Privacy Policy
Last updated: June 11, 2026
1. Who we are
qrmucho ("we", "us") provides QR codes, digital business cards, and lead capture tools for businesses. This policy explains what personal data we collect, why we collect it, and what rights you have over it.
For anything privacy-related, contact us at hello@qrmucho.com.
2. Data we collect
What we collect depends on how you interact with qrmucho:
- Account data. When you create an account, we collect your email address and a password (stored in hashed form), or your name and email address if you sign in with Google.
- Content you create. QR codes, destination links, digital business card details (such as your name, job title, company, contact details, and photos), and the lead capture forms you configure.
- Billing data. Payments are processed by Stripe. We never see or store your full card number. We keep records of your subscription status and billing history.
- Scan and visit analytics. When someone scans a dynamic QR code or visits a digital business card, we record the IP address, browser and device type, referring page, approximate location (country, derived from the IP address), and the time of the visit. We use this to show scan statistics to the QR code owner.
- Lead submissions.Information visitors voluntarily submit through a lead capture form, such as their name, contact details, and answers to the form's questions.
- Website usage. We use Google Analytics on our website to understand how visitors use it. Google Analytics sets cookies and collects usage data such as pages visited and device information.
3. If you scanned a QR code or submitted a form
When you submit your details through a lead capture form or digital business card, that information is collected on behalf of the business that created it. That business decides what to do with your data and is the data controller; we store and process it on their behalf.
If you want your submitted data accessed, corrected, or deleted, contact the business you shared it with. If you can't reach them, contact us at hello@qrmucho.com and we will help.
4. How we use your data
- To provide the service: generating QR codes, hosting digital business cards, storing leads, and showing analytics.
- To process payments and manage subscriptions.
- To send transactional emails about your account, such as sign-in links and billing notices.
- To keep the service secure, prevent abuse, and debug problems.
- To understand how the product is used so we can improve it.
We do not sell your personal data.
5. Legal bases
Where the GDPR applies, we rely on the following legal bases:
- Contract — to provide the service you signed up for.
- Legitimate interests — for scan analytics, security, and product improvement.
- Consent — for non-essential cookies and analytics on our website.
- Legal obligation — for keeping billing and tax records.
6. Third-party services
We use a small number of service providers to run qrmucho. They process data only as needed to provide their service to us.
7. Cookies
We use essential cookies to keep you signed in. Our website also uses Google Analytics cookies to measure traffic. You can block or delete cookies in your browser settings; essential cookies are required for signing in to work.
8. Data retention
We keep your account data, content, leads, and analytics for as long as your account is active. If you delete your account or a QR code, the associated data is deleted. We may retain billing records for as long as tax and accounting laws require.
9. Your rights
Depending on where you live, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Delete your data.
- Receive a copy of your data in a portable format.
- Object to or restrict certain processing.
- Withdraw consent at any time, where processing is based on consent.
To exercise any of these rights, email hello@qrmucho.com. If you are in the EU/EEA, you also have the right to lodge a complaint with your local data protection authority.
10. Security
We protect your data with industry-standard measures, including encryption in transit and access controls that restrict data to its owner. No online service can guarantee absolute security, but we work to keep your data safe and will notify you of any breach as required by law.
11. Children
qrmucho is a business tool and is not directed at children under 16. We do not knowingly collect personal data from children.
12. Changes to this policy
We may update this policy as the service evolves. We will post any changes on this page and update the date at the top. For significant changes, we will notify you by email.