ProductSolutionsBlogScannerDevelopersPricingGet started
Legal

Privacy Policy

We collect as little as possible, store it carefully, and never sell it. Here's exactly what that means.

Last updated · June 1, 2026

This policy explains what QRs.bd (“we”, “us”) collects when you use our website, app and redirect engine, and the choices you have.

Overview

QRs.bd is a QR code and short-link platform. We process two broad categories of data: account data you give us when you sign up, and scan data generated when someone scans a code or clicks a link you created. We are the data controller for both.

What we collect

  • Account details — name, email and hashed password (or your OAuth provider identifier).
  • Workspace content — the QR codes, short links, destinations, designs and smart rules you create.
  • Billing data — handled by our payment processor; we store only a customer reference and plan status, never full card numbers.
  • Product usage — basic logs needed to operate the service and prevent abuse.

Scan analytics

When a visitor scans one of your codes, our edge records the event so you can see what's working. We are deliberately privacy-first here:

  • We derive a daily-rotating hashed identifier — we do not store raw IP addresses.
  • We record coarse location (country, region, city), device type, browser language and referrer.
  • Bots and vulnerability scanners are filtered at the edge and never counted.

This means analytics cannot be tied back to an individual visitor across days, and your scan counts stay clean.

How we use data

  • To run the redirect engine and deliver scan analytics to you.
  • To operate, secure and improve the product.
  • To send essential service and billing emails.
  • To meet legal and tax obligations.

We do not use your scan data to build advertising profiles, and we never sell personal data.

Sharing

We share data only with the processors needed to run the service — hosting and edge infrastructure, our payment processor, and transactional email. Each is bound by contract to protect your data. We may also disclose data where required by law.

Retention

Account and workspace data is kept while your account is active. Scan analytics are retained according to your plan's analytics window. When you delete content or close your account, we remove the associated data within 30 days, except where we must retain records for legal reasons.

Your rights

Depending on where you live, you may have the right to access, correct, export or delete your personal data, and to object to certain processing. You can manage most of this directly in your dashboard, or email us to exercise any right.

Contact

Questions about privacy? Reach us at [email protected] or through the support page. See also our Terms of Service.