PlatformQR

Legal

Privacy Policy

Last updated: 26 April 2026

PlatformQR acts as a data controller for account, billing, and service usage data under UK GDPR and the Data Protection Act 2018.

What We Collect

  • Account data: name, email address, authentication identifiers.
  • Service data: QR code content/settings, creation dates, and edit history.
  • Analytics data: scan time, hashed IP, device/browser/os, country/city, and referrer where available.
  • Billing data: Stripe customer/subscription identifiers and subscription status.

Legal Bases

  • Performance of contract: delivering QR generation, redirects, analytics, and subscription features.
  • Legitimate interests: platform security, abuse prevention, and service reliability.
  • Legal obligation: accounting, tax, and fraud prevention requirements.

How Long We Keep Data

  • Active account data is retained while your account is active.
  • Subscription records are retained as required for tax/accounting compliance.
  • Scan analytics are retained for service functionality and may be deleted on account deletion request, unless retention is legally required.

Processors and Transfers

We use Supabase (hosting/database/auth/storage) and Stripe (payments). These providers may process data outside the UK. We rely on appropriate safeguards such as contractual clauses and provider compliance commitments.

Your Rights

You may request access, correction, deletion, restriction, objection, or portability of your personal data. You may also lodge a complaint with the UK Information Commissioner's Office (ICO).

Contact

Privacy requests: support@platformqr.com