Design QR Codes

Privacy policy

Last updated: June 2026

We try to keep this short and readable. Below is what we collect, what we use it for, and who we share it with. If anything is unclear, email [email protected].

Who we are

Design QR Codes is an independently run service. Contact: [email protected].

What we collect

  • Account info. When you sign in with Google, we receive your email address and basic profile fields from Google. We use these to identify your account and tie credits to it.
  • Content you create. The text and URLs you encode, the logos you upload, the style prompts you write, and the QR images we generate for you. These are stored so you can come back to your history.
  • Payments. When you buy credits, payment is processed by Stripe. We receive the result (success or failure) and a Stripe customer reference. Card numbers never touch our servers.
  • Server logs. Standard request logs (IP address, user agent, timestamps) are kept short-term to operate the service, debug issues, and prevent abuse.
  • Analytics. Aggregated page views and basic usage events via Google Analytics, used to understand what people use and what to improve.

What we use it for

We use your data to provide the service: run the generator, manage credits, show your history, process payments, and prevent abuse. We do not use your data for advertising, and we do not sell, rent, or trade it.

Who processes data on our behalf

To run the service we rely on a small set of third-party processors:

  • Google for sign-in (Firebase authentication) and for processing the inputs that generate the AI-designed QR variants. When you generate a design, your prompt and the source QR image are sent to Google for processing.
  • Stripe for payment processing.
  • Hosting providers that run our web and API servers.
  • Cloudflare as a CDN and edge network in front of our site. Cloudflare sees request metadata (IP, user agent) to route traffic and protect against abuse.
  • Google Analytics for aggregated usage analytics.

Each of these has its own privacy practices, and we only send them the data they need to do their job.

Cookies

We use cookies that are technically necessary to keep you signed in and to remember the inputs in the generator across visits. Google Analytics sets its own cookies for aggregated measurement. We do not use advertising or cross-site tracking cookies.

How long we keep data

We keep account data and generation history for as long as your account exists. Server logs are kept short-term. You can request deletion at any time by emailing the address below, and we will remove your account and associated data within a reasonable timeframe.

Your rights

You have the right to access the data we hold about you, to correct it, to have it deleted, to receive a copy in a portable format, to restrict or object to certain processing, and to complain to a data protection supervisory authority. To exercise any of these rights, write to [email protected].

International transfers

Some of our processors (Google, Stripe) operate globally and may process data outside the EU under appropriate safeguards such as Standard Contractual Clauses.

Changes to this policy

When we change this policy, we update the date at the top. For material changes that affect how we use your data, we will surface the change in the app.

Contact

Any privacy question, request, or concern goes to [email protected].

← Back to the generator