Privacy Policy

Last updated 02.02.2026.
Your privacy is highly important to us.

This Privacy Policy of our website (www.qrcodecreator.com) (the “Site” or the “Website”) operated by Convertizing LTD, a company registered at 407 Cubes 1, Beacon South Quarter, Republic of Ireland (the "Company," the “Owner” "we," "us," or "our") describes how and why we might collect, store, use, and/or share ("process") your information ("Data", "Personal Data") when you use our services (the "Services") such as following:Visit our Website atwww.qrcodecreator.com, or any website of ours that links to this Privacy Policy;Engage with us in other related ways, including any sales, marketing, or events.This Privacy Policy applies to all Personal Data we collect through the Website and to any Personal Data processed in connection with providing our Services. The sections below explain how we handle each category of data.

Table of Contents

1. What Data Do We Collect?

Among the Personal Data that the Website collects, either directly or via third parties, are the following: email address; various types of User Data; Usage Data; Cookies; first name; last name; company name; unique device identifiers for advertising; phone number; country; city; geographical location; Data communicated/uploaded while using the Services; physical address; username; ZIP/Postal code; language; device information; log information; account or billing information; and payment details.

Detailed information about each type of Personal Data collected can be found in the sections of this Privacy Policy dedicated to it or in the explanations displayed prior to Data collection.

Personal Data may be voluntarily submitted by the User or, in the case of Usage Data, automatically gathered when using the Website.

Unless stated otherwise, all Data requested by the Website is mandatory, and failing to submit this Data could prevent the Website from rendering its services. In circumstances where the Website specifically advises that certain Data is not required, Users are allowed to withhold that Data without consequences to the availability or operation of the Services. Users who are uncertain of which Personal Data is required are encouraged to contact the Owner.

Any use of Cookies – or other tracking tools – by the Website or the owners of third-party services used by the Website is for the purpose of providing the Services requested by the User, in addition to any other purposes described in this document.

Users are responsible for any Personal Data of third parties that they obtain, publish or share using the Website and confirm that they have the third party's consent to provide the Data to the Owner.

2. Why Do We Process Your Personal Data?

The Data concerning the User is collected so that the Owner can provide its Service, comply with its legal obligations, respond to law enforcement requests, pursue its legitimate interests or those of its Users or third parties. See Article 3 for additional information on purposes and legal bases for processing your Personal Data.

3. How Do We Process Your Personal Data?

Processing methods

The Company takes reasonable precautions to prevent unauthorized access, disclosure, modification, or destruction of the Data.

The Data is processed using computers and/or IT-enabled tools, in accordance with specific organizational procedures and modes that are strictly related to the purposes specified in this Policy. In addition to the Owner, the Data may in some cases be accessible to certain types of persons in charge, involved with the operation of the Website (administration, sales, advertising, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, by the Company as Data Processors. This also includes third-party service providers responsible for analyzing and/or monitoring User-uploaded content, such as photos or videos uploaded via QR Codes created through the Website, to ensure compliance with the applicable laws, regulations, internationally accepted rules, and ethical standards. The Company may be contacted at any time for an up-to-date list of these parties.

Our and any third-party services may collect files that document interaction with the Website (System logs) and use other Personal Data (such as the IP Address) for this purpose.

Legal basis of data processing

If one of the following conditions is met, the Owner may process Users' Personal Data:
Users' consent has been granted for one or more specific purposes. Note: Under certain laws, the Owner may be permitted to process Personal Data until the User objects ("opt-out") to such processing, without having to rely on consent or any of the following legal bases. This is not the case, however, whenever the processing of Personal Data is subject to European data protection law;processing is necessary for the performance of the contract to which the User is party or in order to take steps at the request of the User prior to entering into the contract;Processing is necessary for compliance with a legal obligation to which the Owner is subject;Processing is related to a task carried out in the public interest or in the exercise of official authority vested in the Owner; andProcessing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the User which require protection of personal data.In any event, the Owner will gladly assist in clarifying the specific legal basis that applies to the processing, including whether the provision of Personal Data is a statutory or contractual requirement, or a requirement essential to enter into a contract.

The Owner may use the User's Personal Data in court or in the stages leading up to possible legal action arising from inadequate use of the Website or the Services. The User acknowledges that the Owner may be obliged to reveal Personal Data at the request of public authorities.

