개인정보 보호 정책

Last updated: May 24, 2026

At QRSansar, we are committed to protecting your privacy and ensuring the security of any personal information you share with us. This Privacy Policy explains how we collect, use, and protect your information when you use our services, including compliance with GDPR, Google, and social platform policies.

1. Information We Collect

We collect the following types of information:

a. Personal Information (when users sign in):

• Social Logins: When you sign in via Google, Facebook, or Microsoft, we collect your email address and public profile data (name and profile picture) as permitted by the respective platform.
• Account Information: If you create an account, we retain your name, email address, profile picture, account tier, and any QR codes or content you generate or save.
• Newsletters: You may choose to opt in or out of receiving our newsletters. If opted in, we will retain your email for communication purposes.

b. Automatically Collected Information:

• Cookies: We use cookies to manage your session and improve your experience. See our Cookie Policy for details.
• Google Analytics: We use Google Analytics to monitor and analyze traffic and user behavior on our website. This helps us improve our services. Google Analytics collects anonymized data such as browser type, pages visited, time spent on the site, and more.
• Cloudflare Analytics: As our hosting provider, Cloudflare may collect basic request-level data (IP address, user agent) for security and performance purposes.

c. QR Code Data:

• Static QR Codes: QR codes generated without logging in are created entirely in your browser. No data is sent to or stored on our servers.
• Dynamic QR Codes: If you create dynamic QR codes, the target URL and scan analytics (scan count, last scanned date) are stored on our servers so we can provide redirect and tracking functionality.
• Bulk QR Generation: When using our Bulk QR feature, your CSV data is processed entirely in your browser. No uploaded data is sent to our servers.

d. Document Uploads:

• If you use our Document QR feature, uploaded files are stored securely on Cloudflare R2 storage. Documents are associated with your account and can be deleted at any time from your dashboard.

e. Landing Pages:

• If you create landing pages using our Page Builder, the page content (title, bio, links, theme, avatar URL) is stored on our servers. Public landing pages are accessible via their unique URL and display a view counter.

f. Payment Information:

• Payments for paid plans are processed by Polar, our payment provider. QRSansar does not collect or store your credit card or bank details. Polar collects and processes payment data directly in accordance with their Privacy Policy. We receive only a transaction confirmation and your email address from Polar.

2. How We Use Your Information

We use the information collected to:

• Provide and improve our services, including QR code generation, dynamic QR tracking, and landing pages.
• Manage your account, including storing your generated QR codes and documents.
• Send you transactional emails (welcome emails, account notifications) via our email service provider.
• Send you newsletters if you opt-in to receive them.
• Monitor website performance and user behavior via Google Analytics.
• Ensure security via Cloudflare Turnstile verification on forms.
• Process payments and manage subscriptions through Polar.

3. Cookies and Tracking Technologies

We use cookies for the following purposes:

• Session Cookies: Essential for authentication. We use an HttpOnly cookie (qrs_session) to maintain your login session securely.
• Analytics Cookies: Used by Google Analytics to collect and analyze anonymous data on how users interact with the site.
• Security Cookies: Used by Cloudflare Turnstile to verify human users on forms (contact, login).
• Advertising Cookies: Used by Google AdSense to display personalized ads.
• Payment Cookies: Used by Polar during the checkout process to manage payment sessions and prevent fraud.

For full details, see our Cookie Policy. You may disable cookies through your browser settings, but disabling certain cookies may impact your user experience.

4. Third-Party Services

We integrate the following third-party services:

• Google Analytics: For analyzing website usage and improving our services.
• Google AdSense: For displaying ads. Google may collect data for personalization and ad-targeting purposes.
• Google, Facebook, and Microsoft Social Logins: For authentication. When you log in via these platforms, your public profile data is shared with us according to their privacy policies.
• Cloudflare: For hosting, CDN, security (Turnstile CAPTCHA), and storage (R2 for document uploads, D1 for database).
• Mailtrap: For sending transactional emails (welcome emails, notifications). Only your email address and name are shared with this service.
• Polar: For payment processing and subscription management. Polar handles all billing and checkout on our behalf.

Each third-party service adheres to its own privacy policies, and we recommend reviewing these policies to understand how your data may be used.

5. Your Data Rights (GDPR Compliance)

Under GDPR, you have the following rights:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct any incorrect or incomplete data.
• Right to Erasure: You can delete your account and any associated data (QR codes, documents, landing pages) by visiting your profile page or contacting us directly. See our User Data Deletion Policy.
• Right to Withdraw Consent: If you opted in to newsletters or other communications, you may withdraw your consent at any time.
• Right to Data Portability: You can request your data in a commonly used format.

If you use the service without signing in, no personal information is collected or stored. All QR code generation happens locally in your browser.

6. Data Storage and Security

• Database: User accounts, QR codes, dynamic QR data, and landing pages are stored in Cloudflare D1 (SQLite-based edge database).
• File Storage: Uploaded documents are stored in Cloudflare R2 object storage with unique identifiers.
• Authentication: Session tokens are generated using industry-standard cryptographic methods and stored as HttpOnly, Secure cookies to prevent unauthorized access.
• Encryption: All data is transmitted over HTTPS/TLS encryption.

We use industry-standard security measures to protect your personal information. However, no online platform can guarantee complete security, and you use our services at your own risk.

7. Data Retention

We retain your personal data only for as long as necessary to provide the services or as required by law. Specifically:

• Account data is retained until you delete your account, or until it is removed under our inactivity policy — see our Data Deletion & User Rights page.
• Dynamic QR code data and scan analytics are retained while the QR code is active.
• Uploaded documents are retained until you delete them or your account.
• Landing pages are retained until you delete them or your account.

When you delete your account or exercise your right to erasure, we remove your personal data from our active systems within 30 days. Residual copies may remain in encrypted backups for up to 90 days after deletion, after which they are overwritten in the normal backup-rotation cycle. We may retain a minimal, anonymised record (for example, a hashed email) where required to honour suppression lists, prevent abuse, or comply with legal, tax, or accounting obligations.

8. Google AdSense Compliance

We comply with Google AdSense policies by ensuring:

• We do not collect personally identifiable information without user consent.
• Ads displayed on our platform are compliant with Google's ad-serving policies.
• We use Google AdSense to show targeted ads. Google may use cookies to personalize ads based on your interests.

You can opt out of personalized ads by visiting Google's Ads Settings.

9. Children's Privacy

QRSansar is not directed at children. We do not knowingly collect personal data from children under the age of 13, or under the higher minimum digital-consent age set by applicable law in your jurisdiction. Examples of the local minimum age include:

• United States — 13 (COPPA).
• United Kingdom — 13 (UK GDPR / Age Appropriate Design Code).
• European Economic Area — 16 by default under the GDPR, with member states permitted to lower it to as low as 13 (e.g. Belgium, Denmark, Estonia, Finland, Latvia, Malta, Norway, Portugal, Sweden, the UK pre-Brexit baseline) or set it at 14 (e.g. Austria, Bulgaria, Cyprus, Italy, Lithuania, Spain) or 15 (e.g. Czech Republic, France, Greece, Slovenia).
• Brazil — 13 (LGPD, with parental consent required for under-18s in certain contexts).
• South Korea — 14 (PIPA).
• India — 18 (DPDPA — parental consent required for all minors).
• Other jurisdictions — whatever age your local data-protection law specifies.

If you are below the applicable minimum age, please do not use QRSansar or provide us with any personal information. If you believe a child has provided us with personal data, please contact us via our Contact page and we will take steps to delete it promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will notify you by updating the "Last updated" date at the top of this page.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or your personal data, please reach us via our Contact page.