Privacy Policy
Last updated: June 20, 2026
Qrious provides QR-code generation, file sharing, analytics and subscription services. This policy explains how the service processes personal data under the GDPR and applicable Romanian law.
Data we process
- Account information such as email address, profile name and authentication events.
- QR titles, destinations, design settings and files uploaded by the account owner.
- Subscription identifiers and billing status received from Stripe. Qrious does not store complete card details.
- Scan timestamp, approximate country/city, browser and device category. Raw scanner IP addresses are not stored.
- Messages submitted through the Contact form.
Why we process it
We process data to provide and secure the service, authenticate users, deliver QR content, enforce plan limits, process subscriptions, provide scan analytics, answer support requests and prevent abuse.
Processors
Qrious uses Supabase for authentication, database and private storage, Stripe for payments and subscription management, and hosting infrastructure for delivering the application. These providers process data under their own security and data-processing terms.
Scan privacy
Every visit to a dynamic Qrious short link counts as a scan. A daily HMAC hash derived from network and browser signals estimates unique visitors without retaining the raw IP address. Location is approximate and may be unavailable.
Retention
Account, QR and uploaded-file data is retained while the account or service relationship remains active. Scan events and billing records may be retained as needed for analytics, security, legal and accounting obligations. Contact messages are retained only as long as reasonably necessary to resolve the request.
Your GDPR rights
You may request access, correction, deletion, restriction, portability or objection where applicable. You may also complain to the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP).
Contact
Until a dedicated legal email address is published, submit privacy and deletion requests through the Qrious Contact page. Verification may be required before account data is disclosed or deleted.
This is an operational product draft and should be reviewed by qualified Romanian legal counsel before commercial launch.