Privacy Policy

1. Introduction

Welcome to Simple QR Creator ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By using Simple QR Creator, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Free Users

We collect NO data from free users. QR codes are generated entirely on your device (client-side). We do not track, store, or have access to:

• QR codes you create
• URLs or content you encode
• Download or usage statistics
• Any personal information

2.2 Premium Users (Account Holders)

When you create an account and subscribe, we collect:

Account Information:

• Email address
• Display name (optional)
• Authentication credentials (securely managed by Firebase)
• Subscription status and billing information (processed by Stripe)

QR Code Data (Premium Only):

• QR code metadata (colors, logos, patterns)
• Destination URLs
• Creation timestamps
• Custom labels and organization

Analytics Data (Premium Only):

• Scan counts and timestamps
• General geographic location (country, region, city)
• Device type and browser information
• Referrer information
• Anonymized IP addresses (last octet removed)

3. How We Use Your Information

We use collected information to:

• Provide and maintain our service
• Process your subscription and payments
• Store and manage your QR codes (Premium users)
• Provide analytics and insights (Premium users)
• Send service-related emails (account notifications, billing)
• Respond to customer support requests
• Detect and prevent fraud or abuse
• Comply with legal obligations

4. Data Storage and Security

We implement appropriate technical and organizational security measures to protect your personal information:

• All data is encrypted in transit using HTTPS/TLS
• Authentication handled by Firebase with industry-standard security
• Payment information processed securely by Stripe (PCI compliant)
• Regular security audits and updates
• Access controls and authentication for all systems

Your data is stored on secure Firebase/Google Cloud servers located in the United States.

5. Third-Party Services

We use the following third-party services:

Firebase (Google):

• Authentication and user management
• Database storage (Firestore)
• Cloud Functions for backend logic
• Firebase Privacy Policy

Stripe:

• Payment processing and subscription management
• We do not store credit card information
• Stripe Privacy Policy

Google Analytics (Optional):

• Website usage analytics (not QR scan data)
• You can opt-out using browser extensions
• Google Privacy Policy

6. Your Rights (GDPR Compliance)

Under the General Data Protection Regulation (GDPR) and similar laws, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a machine-readable format
• Restriction: Request limited processing of your data
• Object: Object to certain types of processing
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at privacy@simpleqrcreator.com. We will respond within 30 days.

7. Data Retention

We retain your data as follows:

• Free Users: No data stored
• Active Premium Users: Data retained while subscription is active
• Cancelled Subscriptions: Data retained for 30 days after cancellation
• Deleted Accounts: All data permanently deleted immediately
• Analytics Data: Aggregated analytics retained for 2 years
• Legal Compliance: Data may be retained longer if required by law

8. Cookies

We use essential cookies for:

• Authentication and session management
• Security and fraud prevention
• Remembering your preferences

You can control cookies through your browser settings. Disabling essential cookies may affect service functionality.

9. Children's Privacy

Our service is not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in the United States. By using our service, you consent to this transfer. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will notify you via email or prominent notice on our service.

12. Contact Information

For questions about this Privacy Policy or to exercise your rights, contact us at:

13. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete personal information, the right to opt-out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising privacy rights.