Effective date: July 12, 2026
This Privacy Policy explains what data may be processed when using qrwize.com, why it is used, how it is stored, who it may be shared with, and what rights the user has.
This Policy applies to the QRwize website, the static QR code generator, the contact form, the waitlist sign-up form, and other website features through which a user may provide their data.
1. Who is responsible for data processing
The website operator and controller of personal data is sole proprietor Vadym Shvets.
For matters concerning privacy, access to data, rectification, restriction of processing, or erasure, please contact us at:
Email: info@qrwize.com
In this Policy, “QRwize”, “we”, “us”, and “our” mean the operator of the QRwize website.
2. What data we process
The scope of data depends on how the user interacts with the website.
2.1. Data entered into the QR code generator
The generator can work with links, text, contact details, Wi-Fi settings, events, telephone numbers, email addresses, social profiles, payment details, and other information the user wishes to encode.
All data entered into the generator is processed locally in the user’s browser.
QRwize:
- does not send the contents of generator fields to the server;
- does not store entered data in its own database;
- does not receive a copy of the generated QR code;
- does not receive or store a copy of the generated QR code image;
- does not use generator data for analytics, advertising, or profiling.
Creating, previewing, and downloading the QR code in supported formats also take place directly in the browser.
This means QRwize does not receive URLs, Wi-Fi passwords, contact details, IBANs, cryptocurrency addresses, or other information entered into the generator, unless the user separately provides it through the contact form or another communication channel.
2.2. Website theme settings
If the user changes the website’s light or dark theme, the selected value is stored in the browser’s localStorage.
This value:
- is used only to display the selected theme;
- is not sent to the server;
- does not contain identification or contact data;
- is not used to track the user.
If the user does not change the theme, no corresponding value is stored.
sessionStorage is not used to store user data. The website language is determined by the address of the page opened and is not stored separately in the browser.
2.3. Waitlist data
When a user joins the waitlist, we store:
- email;
- IP address;
- browser type and version;
- operating system and other
user-agentdata; - browser language;
- approximate country and city;
- approximate coordinates;
- time zone;
- date and time the form was submitted.
Country, city, coordinates, and time zone are determined approximately on the basis of the IP address and technical headers of the network infrastructure. QRwize does not request the device’s GPS location.
Email is used only for:
- notification of the launch of QRwize Pro;
- an invitation to early access.
We do not send third-party advertising through the waitlist or disclose email addresses to other companies for their own marketing.
Signing up does not require additional email confirmation in a separate message.
To opt out of notifications or request removal of an email address from the list, contact info@qrwize.com.
2.4. Contact form data
When the contact form is submitted, we receive and store:
- name;
- email;
- subject of the enquiry;
- message text;
- IP address;
user-agent;- browser language;
- approximate location;
- date and time of submission.
This data is used for:
- receiving and considering the enquiry;
- responding to the user;
- resolving technical or organisational matters;
- protecting the form from spam and abuse;
- technical diagnostics.
Enquiry data is stored in QRwize’s own database. A copy of the enquiry is also sent to the email system we use to process messages.
Copies of messages in the email system may be retained until manually deleted. A user may request deletion of an enquiry by writing to info@qrwize.com.
Do not send through the contact form:
- passwords;
- private keys;
- confirmation codes;
- full payment card details;
- documents not required to consider the enquiry;
- other confidential information unrelated to the request.
2.5. Technical data and logs
When pages are opened or requests are submitted, the server and network infrastructure may automatically process:
- IP address;
- page or request URL;
- date and time;
- HTTP method;
- response status;
user-agent;- referrer URL;
- URL parameters;
- technical request data;
- error message;
stack trace;- other information necessary to diagnose the issue.
In some cases, logs may contain HTTP request parameters or body where necessary to diagnose an error. We do not use logs for advertising or to create marketing profiles.
Logs in the application’s file system are retained for up to 90 days. Only the QRwize operator has access to them.
2.6. Technical error monitoring
A specialised monitoring provider is used to detect and correct technical errors.
