Privacy Policy

Effective Date: July 11, 2025

1. Introduction

This Privacy Policy describes how SupaQR ("we", "us", or "our") collects, uses, and shares your personal information when you use our website located at https://supaqr.com and related services (collectively, the "Service").

SupaQR provides a platform for generating QR codes, creating short links, and sharing documents. By accessing or using our Service, you consent to the practices described in this Privacy Policy.

2. Information We Collect

We collect the following types of information:

Information You Provide Directly

  • Account Information: When you create an account, we collect your email address and authentication details from third-party providers (Google, GitHub).
  • Content: QR codes you generate, short links you create, and documents you upload to our platform.
  • Communications: Information you provide when contacting customer support.

Automatically Collected Information

  • Usage Data: Information about your interactions with our Service, including pages visited, features used, and time spent.
  • Device Information: IP address, browser type, operating system, and device identifiers.
  • Location Data: Approximate location derived from your IP address.

3. Use of Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our Service
  • To authenticate users and secure accounts
  • To process your requests and deliver services
  • To communicate with you about your account, security updates, and service changes
  • To analyze usage patterns and improve our platform
  • To prevent fraud, abuse, and security incidents
  • To comply with legal obligations

4. Sharing Information

We may share your information in the following circumstances:

  • With Your Consent: When you direct us to share your information
  • Service Providers: With third parties who perform services on our behalf
  • Legal Requirements: To comply with laws, regulations, or legal processes
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Protection of Rights: To protect the rights, property, or safety of SupaQR, our users, or others

5. Third-Party Services

We use the following third-party service providers who process data on our behalf:

Supabase

Provides backend services including database management, authentication, and file storage. Processes user account information and stored files.

Cloudflare

Provides content delivery network (CDN) services, DDoS protection, and security services. Processes network traffic data and IP addresses.

Resend

Provides email delivery services. Processes email addresses and communication content for transactional emails.

Google Analytics

Provides website analytics services. Processes usage data through cookies and similar technologies to help us understand how visitors use our site.

Note: When you authenticate using third-party services (Google, GitHub), those services will share certain profile information with us as described during the authentication process. We do not control and are not responsible for the privacy practices of these third-party platforms.

6. Data Retention

We retain your information as follows:

  • Account Information: Retained for as long as your account is active and for a reasonable period thereafter to comply with legal obligations.
  • Generated Content: QR codes and short links are retained indefinitely unless deleted by you.
  • Uploaded Documents: Files are stored permanently unless actively deleted by the user or upon account termination.
  • Usage Data: Retained for up to 26 months for analytical purposes.

You can request deletion of your data at any time by contacting us or through your account settings.

7. User Rights

Depending on your location, you may have certain rights regarding your personal information:

All Users

  • Access and review your personal data
  • Correct inaccuracies in your personal data
  • Delete your personal data
  • Withdraw consent where processing is based on consent

California Residents (CCPA Rights)

Under the California Consumer Privacy Act (CCPA), California residents have the right to:

  • Know what personal information is collected, used, shared, or sold
  • Request deletion of personal information
  • Opt-out of the sale of personal information (we do not sell personal information)
  • Non-discrimination for exercising CCPA rights

To exercise any of these rights, please contact us using the information in the "Contact Us" section below. We will respond to your request within 45 days as required by law.

8. Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls to limit internal access to personal data
  • Secure authentication practices

Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but we continually work to maintain protection of your data.

9. Children's Privacy

Our Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected personal information from a child under 13, we will delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Effective Date" at the top indicates when this policy was last revised. We will notify users of material changes through our Service or via email.

We encourage you to periodically review this page for the latest information on our privacy practices.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us:

Email: support@supaqr.com

For privacy-specific concerns, please include "Privacy Policy Inquiry" in your subject line.