Privacy Policy

1. Introduction

Welcome to QRCOD3 ("we," "us," "our," or "Company"). QRCOD3 is a QR code generation, tracking, and analytics platform operated by Customer ID Solutions. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website at qrcod3.com (the "Site"), use our services (the "Services"), or interact with our QR codes.

By accessing or using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

• Register for an account: Name, email address, company name, phone number, billing address
• Subscribe to our services: Payment information (processed securely through third-party payment processors)
• Contact us: Name, email address, phone number, and any information you choose to include in your message
• Use our API: API keys, authentication credentials, technical specifications
• Create QR codes: Destination URLs, custom slugs, titles, descriptions, campaign metadata

2.2 Information Collected Automatically

When you access our Services or scan a QR code generated through our platform, we automatically collect certain information:

• Device Information: Device type (mobile, tablet, desktop), operating system, browser type and version, screen resolution
• Connection Information: IP address, internet service provider, connection type
• Location Information: Geolocation data derived from IP address (country, region, city, approximate coordinates)
• Scan Data: QR code scanned, timestamp of scan, referring URL or source
• Usage Data: Pages visited, features used, time spent on pages, click patterns, navigation paths
• Technical Data: User agent string, HTTP headers, session identifiers

2.3 Tracking and Analytics Data

We use advanced analytics through our integration with Project Crumb, an enterprise-grade marketing analytics platform. This integration collects:

• Behavioral Data: User interactions, engagement patterns, conversion events
• Attribution Data: Marketing channel sources, campaign parameters, referral information
• Device Fingerprinting: Unique device identifiers for fraud prevention and analytics accuracy
• Session Data: Session duration, bounce rates, page views per session

2.4 Information from Third Parties

We may receive information about you from third parties, including:

• Business partners and integration partners (LMap, Groxio, Cheap Direct Mail)
• Payment processors for transaction verification
• Data enrichment services for business intelligence
• Social media platforms if you choose to connect your account

3. How We Collect Information

3.1 Direct Collection

We collect information directly from you when you fill out forms, create an account, or communicate with us through our website, email, or phone.

3.2 Automatic Collection Technologies

We use various technologies to automatically collect information:

• Cookies: Small text files stored on your device to remember your preferences and track your usage
• Web Beacons: Small graphic images embedded in web pages and emails to track user behavior
• Tracking Pixels: Invisible images used to collect information about your visit
• Local Storage: Browser storage mechanisms to save data locally on your device
• Server Logs: Automatic logging of requests made to our servers
• Analytics Scripts: JavaScript code that monitors and reports on user interactions

3.3 QR Code Scan Tracking

When an end-user scans a QR code generated through our platform, our system automatically captures:

• The QR code identifier
• Timestamp of the scan
• IP address and derived geolocation
• Device type and browser information
• Referring source (if available)

This data is then redirected to the destination URL while we process the analytics information in the background.

4. How We Use Your Information

We use the information we collect for the following purposes:

4.1 To Provide and Maintain Our Services

• Create and manage your account
• Process your transactions and send you related information
• Generate and manage QR codes
• Provide QR code tracking and analytics
• Deliver customer support and respond to your requests
• Process API requests and manage API access

4.2 To Improve and Optimize Our Services

• Analyze usage patterns and trends
• Conduct research and development
• Test new features and functionality
• Monitor and analyze the effectiveness of our Services
• Improve user experience and interface design

4.3 To Communicate With You

• Send you technical notices and security alerts
• Provide customer service and support
• Send you marketing and promotional communications (with your consent)
• Respond to your inquiries and requests
• Send you updates about our Services

4.4 To Ensure Security and Prevent Fraud

• Detect, prevent, and address fraud and security issues
• Monitor for suspicious activity
• Verify user identity and prevent unauthorized access
• Comply with legal obligations and enforce our terms

4.5 For Analytics and Business Intelligence

• Generate aggregate statistics about QR code usage
• Provide you with insights and analytics about your QR code campaigns
• Create anonymized datasets for research and business analysis
• Track marketing campaign performance

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the specific information and context:

5.1 Contractual Necessity

We process your information to fulfill our contract with you, including:

• Creating and managing your account
• Providing QR code generation and tracking services
• Processing payments
• Delivering customer support

5.2 Legitimate Interests

We process your information for our legitimate business interests, including:

