PRIVACY POLICY

Last Updated: 02/03/2026

Effective Date: 02/03/2023

1. INTRODUCTION

Welcome to qr8.tech (“we,” “our,” or “us”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://qr8.tech/ (the “Site”) and use our link aggregation and digital identity services (collectively, the “Services”).

Given the global nature of our user base, this Policy is designed to comply with major international frameworks, including the General Data Protection Regulation (GDPR) for European users, the California Consumer Privacy Act (CCPA/CPRA) for US users, and other applicable international standards.

By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

2. INFORMATION WE COLLECT

We collect information to provide our services, improve user experience, and ensure the security of our platform.

A. Information You Provide to Us

  • Account Registration Data: When you register for an account, we collect your email address, username, password (encrypted), and potentially your name.
  • Profile Content: This includes the text, images, social media handles, URLs, and other content you voluntarily upload to your public qr8.tech profile. Note: Any information you post on your public profile is available to anyone with internet access.
  • Payment Information: If you subscribe to a paid tier, our third-party payment processors (e.g., Stripe, PayPal) collect your billing information. We do not store full credit card numbers on our servers.
  • Communications: Information sent when you contact our support team.

B. Information Collected Automatically

  • Usage Data & Analytics: We collect data regarding how you and visitors to your profile interact with the Services. This includes click-through rates, time spent on page, link performance, and navigation paths.
  • Device & Log Data: We automatically record information such as your IP address, browser type, operating system, device information, referring/exit pages, and timestamps.
  • Cookies and Tracking Technologies: We use cookies, beacons, and pixels to authenticate users, prevent fraud, and analyze site performance. (See our Cookie Policy for details).

3. HOW WE USE YOUR INFORMATION

We process your data for the following specific purposes:

  1. Service Provision: To create and manage your account, render your link profile, and generate QR codes.
  2. Analytics for Users: To provide you (the account holder) with statistics regarding who is visiting your links (e.g., “100 clicks from Instagram”).
  3. Platform Improvement: To debug, optimize, and improve the functionality of qr8.tech.
  4. Security: To detect and prevent fraud, spam, abuse, and security incidents.
  5. Communications: To send you administrative information, such as policy changes or account verification emails.
  6. Legal Compliance: To comply with applicable laws and lawful requests from public authorities.

4. LEGAL BASES FOR PROCESSING (GDPR/UK GDPR)

For users in the European Economic Area (EEA) and the United Kingdom, we rely on the following legal bases to process your personal data:

  • Performance of Contract: Necessary to provide the Services you signed up for.
  • Legitimate Interests: Necessary for our legitimate business interests (e.g., improving the service, security, fraud prevention), provided these do not override your fundamental rights.
  • Consent: Where you have given explicit consent (e.g., for marketing newsletters or non-essential cookies).
  • Legal Obligation: Necessary to comply with a legal obligation (e.g., retaining records for tax purposes).

5. DISCLOSURE OF YOUR INFORMATION

We do not sell your personal data. We may share information in the following situations:

  • Service Providers: With third-party vendors who provide services such as hosting (e.g., AWS, Google Cloud), email delivery, customer support, and analytics. These parties are bound by data processing agreements to protect your data.
  • Business Transfers: In connection with a merger, sale of company assets, financing, or acquisition of all or a portion of our business.
  • Legal Requirements: If required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

6. INTERNATIONAL DATA TRANSFERS

As qr8.tech operates globally, your personal data may be transferred to, stored, and processed in countries other than your own, specifically [Insert Country of Server Location, e.g., the United States].

To ensure your data remains protected when transferred outside of the EEA, UK, or Switzerland, we rely on:

  • Adequacy Decisions: Transfers to countries deemed to offer an adequate level of protection by the European Commission.
  • Standard Contractual Clauses (SCCs): We utilize the European Commission’s Standard Contractual Clauses for transfers to third-party providers in countries without an adequacy decision.

7. YOUR DATA PROTECTION RIGHTS

Depending on your location, you may have specific rights regarding your personal data.

A. For Users in the EEA/UK (GDPR)

  • Right to Access: Request copies of your personal data.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data.
  • Right to Restrict Processing: Request we limit how we use your data.
  • Right to Data Portability: Request transfer of your data to another organization.
  • Right to Object: Object to our processing of your data based on legitimate interests.

B. For Users in California (CCPA/CPRA)

  • Right to Know: Request details about the categories and specific pieces of personal information we collect.
  • Right to Delete: Request deletion of your personal information.
  • Right to Opt-Out: You have the right to opt-out of the “sale” or “sharing” of personal information (as defined by CCPA).
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights: Please contact us at [Insert Contact Email]. We will respond to your request within the timeframe required by applicable law (usually 30 days).

8. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Account Data: Retained as long as your account is active.
  • Log Data: Retained for [e.g., 12 months] for security auditing.
  • If you delete your account, we generally delete your data within [e.g., 30 days], primarily retaining only what is required by law.

9. CHILDREN’S PRIVACY

Our Services are not intended for individuals under the age of 13 (or 16 in certain EEA jurisdictions). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

10. SECURITY OF DATA

We use administrative, technical, and physical security measures to help protect your personal information (e.g., HTTPS encryption, database hashing). However, please be aware that no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification.

12. CONTACT US

If you have questions or comments about this Policy, or if you wish to exercise your rights, please contact us at:

Entity Name: [Insert Legal Business Name]

Email: [Insert Support Email, e.g., privacy@qr8.tech]

Address: [Insert Physical Mailing Address]

Data Controller / Data Protection Officer (DPO) Reference

If legally required in your jurisdiction or by the volume of your data processing, list your DPO contact details here.

Scroll to Top