Privacy Policy

How we collect, use, and protect your information

Last Updated: October 30, 2025

1. Introduction

Welcome to qrRwanda ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our QR code generation platform.

⚠️ Important: By using qrRwanda, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

When you create an account, we collect:

  • Name - For account identification
  • Email Address - For login, communication, and account recovery
  • Password - Encrypted and stored securely using bcrypt hashing
  • Account Type - Email or Google OAuth authentication method

2.2 Google OAuth Data

If you sign in with Google, we collect:

  • Google Account ID (for authentication)
  • Email address
  • Name

Note: We do not access your Google password or any other Google account data beyond basic profile information.

2.3 QR Code Data

When you generate QR codes, we collect:

  • QR code type (URL, WiFi, vCard, etc.)
  • QR code title
  • Creation timestamp
  • QR code content (only if you're logged in)
  • Customization settings (colors, size, format)

2.4 Analytics & Usage Data

When QR codes are scanned, we automatically collect:

  • IP Address - For unique visitor tracking and geolocation
  • User Agent - Browser and device information
  • Device Type - Mobile, tablet, or desktop
  • Browser Type - Chrome, Safari, Firefox, etc.
  • Timestamp - When the scan occurred
  • Geographic Location - Country/city (Premium feature)

2.5 Technical Data

We automatically collect:

  • Session information
  • Login timestamps
  • Error logs (for debugging)
  • Page views and interactions

3. How We Use Your Information

We use the collected information for:

3.1 Service Delivery

  • Creating and managing your account
  • Generating and storing your QR codes
  • Providing analytics and tracking services
  • Processing payments and subscriptions

3.2 Communication

  • Sending account-related emails (verification, password reset)
  • Notifying you about service updates
  • Responding to your inquiries and support requests
  • Sending marketing communications (with your consent)

3.3 Improvement & Analytics

  • Analyzing usage patterns to improve our service
  • Debugging and fixing technical issues
  • Developing new features based on user behavior
  • Monitoring service performance

3.4 Security & Fraud Prevention

  • Detecting and preventing unauthorized access
  • Protecting against malicious activities
  • Enforcing our Terms of Service

4. Data Storage & Security

4.1 Storage Location

Your data is stored on secure servers with encryption at rest and in transit (HTTPS/SSL). We use industry-standard security measures including:

  • Encryption: All data transmission is encrypted using TLS 1.2+
  • Password Hashing: Passwords are hashed using bcrypt (not stored in plain text)
  • SQL Injection Protection: Prepared statements for all database queries
  • XSS Protection: Input sanitization and output escaping
  • CSRF Protection: Token-based validation on forms
  • Session Security: Secure, HTTP-only cookies with regeneration

4.2 Data Retention

Data Type Retention Period
Account Information Until account deletion
QR Codes Until manual deletion or account closure
Scan Analytics Plan-dependent (Free: 30 days, Premium: Unlimited)
Login Logs 90 days
Email Communications As required by law

4.3 Backup & Disaster Recovery

We perform regular automated backups to prevent data loss. Backups are encrypted and stored securely for up to 30 days.

5. Data Sharing & Disclosure

5.1 We DO NOT Sell Your Data

We will never sell, rent, or trade your personal information to third parties.

5.2 Service Providers

We may share data with trusted third-party service providers who assist us in:

  • Payment Processing: Stripe (credit cards), Mobile Money providers
  • Email Delivery: Transactional email services
  • Analytics: Anonymized usage statistics
  • Cloud Hosting: Server infrastructure providers

These providers are contractually obligated to protect your data and use it only for specified purposes.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Prevent fraud or illegal activities
  • Protect user safety

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner with notice and consent as required by law.

6. Your Privacy Rights

6.1 Access & Portability

You have the right to:

  • Access all your personal data we store
  • Export your QR codes and analytics data
  • Receive a copy of your data in a portable format

6.2 Correction & Update

You can update your personal information at any time through your dashboard settings.

6.3 Deletion

You have the right to delete your account and all associated data. This includes:

  • All QR codes created
  • Analytics and scan data
  • Personal information
  • Login history

⚠️ Warning: Account deletion is permanent and cannot be undone.

6.4 Opt-Out of Marketing

You can unsubscribe from marketing emails at any time by:

  • Clicking the "Unsubscribe" link in any marketing email
  • Updating your preferences in account settings
  • Contacting info@qrrwanda.inovasiyo.rw

Note: You cannot opt-out of transactional emails (account verification, password resets, billing notifications).

7. Cookies & Tracking

7.1 What Are Cookies?

Cookies are small text files stored on your device that help us recognize you and remember your preferences.

7.2 Cookies We Use

Cookie Type Purpose Duration
Essential Cookies Login sessions, security Session/30 days
Functional Cookies Remember preferences 1 year
Analytics Cookies Usage statistics 2 years

7.3 Managing Cookies

You can control cookies through your browser settings. However, disabling essential cookies may affect site functionality.

8. Children's Privacy

qrRwanda is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected data from a child under 13, we will delete it immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@qrrwanda.inovasiyo.rw.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by:

  • Posting the new policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)

Continued use of our service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this privacy policy or our data practices, please contact us:

Email: info@qrrwanda.inovasiyo.rw

Support: info@qrrwanda.inovasiyo.rw

Address: Kigali, Rwanda

Phone: +250 XXX XXX XXX

12. Compliance

We comply with:

  • GDPR (General Data Protection Regulation) - For EU users
  • Rwanda Data Protection Law - Local compliance
  • CCPA (California Consumer Privacy Act) - For California users

Your Trust Matters: We are committed to transparency and protecting your privacy. If you have any concerns, please don't hesitate to reach out to our privacy team.

Back to Home