• Improving and optimizing our Services
• Preventing fraud and ensuring security
• Conducting analytics and business intelligence
• Marketing and promoting our Services (where not overridden by your rights)

5.3 Consent

We process certain information based on your consent, including:

• Marketing communications - provided during account creation via opt-in checkbox (you can withdraw consent at any time by unsubscribing)
• Optional analytics and tracking (you can opt-out)
• Location data collection (you can disable this in your browser)

5.4 Legal Obligations

We process your information to comply with legal obligations, such as:

• Tax and accounting requirements
• Responding to lawful requests from authorities
• Enforcing our terms and policies

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

6.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Cloud Hosting: DigitalOcean (data storage and server hosting)
• Payment Processing: Stripe, PayPal (payment transaction processing)
• Email Services: Mailgun (transactional and marketing emails)
• Analytics: Project Crumb (advanced marketing analytics and tracking)
• Customer Support: Help desk and support ticket systems

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

6.2 Business Partners and Integrations

If you use our integration features, we may share necessary information with:

• LMap (location-based marketing integration)
• Groxio (educational content integration)
• Cheap Direct Mail (direct mail campaign integration)
• E-commerce platforms (Shopify, WooCommerce, etc.)
• Marketing automation platforms (HubSpot, Mailchimp, etc.)

These integrations are subject to their own privacy policies, and we encourage you to review them.

6.3 Business Transfers

If we are involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

6.4 Legal Requirements and Safety

We may disclose your information if required to do so by law or if we believe such action is necessary to:

• Comply with legal obligations, court orders, or government requests
• Protect and defend our rights or property
• Prevent fraud or security issues
• Protect the safety of our users or the public

6.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. This includes:

• Statistical data about QR code scan trends
• Geographic distribution of scans
• Device and browser usage statistics
• Industry benchmarks and reports

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

7.1 Account Information

We retain your account information for as long as your account is active or as needed to provide you with Services. If you close your account, we will delete or anonymize your information within 90 days, except where we are legally required to retain it.

7.2 QR Code and Scan Data

QR code configuration data and scan analytics are retained for the duration of your subscription plus 12 months after subscription termination for historical reporting purposes. You may request deletion of this data at any time.

7.3 Financial Records

Transaction and billing information is retained for 7 years to comply with tax and accounting regulations.

7.4 Marketing Communications

When you create an account, you have the option to opt-in to receive marketing and promotional communications from QRCOD3 and our family of brands (Customer ID, LMap, Project Crumb, Groxio, OurLocalPrinter.com, PromoPaq, Cheap Direct Mail, VoIP Phone System). If you opt-in to marketing communications during account creation or at any time thereafter, we will retain your contact information until you unsubscribe or request deletion. You may unsubscribe at any time by clicking the unsubscribe link in any marketing email or by contacting us at support@qrcod3.com.

7.5 Legal Compliance

We may retain certain information to comply with legal obligations, resolve disputes, and enforce our agreements, even after account closure.

8. Security Measures

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

8.1 Technical Safeguards

• Encryption: Data in transit is encrypted using TLS/SSL protocols; sensitive data at rest is encrypted
• Access Controls: Role-based access controls and principle of least privilege
• Authentication: Multi-factor authentication available for user accounts
• Firewall Protection: Network-level security and intrusion detection systems
• Regular Updates: Security patches and software updates applied regularly
• Vulnerability Scanning: Regular security assessments and penetration testing

8.2 Organizational Safeguards

• Employee training on data protection and privacy
• Confidentiality agreements with staff and contractors
• Limited access to personal information on a need-to-know basis
• Incident response and breach notification procedures
• Regular security audits and compliance reviews

8.3 Your Responsibility

You are responsible for maintaining the confidentiality of your account credentials. Please notify us immediately if you suspect unauthorized access to your account.

9. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

9.1 Right to Access

You have the right to request a copy of the personal information we hold about you.

9.2 Right to Rectification

You have the right to correct inaccurate or incomplete personal information.

9.3 Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal compliance requirements).

9.4 Right to Restrict Processing

You have the right to request that we limit how we process your personal information in certain circumstances.

9.5 Right to Data Portability

You have the right to receive your personal information in a structured, machine-readable format and transmit it to another controller.

9.6 Right to Object

You have the right to object to our processing of your personal information for direct marketing purposes or based on legitimate interests.

9.7 Right to Withdraw Consent

Where we process your information based on consent, you have the right to withdraw that consent at any time.

