AddToQR LogoAddToQR

Privacy Policy

Last updated: March 5, 2026

This Privacy Policy explains how AddToQR.Com ("we", "our", or "us") collects, uses, discloses, and protects your information when you use our website, applications, and services (collectively, the "Services"). By accessing or using AddToQR.Com, you agree to the terms of this Privacy Policy.

1. Information We Collect

1.1 Information You Provide

We may collect information that you voluntarily provide, including but not limited to:

  • Name, email address, and account details
  • Billing and subscription information
  • Communications with us (support requests, feedback, etc.)

1.2 Automatically Collected Information (QR Code Scan Analytics)

When someone scans a QR code created through our Services, we automatically collect the following aggregated, non-identifying analytics data on behalf of the QR code owner:

  • Geographic location: Country and city (derived from the network request — the IP address itself is not stored)
  • Browser: Browser name and version (e.g. Chrome, Safari)
  • Device type: General category only (e.g. mobile, desktop, tablet)
  • Operating system: OS name (e.g. iOS, Android, Windows)
  • Language: Browser language setting (e.g. en-US)
  • Screen and viewport size: Bucketed size ranges only (e.g. "small", "medium") — not exact pixel dimensions
  • Scan timestamp: Date and time of scan for time-series reporting

We do not collect or store IP addresses, precise GPS coordinates, names, email addresses, or any other personally identifiable information from QR code scanners. This data is used solely to provide QR code owners with aggregated insights to improve their content and user experience.

1.3 Sensitive Information

Any sensitive user data we collect or store is encrypted using industry-standard encryption methods, both in transit and at rest, to ensure confidentiality and security.

2. How We Use Your Information

We use the collected information to:

  • Provide, operate, and maintain our Services
  • Manage accounts and subscriptions
  • Process payments and subscription changes
  • Improve functionality, performance, and user experience
  • Communicate updates, security notices, and support messages
  • Comply with legal obligations

3. Advertising (Google Ads)

AddToQR.Com displays Google Ads across many of our free services (and may use additional third-party advertising services in the future).

Google and its partners may use cookies, web beacons, or similar technologies to:

  • Show personalized or non-personalized ads
  • Measure ad performance
  • Prevent fraud and abuse

Users may opt out of personalized advertising by visiting: https://adssettings.google.com

For more information on how Google handles data, please review Google's Privacy Policy.

4. Payments, Subscriptions, and Billing

4.1 Subscription-Based Plans

Some AddToQR.Com features are offered under paid, recurring subscription plans.

4.2 No Refund Policy

All payments are non-refundable. We do not offer refunds for partial usage, unused time, or accidental purchases.

4.3 Plan Upgrades and Downgrades

Instead of refunds, users may:

  • Upgrade or downgrade their subscription plans at any time
  • Changes will take effect according to the billing cycle and plan terms displayed at checkout

By purchasing a subscription, you acknowledge and agree to this policy.

5. Cookies and Tracking Technologies

We use cookies for the following purposes:

5.1 Strictly Necessary Cookies (No Consent Required)

We use a single authentication cookie (authToken) to keep you securely logged in. This cookie:

  • Contains a signed JSON Web Token (JWT) that identifies your session
  • Is stored as an HttpOnly cookie, meaning it is never accessible to JavaScript — protecting against cross-site scripting (XSS) attacks
  • Is used solely for authentication — we do not use it to track your behaviour, build profiles, or share data with third parties
  • Expires after 7 days of inactivity and is cleared when you log out

Under GDPR, the ePrivacy Directive, and equivalent regulations, strictly necessary cookies are exempt from consent requirements because the service cannot function without them. No cookie consent banner is shown for this cookie.

5.2 Local Storage

We use your browser's localStorage to temporarily save your QR code design preview as you work. This data:

  • Contains only design configuration (colours, shapes, layout preferences) — no personal or sensitive information
  • Never leaves your device and is never transmitted to our servers
  • Is used solely to preserve your in-progress work between page reloads
  • Can be cleared at any time through your browser settings

This is strictly functional storage required to provide the design experience you requested. No consent is required under applicable regulations.

5.3 Third-Party Cookies

On certain pages, third-party services may set their own cookies:

  • Google AdSense: Serves advertisements on free-tier pages. Google may use cookies to personalise ads based on your browsing behaviour. See Google's Privacy Policy for details.
  • Google OAuth: If you sign in with Google, Google sets its own authentication cookies governed by Google's privacy policy.

You may manage or disable third-party cookies through your browser settings. Disabling our authentication cookie will prevent you from staying logged in.

6. Data Sharing and Disclosure

We do not sell your personal information.

We may share information only:

  • With trusted service providers who assist in operating our Services
  • To comply with legal obligations or lawful requests
  • To protect the rights, safety, and security of AddToQR.Com, users, or the public

All third parties are required to handle data securely and in compliance with applicable laws.

7. Data Security

We take reasonable and appropriate measures to protect user information, including:

  • Encryption of sensitive data
  • Secure servers and access controls
  • Regular monitoring and security updates

However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Data Retention

We retain personal data only for as long as necessary to:

  • Provide our Services
  • Comply with legal, accounting, or regulatory requirements
  • Resolve disputes and enforce agreements

9. Your Rights

Depending on your location, you may have rights to:

  • Access, update, or delete your personal information
  • Restrict or object to certain processing activities
  • Withdraw consent where applicable
  • Request erasure of your account and personal data (Right to Erasure — GDPR Art. 17)

You may exercise your right to erasure at any time by deleting your account directly from your Profile Settings page, or by contacting us at the email address below. See Section 9.1 for full details on what happens when your account is deleted.

9.1 Account Deletion & Right to Erasure (GDPR Art. 17)

You may permanently delete your account at any time from your Profile Settings page. This process is designed to comply with GDPR Article 17 (Right to Erasure). The following describes exactly what we delete, anonymise, or retain:

Data permanently deleted immediately:

  • Your linked OAuth identities (e.g. Google sign-in connection)
  • All saved addresses
  • All social media links in your personal link bank
  • All media files you uploaded (images, logos) — purged from our cloud storage

QR codes — soft-deleted:

  • All active QR codes are deactivated and their landing pages will stop working immediately.
  • QR code records are retained in an anonymised form solely to anchor the legal payment history chain, as required by GDPR Art. 17(3)(b).

Your account row — anonymised:

  • Your email address is replaced with an opaque internal identifier (not your real email)
  • Your name and password are permanently cleared
  • The account is flagged as deleted and cannot be reactivated

Data retained for legal obligations (GDPR Art. 17(3)(b)):

  • Stripe customer records, subscription plan records, and payment receipts are retained for financial and legal compliance purposes.
  • These records are no longer linked to your real name or email address following deletion.

No Refund on Deletion: Deleting your account does not entitle you to a refund of any subscription fees paid or any remaining subscription period. By proceeding with account deletion, you acknowledge this policy. Please refer to our Terms and Conditions for full details.

Account deletion is permanent and irreversible. We cannot restore deleted accounts or recover any data after deletion has been completed. If you have questions about this process, contact us before proceeding.

10. Children's Privacy

AddToQR.Com is not intended for children under the age of 13. We do not knowingly collect personal information from children.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Services constitutes acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

Email: [email protected]

By using AddToQR.Com, you acknowledge that you have read, understood, and agree to this Privacy Policy.