When an error occurs, that provider may receive:
- error message;
stack trace;- page URL;
- IP address;
user-agent;- the sequence of technical events before the error;
- request parameters;
- technical context;
- form data or email if they are inadvertently included in the error context.
Monitoring data is retained for up to 90 days in the European Union region.
We recommend not providing information through forms unless it is necessary for the relevant feature to operate or for an enquiry to be considered.
2.7. Analytics data
QRwize uses third-party web analytics and website interaction analysis services.
They may automatically process:
- pages visited;
- date and time of visit;
- approximate region;
- device type;
- browser and operating system;
- referral source;
- visit duration;
- interaction with page elements;
- technical identifiers;
- IP address or a derived value;
- website performance metrics.
Form-field masking is enabled in one interaction analysis service. This reduces the risk of the name, email, subject, and message text being included in interaction recordings.
We do not use advertising pixels, remarketing systems, or trackers to show personalised advertising.
As of this Policy’s effective date, analytics technologies may activate when the website is opened. A user can limit their operation through browser settings, by blocking third-party cookies, or by using specialised privacy tools.
The retention period for analytics data depends on the settings and rules of the relevant providers.
2.8. Payment data
The current version of QRwize:
- does not accept payments;
- does not have paid plans;
- does not offer subscriptions;
- does not accept donations;
- does not store payment card data.
QR codes for IBAN, EPC, UPI, or cryptocurrency addresses only contain information entered by the user locally in their browser. QRwize does not receive these details or process a payment.
3. How data is used
Depending on how the user interacts with the website, data may be used for:
- operation of the website and its technical features;
- creation of a QR code in the browser;
- handling user enquiries;
- maintaining the waitlist;
- sending launch and early-access notifications;
- protection from spam, attacks, and abuse;
- diagnosing and correcting errors;
- analysing website stability and usage;
- a general understanding of the audience’s geography;
- compliance with legal requirements;
- protection of QRwize’s rights and legitimate interests.
The IP address, approximate location, language, time zone, and user-agent obtained through forms are not used to personalise emails or advertising, or to create an individual user profile.
4. Legal bases for processing
Depending on the circumstances, we may process data on the following bases:
User consent
Consent is used for:
- adding an email address to the waitlist;
- sending launch and early-access notifications;
- processing data submitted through the contact form;
- other operations for which the user gives separate consent.
A user may withdraw consent by contacting info@qrwize.com.
Performance of the user’s request
Data may be processed to receive, consider, and fulfil a request submitted by the user through the contact form or email.
Legitimate interest
A limited scope of technical data may be processed for:
- ensuring stable website operation;
- protection from abuse;
- error diagnosis;
- infrastructure protection;
- understanding general patterns of website use.
Legal obligation
We may retain or disclose data where required by applicable law, a court decision, or a lawful request from an authorised authority.
5. Cookies and local storage
QRwize uses technically necessary cookies and browser local storage.
Technically necessary cookies
| Name | Purpose | Retention period |
|---|---|---|
XSRF-TOKEN |
Protection of forms and requests from CSRF attacks | 3 days |
qrwize-site-session |
Technical operation of the website and forms | 3 days |
These cookies are not used for authentication, advertising profiling, or tracking a user across devices.
Local storage
If the user changes the website theme, the selection is stored in localStorage. Other generator data is not stored in localStorage.
Contact form protection
The contact form uses a third-party mechanism to protect against automated spam and bots. Its provider may process technical data about the device, browser, network connection, and interaction with the page. This mechanism is used only on the contact form page.
Analytics technologies
Third-party analytics services may use cookies, local storage, or other technical identifiers. As of the Policy’s effective date, they may load when the website is opened.
A user can restrict or delete cookies in browser settings. Blocking technically necessary cookies may affect the operation of forms or other website features.
6. Who data may be shared with
We do not sell, rent, or disclose personal data to third parties for their advertising or independent marketing.
The following categories of providers may be engaged to operate the website:
- cloud hosting and database providers;
- CDN and network infrastructure providers;
- email service providers;
- error monitoring providers;
- providers of form protection from bots and spam;
- web analytics providers;
- providers of technical audits of public website pages.
