Legal

Privacy Policy

Last updated: May 7, 2025

Short version: QR codes are generated entirely in your browser — nothing is sent to our servers unless you choose to save them. We run no ads, no trackers, and no analytics on your QR data.

1. Overview

QR-Yasa ("we", "us", "our") is a free, ad-free QR code generator. We are committed to protecting your privacy. This policy explains what data we collect, why we collect it, and how we use it. This policy applies to the QR-Yasa website (qr-yasa.com) and the QR-Yasa Telegram bot (@QRYasaRobot).

2. Data We Collect

Without an account
QR codes are generated entirely in your browser — no QR data, URLs, or form inputs are sent to our servers. We collect no personal information.
With an account (optional)
If you sign in via Google OAuth or magic link, we store your email address and the QR codes you choose to save, including their configuration and name. This data is stored in Supabase and is only accessible to you.
Dynamic QR redirects
When a QR code using our redirect service (qr-yasa.com/r/…) is scanned, we record the timestamp and approximate country derived from the request. We do not store IP addresses or use fingerprinting.
Telegram bot
When you interact with our Telegram bot, Telegram provides us with your Telegram user ID and chosen language. We store your language preference locally on our server to personalise replies. We do not store message content after the QR code is generated.

3. How We Use Your Data

Saved QR codes
Stored solely to let you access your history across devices.
Scan analytics
Aggregated scan counts and timestamps are shown only to you on your dashboard. We do not sell or share this data.
Language preference (bot)
Used only to send replies in your chosen language.

4. Third-Party Services

Supabase
We use Supabase (supabase.com) for authentication and database storage. Supabase is SOC 2 compliant. Data is stored in EU-West-1 (Ireland). See supabase.com/privacy.
Google OAuth
If you sign in with Google, authentication is handled by Google. We only receive your email address and a unique user identifier. See policies.google.com/privacy.
Vercel
Our website is hosted on Vercel. Vercel may log request metadata (IP, user agent) for security purposes per their own privacy policy at vercel.com/legal/privacy-policy.
Railway
Our backend API is hosted on Railway (railway.app). Railway may log standard HTTP request metadata per their privacy policy.

5. Cookies

We use a single first-party cookie ("qr-theme") to remember your light/dark theme preference. No tracking cookies, no advertising cookies, no third-party cookies.

6. Data Retention

Saved QR codes and account data are retained until you delete them or close your account. Scan event records are retained for 12 months. Bot language preferences are retained until you change them.

7. Your Rights

You may request deletion of all your data at any time by emailing us at the address below. For accounts, you can delete saved QR codes individually from the History panel. We will respond to deletion requests within 30 days.

8. Children

QR-Yasa is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

9. Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Last updated" date below. Continued use of QR-Yasa after changes constitutes acceptance of the revised policy.

10. Contact

Questions about this policy? Contact us at: Email: privacy@qr-yasa.com Website: https://qr-yasa.com

© 2026 QR-Yasa. All rights reserved.Back to generator →