GDPR Compliance
Your data protection rights under the General Data Protection Regulation (GDPR).
Our Commitment to GDPR Compliance
We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This page explains your rights under GDPR and how our QR code generator service respects and protects your personal data.
Data We Collect
Our QR code generator is designed to minimize data collection. We only collect data that is essential for providing our service:
Technical Data
- IP address (for security and analytics)
- Browser type and version
- Device information
- Usage statistics (anonymized)
QR Code Content
- We do NOT store QR code content
- QR codes are generated client-side when possible
- No tracking of what you encode in QR codes
- Generated codes are not saved on our servers
Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
Right to Access
You can request information about what personal data we process and receive a copy of that data.
Right to Rectification
You can request correction of inaccurate or incomplete personal data we hold about you.
Right to Erasure
You can request deletion of your personal data under certain circumstances.
Right to Portability
You can request your data in a structured, machine-readable format for transfer to another service.
Right to Restrict Processing
You can request that we limit how we process your personal data in certain situations.
Right to Object
You can object to processing of your personal data for direct marketing or other purposes.
Legal Basis for Processing
We process personal data based on the following legal grounds:
- Legitimate Interest: To provide and improve our QR code generator service
- Consent: For analytics cookies (where you have given explicit consent)
- Necessary for Service: Essential technical data required for website functionality
Data Retention
We retain personal data only as long as necessary:
- QR Code Content: Not stored (generated client-side)
- Analytics Data: Up to 24 months (anonymized)
- Technical Logs: Up to 12 months (for security purposes)
- Cookie Data: As specified in our Cookie Policy
Data Transfers
If we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions. We work only with processors that provide adequate data protection guarantees.
Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication systems
- Secure hosting infrastructure
- Staff training on data protection
Data Breach Procedures
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, as required by GDPR.
Exercising Your Rights
To exercise any of your GDPR rights, please contact us through our website. We will:
- Respond to your request within one month
- Verify your identity before processing requests
- Provide information free of charge (unless requests are excessive)
- Explain any reasons if we cannot fulfill your request
Note: You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.
Contact Information
For any questions about GDPR compliance, data protection, or to exercise your rights, please contact us through our website. We are committed to addressing your concerns promptly and transparently.
Updates to This Information
We may update this GDPR compliance information to reflect changes in our data processing practices or legal requirements. We will notify users of significant changes through our website and update the "last modified" date at the top of this page.