Privacy Policy

Last updated: 7/7/2025

1. Introduction

QRLynx ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QR code generation and analytics service.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

  • Name and email address (when you create an account)
  • Profile information from Google or Microsoft (when using OAuth authentication)
  • Billing information processed through Stripe (for paid subscriptions)
  • Communication preferences and contact information

2.2 OAuth Authentication Data

When you sign in using Google or Microsoft OAuth, we may receive:

  • Basic profile information (name, email, profile picture)
  • Unique identifier from the OAuth provider
  • Authentication tokens (stored securely and used only for account verification)

We do not access your Google Drive, Microsoft OneDrive, or other services beyond basic profile information unless explicitly authorized.

2.3 Usage and Analytics Data

We automatically collect certain information about your use of our Service:

  • QR code creation and scan analytics
  • Device information (browser type, operating system)
  • IP address and general location information
  • Usage patterns and feature interactions
  • Performance and error logs

2.4 Payment Information

Payment processing is handled by Stripe, Inc. We do not store your complete credit card information on our servers. Stripe may share limited transaction data with us, including:

  • Transaction IDs and payment status
  • Last four digits of credit card numbers
  • Billing address information
  • Subscription status and billing history

3. How We Use Your Information

We use the collected information for the following purposes:

  • Providing and maintaining our Service
  • Processing payments and managing subscriptions
  • Authenticating users and preventing fraud
  • Generating QR code analytics and insights
  • Communicating with you about your account and our services
  • Improving our Service and developing new features
  • Complying with legal obligations

4. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

4.1 Service Providers

  • Stripe: For payment processing and subscription management
  • Google/Microsoft: For OAuth authentication services
  • Cloud hosting providers: For data storage and service delivery
  • Analytics providers: For service improvement and performance monitoring

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Secure authentication protocols (OAuth 2.0)
  • Regular security audits and updates
  • Access controls and employee training
  • Secure payment processing through PCI-compliant providers

6. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

  • Account information: Until account deletion or 3 years of inactivity
  • QR code data: As long as your account is active
  • Analytics data: Up to 2 years for service improvement
  • Payment records: As required by tax and financial regulations

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of your personal information
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of your personal information
  • Portability: Receive your data in a machine-readable format
  • Restriction: Limit how we process your information
  • Objection: Object to certain types of processing

To exercise these rights, please contact us through our contact page.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. For detailed information about our use of cookies, please see our Cookie Policy.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us through our contact page.

GDPR Compliance: If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR). We are committed to complying with GDPR requirements and protecting your privacy rights.