Legal basis for processing Personal Data under the GDPR

We process your Personal Data only when we have a valid legal basis to do so under the GDPR. The specific legal basis depends on the purpose for which the Data is processed. Below we outline the main purposes of processing and the corresponding legal bases:

Processing of Special Categories of Personal Data.

We do not intentionally collect or process any special categories of Personal Data, also referred to as sensitive data. These include information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data used for the purpose of uniquely identifying a person, and data concerning health, a person’s sex life, or sexual orientation. We do not process data relating to criminal convictions and offences, unless such processing is expressly authorized by Union or Member State law or conducted under the control of an official authority, in accordance with Article 10 GDPR. The processing of such data is strictly prohibited unless one of the exceptions provided under Article 9(2) of the GDPR applies. Any processing of special categories of Personal Data will be carried out with the highest level of protection and in compliance with the principles of lawfulness, fairness, transparency, and data minimization.

If the processing of Personal Data is based on your consent, you may withdraw it at any time by contacting us at [email protected]. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. When processing is based on our legitimate interests, we ensure that such interests are balanced against your rights and freedoms. You can object to such processing at any time.

Place

The Data is processed at the Owner's operating offices and wherever else the parties involved in the processing are located.

Depending on the location of the User, data transfers may involve transferring the User's Data to a foreign country.

Users have the right to know the legal basis for Data transfers to a country outside the European Union or to any international organization governed by public international law or established by two or more countries, such as the United Nations, as well as the security measures taken by the Owner to protect their Data.

Some of our service providers and partners may be located outside the European Economic Area. Where we transfer Personal Data to a country for which the European Commission has issued an adequacy decision (such as the United Kingdom, Canada, or Japan), we rely on that decision as the legal basis for transfer. For transfers to countries without an adequacy decision, we rely on Standard Contractual Clauses adopted by the European Commission, where applicable, additional technical and organizational safeguards (such as data encryption, pseudonymization, and strict access control).

If such a transfer occurs, Users can obtain additional information by contacting the Owner via the contact information provided in the section titled "Contact."

Retention period

Personal Data shall be processed and stored for the period of time required for the original purpose for which it was collected. Accordingly:
Personal Data collected for purposes related to the terms of the contract between the Owner and the User shall be retained until the completion of such contract;Personal Data collected for the purposes of the Owner's legitimate interests shall be retained for the period of time necessary to fulfill such objectives. Users can find information about the legitimate interests pursued by the Owner in the related sections of this document or by contacting the Owner.
The Owner may be permitted to retain Personal Data for a longer period if the User has consented to such processing and consent has not been revoked. In addition, the Owner may be required to store Personal Data for a longer duration if required to do so by law or by an authority.

Personal Data shall be deleted when the retention period expires. Consequently, the right of access, the right to erasure, the right to rectification, and the right to data portability cannot be exercised after the retention period has expired.

The below is the data retentions table for each type of data:

4. Who Will Your Data be Shared With?

The User's information may be shared with various third-party service providers that perform functions essential to the operation of the Website and the delivery of Services. These third parties process information based on contractual obligations and strict privacy policies. Such third parties may include, but are not limited to:
Analytics and Performance Tools: Google Analytics, Hotjar Marketing and Advertising Partners: Google Ads Account and Identification Providers: Google Login, Microsoft Login Payment & Billing Services: Stripe, Spreedly, Trust Payments, Revolut, Butter Payments, TaxJar, Chargeback911 Contact & Communications: Intercom, Mailgun Location-based Data Services: Google Maps
This list is not exhaustive, and the Company may be contacted at any time for an up-to-date list of third parties with whom the User's information may be shared.

5. What are Your Privacy Rights?

5.1 Users have certain rights with respect to their Data being processed by the Owner. Specifically, Users are permitted to do the following:

They may withdraw their consent at any time.Users who have previously consented to the processing of their Personal Data have the right to withdraw that consent.

Objection to the processing of Data.Users have the right to object to the processing of their Data when it is carried out on the basis of a legal basis other than consent.

When Personal Data is processed in the interest of the public, in the exercise of official authority vested in the Owner, or for the reasons of the Owner's legitimate interests, Users may object by providing a reason relating to their specific situation to justify the objection.