Such providers may receive only the data necessary to perform the relevant technical function.
Data may also be disclosed to public authorities where required by law, a court decision, or a lawful request from an authorised authority.
7. Storage location and international processing
The main website infrastructure and our own database are located in the European Union region. Error monitoring system data is also stored in the European Union region.
Some third-party providers operate in several countries. Depending on their corporate and technical structure, individual data processing operations may be performed outside the user’s country or the European Economic Area.
Where an international data transfer is subject to special legal requirements, appropriate legal, contractual, and organisational safeguards must be applied.
8. Retention periods
We retain data no longer than necessary for the purpose for which it was obtained, unless a longer retention period is required by law.
| Category | Period |
|---|---|
| QR code generator data | Not sent to the server or stored by QRwize |
| Selected website theme | Until the user deletes localStorage data |
| Technically necessary cookies | 3 days |
| Application logs | Up to 90 days |
| Error monitoring data | Up to 90 days |
| Copies of enquiries in the email system | Until manual deletion or a confirmed user request |
| Analytics data | According to provider settings and rules |
No specific calendar retention period is set for waitlist email addresses and enquiries in our own database. Such data is retained until the purpose of processing is achieved, consent is withdrawn, a confirmed deletion request is received, or the relevant communication is no longer needed.
Data may be retained longer where required by law or needed to defend against a substantiated legal claim. Following a confirmed request, user data is deleted from QRwize’s own database and email system where stored there, unless there is a legal basis for further retention.
9. Data security
QRwize applies reasonable technical and organisational measures to protect data against:
- unauthorised access;
- unlawful use;
- alteration;
- disclosure;
- loss;
- accidental or intentional deletion.
Only the QRwize operator has access to our own database and application logs.
For security reasons, we do not publish a detailed description of the internal architecture, server settings, backups, or access control mechanisms.
No method of data storage or transmission can guarantee absolute security.
10. Other people’s data in QR codes
A user may create a QR code containing a third party’s contact details or other data.
Because the generator works locally in the browser, QRwize does not receive this data. The user is nevertheless independently responsible for the lawfulness of its use and distribution.
Without a proper basis, QR codes containing the following should not be created or published:
- private contact details;
- confidential financial details;
- medical information;
- documents or identifiers;
- other personal data whose distribution may infringe a person’s rights.
11. User rights
Depending on applicable law, a user may have the right to:
- receive information about the processing of their data;
- access their data;
- rectify inaccurate or incomplete data;
- request erasure of data;
- request restriction of processing;
- object to certain processing activities;
- withdraw previously given consent;
- receive a copy of data in a portable format, where that right applies;
- lodge a complaint with the competent data protection authority;
- seek judicial or other protection provided by law.
To exercise your rights, write to info@qrwize.com.
The request must contain enough information for us to locate the relevant data and verify that it comes from the appropriate person.
We will not request more information than is reasonably necessary to verify and fulfil the request.
12. Automated decision-making and profiling
QRwize does not use personal data for automated decision-making that produces legal or similarly significant effects for the user.
We also do not create advertising or behavioural profiles of users.
13. Children’s data
QRwize is not specifically directed at children and does not knowingly request personal data from children.
If a parent or legal representative believes that a child has provided us with personal data without proper permission, they may contact info@qrwize.com.
After reviewing the enquiry, we will take appropriate measures in respect of such data.
14. Links to third-party resources
QRwize may contain links to third-party websites, social networks, messaging services, payment services, and other resources.
User-created QR codes may also lead to third-party resources.
We do not control data processing rules on such websites. Before providing personal information, we recommend reviewing their privacy policies.
15. Changes to the Policy
We may update this Policy if the following change:
- QRwize features;
- data processing methods;
- engaged provider categories;
- retention periods;
- applicable legal requirements.
The current version is published on this page with the date of its last update.
If changes materially affect the processing of data already received, we will notify users in an appropriate manner and, where necessary, obtain new consent.
16. Contact details
For questions about this Policy, the processing of personal data, or exercising your rights, please contact:
QRwize
Email: info@qrwize.com
Last updated: July 12, 2026