Privacy Policy

QRtrackr ("we," "our," or "us"), a trackrLabs product, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QR code, short link, and Smart Pages service, and when you visit our marketing website.

Account information

When you create an account, we collect:

• Email address
• Password (encrypted)
• Account preferences and settings

Usage data

When you create and use QR codes, short links, or Smart Pages, we collect:

• Campaign names and descriptions
• Destination URLs and routing rules
• QR code customization settings
• Smart Page content (contact details, links, and styling you add)
• Notes and metadata you add to campaigns, codes, links, or pages

Scan & click analytics

When someone scans a QR code, clicks a short link, or opens a Smart Page, we collect:

• Timestamp of the scan, click, or visit
• Device type (mobile, desktop, tablet) and operating system
• Browser type and version
• Approximate geographic location (city, region, country) derived from IP address
• Referrer information and whether the visit came from a QR scan or a shared link

We anonymize IP addresses before storing them (the final segment is dropped) and use the full address only momentarily to derive approximate location — we do not retain raw IP addresses.

Marketing site analytics

When you visit our marketing website (qrtrackr.com), we record anonymized visit data to understand how people discover us. This includes the page visited, the referring website, any UTM campaign parameters in the link, a randomly generated visitor identifier stored in your browser (not tied to your identity), and an approximate device type and country. We do not store your IP address from these visits.

Payment information

Payment processing is handled by Stripe. We do not store your card details. Stripe collects and processes payment information according to its own privacy policy.

We use the collected information to:

• Provide, operate, and maintain the Service
• Process your transactions and manage subscriptions
• Generate analytics and insights for your campaigns
• Measure how our marketing reaches new customers
• Send you technical notices, updates, and support messages
• Respond to your comments, questions, and support requests
• Improve and optimize the Service
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations

We do not sell your personal information. We may share your information in the following circumstances:

• Service providers: we use third-party services including Supabase (database and authentication), Vercel (hosting), and Stripe (payment processing). These providers access your information only to perform tasks on our behalf and are obligated to protect it.
• Legal requirements: we may disclose your information if required by law or in response to valid requests by public authorities.
• Business transfers: if we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We retain your account information and analytics data for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete your personal information and associated data within 30 days, except where we are required to retain it for legal or regulatory purposes.

We implement appropriate technical and organizational security measures — including row-level access controls and encryption in transit — to protect your information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

You have the right to:

• Access and review your personal information
• Update or correct your account information
• Delete your account and associated data
• Export your data
• Opt out of marketing communications
• Object to processing of your personal information

You can exercise these rights through your account settings or by contacting us.

We use a small number of cookies and similar technologies. These include essential cookies that keep you signed in, and a first-touch attribution cookie set when you visit our marketing site, which records the referral source of your visit for up to 90 days so we can understand which channels bring new customers. On your first visit we ask for your consent before setting that non-essential cookie; if you decline, it is not set and no marketing analytics are recorded. We do not use third-party advertising cookies. You can also instruct your browser to refuse cookies, though some features may not function properly without them.

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using the Service, you consent to this transfer.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.