Home/Privacy Policy

Privacy Policy

Last updated: 1 May 2026

At Unqode SmartQR, we handle your data like we'd want our own handled — with care, transparency, and no funny business. This policy explains what we collect, why we collect it, and what we do (and don't do) with it.

1. What we collect

We collect information you provide directly: your name and email when you sign up, and any content you enter to create QR codes. We also collect usage data automatically — which features you use, how often, and from what device — to help us improve the product.

For dynamic QR codes, we collect scan metadata: timestamp, device type, operating system, and approximate geographic location (country/city, derived from IP address). We do not store the exact IP address of people scanning your QR codes.

2. How we use it

We use your data to run Unqode SmartQR — authenticating you, generating and serving your QR codes, and showing you analytics. We also use usage data to understand how people use the product and where we should improve it.

We do not sell your personal data to third parties. We do not use your data for advertising. We do not share it with anyone who doesn't need it to operate the service.

3. Data we share with third parties

We use a small number of trusted services to operate Unqode SmartQR: Supabase for database and authentication, and standard cloud infrastructure providers. These providers process data only as instructed by us and cannot use it for their own purposes.

If you pay for a plan, payment is processed by Razorpay. We never see your full card number.

4. QR scan analytics

When someone scans a dynamic QR code you've created, we record the event with: timestamp, device type (iOS, Android, Desktop), operating system, country and city (derived from IP), and which QR code was scanned. This data is attributed to your account and is visible on your analytics dashboard.

We do not retain the raw IP address of scan visitors. Geographic data is derived and the IP is discarded.

5. Cookies

Unqode SmartQR uses essential cookies to keep you logged in and maintain session state. We do not use tracking or advertising cookies. We do not use third-party analytics cookies (our usage data is collected server-side).

If you're a Pro or Business user who has enabled retargeting pixels, those pixels (Google, Facebook, etc.) set their own cookies on your QR code scan pages. You're responsible for disclosing this to your end users in compliance with applicable laws.

6. Your rights

You can export all your QR code data from the Settings page at any time. To delete your account entirely, email hello@unqode.com from your account address — we'll permanently remove all your data.

If you're in the EU or UK, you have rights under GDPR including access, rectification, erasure, portability, and objection. Email us at privacy@unqode.com to exercise any of these rights.

7. Data retention

We keep your account data for as long as your account is active. If you delete your account, we permanently delete your data within 30 days.

Aggregate analytics data (total scan counts, no personal identifiers) may be retained for internal reporting purposes.

8. Security

All data is encrypted in transit (TLS 1.2+) and at rest. We use Supabase's managed infrastructure which maintains SOC 2 Type II compliance. Passwords are hashed using bcrypt and never stored in plaintext.

Despite our best efforts, no system is 100% secure. If you discover a security vulnerability, please report it responsibly to security@unqode.com.

9. Changes to this policy

If we make material changes to this policy, we'll notify you by email and update the "last updated" date below. Continuing to use Unqode SmartQR after we notify you constitutes acceptance of the updated policy.

10. Contact

Questions about this policy? Email privacy@unqode.com. We're real people and we'll actually respond.