Users may object to the processing of their Personal Data for direct marketing purposes at any time and without providing a reason. Users may refer to the relevant sections of this document to determine if the Data Controller processes Personal Data for direct marketing purposes.

Access their DataUsers have the right to learn whether Data is being processed by the Owner, to obtain information about certain aspects of the processing, and to obtain a copy of the Data undergoing processing.

We may, upon request, provide the User with additional and contextual information about specific Services or the collection and processing of Personal Data. Thus, more information about the collection or processing of Personal Data may be obtained from the Owner at any time.

Verify and seek correctionUsers have the right to request that their Data is updated or corrected and to verify its accuracy.

Restriction of Data processingUnder certain conditions, Users have the right to restrict the processing of their Data. In this instance, the Owner will not use the Data for any other purpose than storage.

Have their Personal Data deleted or removed Under certain conditions, Users have the right to obtain the removal of their Data from the Owner.

Receive their Data and transfer it to a different controller Users have the right to receive their Data in a structured, commonly used, machine-readable format and, if technically feasible, to have it transmitted without restriction to another controller. This provision applies if the Data is processed by automated means on the basis of the User's consent, a contract to which the User is a party, or pre-contractual obligations.

Lodge a complaint.Users are permitted to file a complaint with their national data protection authority.

5.2 Requests to exercise User rights should be sent to the Owner using the contact information listed in this document. These requests can be made free of charge and the Owner will respond as soon as possible, but no later than one month.

6. Do We Use Cookies and Other Tracking Technologies?

We may use cookies and other tracking technologies to collect and store your information.

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Website. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the Website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the Website or browse from one page to another. Cookies also provide information on how people use the Website, for instance, whether it’s their first time visiting or if they are frequent visitors. We use the following cookies to optimize your experience on the Website and to provide our services:

7. Information for Users Residing in California

This section of the document integrates and supplements the information contained in the rest of the Privacy Policy and is provided by us and, if applicable, our parent, subsidiaries, and affiliates (referred to collectively as "we", "us", and "our" for the purposes of this section).

According to "The California Consumer Privacy Act of 2018," the provisions in this section apply to all Users who are consumers residing in the state of California, United States of America (Users are referred to below simply as "you", "your", "yours"), and these provisions supersede any other potentially divergent or conflicting provisions contained in the Privacy Policy for such consumers.

This section of the document employs the definition of "Personal Data" as defined in the California Consumer Privacy Act (CCPA).

This section summarizes the types of Personal Data that we have collected, disclosed, or sold, as well as the purposes for which we have done so.

We collect Personal Data in the following categories:
We have gathered the following types of Personal Data about you: identifiers, commercial data, internet data, geolocation data, and inferred data. We will not collect additional categories of Personal Data about you without your permission.

What sources of Personal Data do we collect and how do we collect it?
We collect the aforementioned categories of Personal Data from you, either directly or indirectly. For example, when you submit requests via any form on the Website, you directly provide your Personal Data. When you navigate the Website, you also provide Personal Data indirectly, as Personal Data about you is automatically observed and collected. Finally, we may collect your Personal Data from third parties who assist us with the Services or the operation of the Website and its features.

How do we use the information we collect?
For business purposes, we may disclose the Personal Data we collect about you to a third party. In this case, we enter into a written agreement with the third party, requiring the recipient to keep the Personal Data confidential and not use it for any purpose(s) other than those required to carry out the agreement.

In order to provide you with our Services, we may also disclose your Personal Data to third parties if you explicitly ask or authorize us to do so. Please see the relevant section of this document for more information on the purposes of the processing.

The sale of your personal data
For the purposes of this definition, "sale" refers to any "selling, renting, releasing, disclosing, making available, transferring, or otherwise communicating orally, in writing, or electronically, a consumer's Personal Data by a business to another business or a third party for monetary or other valuable consideration."

This means, for instance, that a sale can occur if an application displays advertisements, does statistical analysis on the traffic or views, or employs social network plugins and similar tools.

Your right to opt-out of the sale of personal data
You have the option to not have your Personal Data sold. This implies that whenever you request that we cease selling your data, we will comply. These requests can be made at any time without filing a request that can be verified, by just following the guidelines below.

