Privacy Policy

We collect several types of information to provide and improve our services:

Account Information

• Name, email address, and password when you register an account
• Profile details you choose to provide, such as a company name or profile picture
• Authentication data if you sign in through a third-party provider (e.g., Google or GitHub)

Payment Information

• Billing name, billing address, and payment method details are collected and processed securely by our payment processor, Stripe. We do not store your full credit card number on our servers. We retain a reference to your Stripe customer ID and the last four digits of your card for display purposes only.

QR Code Content

• URLs, text, contact information, Wi-Fi credentials, or any other data you encode into QR codes you create through our platform
• Configuration settings for dynamic QR codes, including redirect destinations and scheduling rules

Uploaded Assets

• Logos, images, and other media files you upload for QR code customization or branding purposes

Analytics and Scan Data

• For dynamic QR codes, we collect scan event data including approximate geographic location (derived from IP address), device type, browser, operating system, referring context, and timestamp of each scan
• Aggregated analytics about your QR code performance (total scans, unique scans, scan trends over time)

Device, Browser, and Network Information

• IP address, browser type and version, operating system, device identifiers, and screen resolution
• Pages visited, features used, clickstream data, and session duration

Cookies and Similar Technologies

• We use cookies, local storage, and similar technologies to maintain your session, remember your preferences, and gather usage analytics. For full details, see our Cookie Policy.

We use the information we collect for the following purposes:

• Provide and operate our services: To create and manage your account, generate and host QR codes, process redirects for dynamic QR codes, and deliver the features you request
• Analytics and reporting: To compile scan analytics dashboards so you can understand how your QR codes are performing, including geographic distribution, device breakdowns, and scan volume trends
• Billing and payments: To process subscription payments, manage plan upgrades and downgrades, issue invoices, and handle refund requests through Stripe
• Security and fraud prevention: To detect, investigate, and prevent unauthorized access, abuse, or fraudulent activity on our platform
• Customer support: To respond to your inquiries, troubleshoot issues, and provide technical assistance
• Service improvements: To analyze usage patterns, conduct internal research, and improve the functionality, reliability, and user experience of our platform
• Communications: To send you service-related notices, security alerts, billing confirmations, and, where you have opted in, marketing and product update emails

Understanding how we handle QR code data is central to your use of QRBuildr.

Dynamic QR Codes

When someone scans a dynamic QR code created on our platform, the scan passes through our servers before redirecting to your specified destination. During this process, we collect:

• A one-way hash of the scanner’s IP address (we do not store raw IP addresses of end-user scanners)
• Device type and model (e.g., mobile, tablet, desktop)
• Browser name and version
• Operating system
• Approximate geographic location derived from IP (city/region level)
• Timestamp of the scan event

This data is used exclusively to power the analytics dashboard available to the QR code creator. It is not sold, shared with advertisers, or used for cross-platform tracking of individuals who scan QR codes.

Static QR Codes

Static QR codes encode data directly into the QR image and do not route through our servers when scanned. We do not collect any scan data for static QR codes. Once generated, a static QR code functions entirely independently of QRBuildr.

Your Responsibility

You are solely responsible for the content and destinations encoded in your QR codes. You must ensure that any URLs, files, or content linked through your QR codes comply with applicable laws and do not infringe upon the rights of others. QRBuildr does not monitor or endorse the destinations of your QR codes, but reserves the right to disable QR codes that violate our Terms of Service or Acceptable Use Policy.

QRBuildr uses cookies and similar tracking technologies to enhance your experience on our platform. These include:

• Essential cookies: Required for core functionality such as authentication, session management, and security
• Preference cookies: Store your settings and display preferences (e.g., theme, language)
• Analytics cookies: Help us understand how visitors interact with our platform so we can improve performance and usability

You can manage your cookie preferences through your browser settings or through the cookie consent banner displayed on our site. Disabling certain cookies may limit the functionality of some features.

For a comprehensive explanation of the cookies we use, their purposes, and how to control them, please refer to our Cookie Policy.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We share data only in the following circumstances:

Service Providers

• Stripe: Processes all payment transactions. Stripe receives your billing details and payment method information in accordance with their own Privacy Policy.
• Vercel: Hosts our application infrastructure. Request data and logs may be processed through Vercel’s systems.
• Database hosting provider: Our PostgreSQL database is hosted on infrastructure provided by a third-party cloud provider, subject to their security and privacy practices.
• Authentication providers: If you sign in via a third-party identity provider (e.g., Google, GitHub), that provider shares limited profile information with us as described during the sign-in flow.

Legal and Safety

We may disclose your information if required to do so by law, in response to a valid legal process (such as a subpoena or court order), or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our platform before your information becomes subject to a different privacy policy.

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy:

• Account data: Retained for as long as your account remains active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, financial records).
• QR code data: QR code configurations, redirect rules, and associated assets are retained while your account is active. Upon account deletion, this data is permanently purged within 30 days.
• Scan analytics data: Retained in accordance with your subscription plan. Different plans may offer different analytics retention windows. When data ages beyond your plan’s retention period, it is aggregated or deleted.
• Payment records: Billing history and transaction records may be retained for up to seven years to comply with tax and accounting obligations.
• Deleted data: When you request deletion of specific data or your entire account, the data is purged from our active systems within 30 days. It may persist in encrypted backups for up to an additional 90 days before being permanently removed.

We take the security of your data seriously and implement industry-standard measures to protect it:

• Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).
• Encryption at rest: Sensitive data stored in our databases is encrypted at rest using AES-256 encryption.
• Secure infrastructure: Our application is hosted on SOC 2-compliant cloud infrastructure with built-in DDoS protection, network isolation, and automated security patching.
• Access controls: Internal access to user data is restricted to authorized personnel on a need-to-know basis, protected by multi-factor authentication and audit logging.
• Regular assessments: We conduct periodic security reviews and vulnerability assessments to identify and remediate potential risks.

While we strive to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incidents. If you believe your account has been compromised, please contact us immediately at contact@qrbuildr.com.

QRBuildr is operated by AGT GROUP LLC, a company based in the United States. Our servers and data processing facilities are located in the United States.

If you access our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.

By using QRBuildr, you consent to the transfer of your information to the United States and its processing as described in this Privacy Policy. We take steps to ensure that your data receives an adequate level of protection in the jurisdictions in which we process it, including entering into data processing agreements with our service providers where appropriate.

Depending on your location and applicable law, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request that we update or correct inaccurate or incomplete information.
• Deletion: Request that we delete your personal data, subject to certain legal exceptions.
• Data export: Request a machine-readable copy of your data (data portability), including your QR code configurations and scan analytics.
• Opt-out of marketing: Unsubscribe from promotional emails at any time by clicking the “Unsubscribe” link in any marketing email or by adjusting your notification preferences in your account settings. Note that you will continue to receive transactional and service-related communications.
• Cookie preferences: Manage or withdraw your consent for non-essential cookies through the cookie settings on our site or your browser.

To exercise any of these rights, please contact us at contact@qrbuildr.com. We will respond to your request within 30 days. We may ask you to verify your identity before fulfilling your request.

QRBuildr is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take prompt steps to delete that information from our systems.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at contact@qrbuildr.com, and we will work to remove the data promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the “Last Updated” date at the top of this page
• Notify you by email or through a prominent notice on our platform prior to the changes taking effect

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of QRBuildr after any changes to this policy constitutes your acceptance of the updated terms.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• AGT GROUP LLC
• 262 Chapman Rd, Ste 240, Newark, DE 19702
• Email: contact@qrbuildr.com

We will make every effort to respond to your inquiry within 30 days.