9.8 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: privacy@qrcod3.com
• Phone: 310-362-1085
• Mail: Customer ID Solutions, QRCOD3 Privacy Team, [Address TBD]

We will respond to your request within 30 days (or as required by applicable law).

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

10.1 Right to Know

You have the right to know what personal information we collect, use, disclose, and sell (if applicable).

10.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

10.3 Right to Opt-Out of Sale

We do not sell your personal information. We do not and will not sell your personal data to third parties.

10.4 Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights.

10.5 Categories of Personal Information Collected (Last 12 Months)

• Identifiers (name, email, IP address)
• Commercial information (transaction history, purchase records)
• Internet or electronic network activity (browsing history, interactions with our Services)
• Geolocation data
• Professional or employment information (company name, job title)
• Inferences drawn from the above to create a profile about preferences and behavior

10.6 How to Submit a CCPA Request

California residents may submit a request by:

• Calling us at: 310-362-1085
• Emailing us at: privacy@qrcod3.com
• Using our online form: qrcod3.com/ccpa-request

We may require verification of your identity before processing your request.

11. Cookies and Tracking Technologies

11.1 Types of Cookies We Use

Essential Cookies

Required for the website to function properly. These cookies enable core functionality such as security, authentication, and session management.

Analytics Cookies

Help us understand how visitors interact with our website by collecting and reporting information anonymously. We use Project Crumb for advanced analytics.

Functional Cookies

Enable enhanced functionality and personalization, such as remembering your preferences and settings.

Marketing Cookies

Used to track visitors across websites to display relevant and engaging advertisements.

11.2 Managing Cookies

You can control and manage cookies through your browser settings. However, disabling certain cookies may impact your ability to use some features of our Services.

• Chrome: Settings > Privacy and Security > Cookies
• Firefox: Settings > Privacy & Security > Cookies and Site Data
• Safari: Preferences > Privacy > Cookies and Website Data
• Edge: Settings > Privacy, Search, and Services > Cookies

11.3 Do Not Track Signals

Some browsers have "Do Not Track" features that send a signal to websites requesting not to track users. We currently do not respond to Do Not Track signals, as there is no industry standard for compliance.

12. Third-Party Services and Integrations

Our Services integrate with various third-party platforms. These third parties have their own privacy policies, and we encourage you to review them:

12.1 Project Crumb Analytics

We use Project Crumb for enterprise-grade marketing analytics. Project Crumb collects and processes scan data, behavioral data, and attribution information. Learn more at: projectcrumb.com/privacy

12.2 Payment Processors

Payment information is processed by Stripe and PayPal. We do not store complete credit card information on our servers.

12.3 Email Service Provider

We use Mailgun for sending transactional and marketing emails. Mailgun's privacy policy: mailgun.com/privacy-policy

12.4 Integration Partners

• LMap: Location-based marketing services
• Groxio: Educational content platform
• Cheap Direct Mail: Direct mail campaign services

13. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

13.1 Data Location

Our servers are primarily located in the United States. By using our Services, you consent to the transfer of your information to the United States and other countries where we operate.

13.2 Safeguards for International Transfers

When transferring data internationally, we use appropriate safeguards, including:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with third-party processors
• Ensuring adequate levels of data protection as required by applicable law

13.3 EU-U.S. Data Privacy Framework

We comply with applicable data protection frameworks and regulations for transfers of personal data from the EU to the United States.

14. Children's Privacy

Our Services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16.

If we learn that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information as quickly as possible.

If you believe that we may have collected information from a child under 16, please contact us at privacy@qrcod3.com.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

15.1 Notification of Changes

We will notify you of any material changes by:

• Posting the updated Privacy Policy on our website with a new "Last Updated" date
• Sending you an email notification (if you have an account with us)
• Displaying a prominent notice on our website

15.2 Your Acceptance

Your continued use of our Services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with the updated Privacy Policy, you should discontinue use of our Services.

15.3 Review History

Previous versions of this Privacy Policy are available upon request. Contact us at privacy@qrcod3.com to request historical versions.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

16.1 Response Time

We aim to respond to all privacy-related inquiries within 30 days. For urgent matters, please call us directly at 310-362-1085.

16.2 Complaints

If you are located in the EEA and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority.

---

This Privacy Policy was last updated on December 23, 2024.
© 2024 QRCOD3. All rights reserved.