Instructions for declining the sale of personal data
If you would like more information or to exercise your right to opt-out of any online and offline sales conducted by the Website, please contact us using the information provided herein.

What purposes do we have for using your Personal Data?
We may use your Personal Data to ensure the proper functioning of the Website ("commercial objectives"). In such instances, your Personal Data will be processed in a manner necessary and proportional to the business objective for which it was collected, and strictly within the parameters of compatible operational reasons.

We may also use your Personal Data for other purposes, such as marketing, as well as for abiding by the law and defending our rights before the competent authorities if our rights and interests are threatened or if we suffer an actual loss.

We will not use your Personal Data without your consent for irrelevant, unrelated, or incompatible reasons.

Your privacy rights in California and how to exercise them?
The right to transparency and portability
You are permitted to request that we disclose:
The categories and sources of the Personal Data we collect about you, the purposes for which we use that information, and with whom we share it;In case of sale of Personal Data or disclosure for a commercial purpose, two separate lists where we disclose:For sales, the Personal Data categories purchased by each category of recipient;For disclosures for a business purpose, the personal data categories obtained by each category of recipients.
Providing this is technically feasible if we deliver our response electronically, the enclosed information will be "portable," meaning it will be delivered in an easily usable format that will allow you to transmit it to another entity without difficulty.

The right to request that your Personal Data be deleted
You have the right to request that we delete any of your Personal Data, subject to legal exceptions (such as, but not limited to, where the information is used to identify and repair errors on the Website, to detect security incidents and protect against fraudulent or illegal activities, to exercise certain rights, etc.). If no legal exception applies, we shall delete your Personal Data and direct our service partners to do the same in response to your request.

How to exercise your legal rights?
To exercise the rights stated above, you must submit a request that may be verified by contacting us using the information provided herein.

In order for us to reply to your request, we must know who you are. Therefore, you can only exercise the aforementioned rights by submitting a request that meets the following criteria:
provide sufficient information to allow us to verify that you are the individual whose Personal Data we gathered or an authorized representativeWe will not respond to your request if we are unable to authenticate your identity and, by extension, that the Personal Data we know about you is accurate. If you are unable to submit a verifiable request in person, you may appoint a California Secretary of State-registered agent to act on your behalf.

You can make a verified request on behalf of a minor under your parental authority if you are an adult.

How and when do we anticipate handling your request?
Within 10 days, we will acknowledge receipt of your verifiable request and provide details on how it will be processed. We will respond within 45 days of receiving your inquiry. If we require additional time, we will explain the reasons why and the amount of time we require. Please be aware that we may require up to 90 days to fulfill your request.

Our disclosures will span the last twelve months.

If we refuse your request, we will provide an explanation for our decision.

We do not charge a fee to process or reply to your verifiable request unless it is plainly exorbitant or without justification. In such situations, we may charge a reasonable fee or decline to act. In either situation, we will disclose our choices and provide reasons.

8. Information for Users Residing in Canada

We may process your information if you have given us specific permission (i.e., express consent) to use your Personal Data for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time.

In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:
If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way;For investigations and fraud detection and prevention;For business transactions, provided certain conditions are met;If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim;For identifying injured, ill, or deceased people and communicating with their next of kin;If we have reasonable grounds to believe an individual has been, is, or may be a victim of financial abuse;If it is reasonable to expect that collection and use with consent would compromise the availability or the accuracy of the information, and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province;If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records;If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced;If the collection is solely for journalistic, artistic, or literary purposes;If the information is publicly available and is specified by the regulations.

9. How are "Do Not Track" requests handled?

"Do Not Track" requests are not supported by the Website. Please read the privacy policies of any third-party services it uses to determine whether they honor "Do Not Track" requests.

10. Do We Make Updates to This Policy?

This Privacy Policy may be updated on occasion. The updated version will be marked with a new "Revised" date, and it will become effective as soon as it is made accessible. If we make substantial changes to this Privacy Policy, we may notify you by prominently posting a notice on our website or by directly sending you a notification. We encourage you to frequently review this Privacy Policy to stay informed about how we protect your information.

11. How Can You Contact Us About This Policy?

Please contact us at [email protected] for more information about our privacy practices or if you have any questions.