EEA, you have the right to access, correct, delete, restrict, and port your personal data. Contact us at [email protected]. We respond within 30 days.

7. Security

We use HTTPS encryption and bcrypt password hashing. No system is 100% secure, but we apply industry-standard practices to protect your data.

8. Children's Privacy

QR Studio is not directed at children under 13. If you believe a child has provided us personal data, contact us and we will delete it promptly.

9. Changes

We may update this Policy at any time. Registered users will be notified of significant changes by email.

10. Contact

[email protected]

Last updated: May 2026

Have questions?

Our support team is happy to help with any questions about these policies.

Contact Support

[email protected]

Terms of Service
Refund Policy