Privacy Policy

QRDock does not collect, transmit, or store any personal information on external servers. All data generated through your use of QRDock, including scan history, created QR codes, and app preferences, is stored exclusively on your device. We do not use analytics SDKs, advertising frameworks, tracking pixels, or any other mechanism within the mobile app to collect information about you or your usage. We have no ability to access, view, or retrieve any data from your device.

QRDock requests access to your device camera solely for the purpose of scanning QR codes and barcodes in real time. Camera data is processed entirely on your device and is never recorded, stored, or transmitted to any server. Camera access can be revoked at any time through your device settings. The app will continue to function for features that do not require the camera, such as scanning from photos or creating QR codes.

QRDock may request access to your photo library to enable two features: scanning QR codes from saved images or screenshots, and saving created QR code images to your device. Photo library access is read-only for scanning and write-only for saving. QRDock does not browse, index, upload, or analyze your photos beyond the specific image you select for scanning. Photo library access can be revoked at any time through your device settings.

All application data, including your scan history, created QR codes, and preferences, is stored locally on your device using encrypted storage. This data is not synced to any cloud service, backed up to our servers, or accessible to us in any way. If you delete the app, all locally stored data is permanently removed from your device. We recommend exporting any QR codes you wish to keep before uninstalling the app.

The QRDock mobile application contains zero analytics, zero tracking, and zero data collection of any kind. The QRDock website (qrdock.app) uses two separate analytics services to measure aggregate website traffic. (1) Vercel Analytics is a cookieless, privacy-friendly analytics service that records anonymous, aggregated page-view data. It does not collect personally identifiable information (PII), does not set cookies, does not track individual users across sessions, and does not share data with third parties. (2) Google Analytics 4 (GA4) is Google's web analytics product, used to measure page views, traffic sources, and how visitors interact with the website. GA4 sets first-party cookies in your browser (typically named _ga and _ga_<measurement-id>), processes a Google-assigned anonymous client identifier, and processes a coarse, IP-derived geographic location. Google does not store full IP addresses for GA4 traffic. GA4 data may be transferred to and processed by Google in the United States and other countries where Google operates; Google self-certifies under the EU-US Data Privacy Framework (DPF) and its UK Extension and Swiss-US DPF. No analytics data collected on the website (Vercel Analytics or GA4) is linked to your use of the QRDock mobile app, and we do not use this data for advertising or profiling. For more information, see Vercel's Privacy Policy (https://vercel.com/legal/privacy-policy) and Google's Privacy Policy (https://policies.google.com/privacy). You can opt out of GA4 across all websites by installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout).

The QRDock mobile application does not use cookies or any similar tracking technologies. The QRDock website (qrdock.app) uses cookies as follows. Essential cookies are required for the website to function, including remembering your selected language; these do not require consent under the EU ePrivacy directive or comparable laws. Analytics cookies are set by Google Analytics 4 to measure website traffic; these typically include _ga (lifespan up to 24 months) and _ga_<measurement-id> (lifespan up to 24 months). Vercel Analytics does not set any cookies. You can block or delete cookies at any time through your browser settings, install the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout) to disable GA4 across all sites, or use your browser's Do Not Track or Global Privacy Control (GPC) signal — we honor GPC signals where required by applicable law. Blocking analytics cookies does not affect any functionality of the website.

The QRDock mobile app does not integrate with or transmit data to any third-party analytics, advertising, or tracking services. The URL safety check feature compares scanned URLs against locally cached and publicly available phishing databases. This comparison is performed on your device. No URLs you scan are sent to external servers for verification. In-app purchases are processed entirely by Apple (App Store) or Google (Google Play). We do not receive, process, or store any payment information. Please refer to Apple's Privacy Policy (https://www.apple.com/legal/privacy/) and Google's Privacy Policy (https://policies.google.com/privacy) for information about how they handle purchase transactions. The QRDock website uses Vercel Analytics for anonymous, aggregated traffic data and Google Analytics 4 for website traffic measurement, as described in the Analytics and Website Tracking section above. The website is hosted by Vercel Inc. and served from Vercel's global edge network. No data from these website services is connected to or associated with your use of the QRDock mobile app.

Because all data is stored locally on your device, you have complete control over your data at all times. You can delete individual scan history items or created QR codes from within the app. You can clear all app data through the app settings. Uninstalling QRDock will permanently remove all associated data from your device. There is no data stored on our servers that requires deletion, as we do not collect or retain any user data.

QRDock does not collect personal information from any user, including children under the age of 13 (or the applicable age of digital consent in your jurisdiction, such as 16 in certain EU member states under the GDPR). Because no personal data is collected, transmitted, or stored externally by the mobile app, the app is suitable for use by individuals of all ages. We comply with the Children's Online Privacy Protection Act (COPPA) in the United States, the age-related provisions of the General Data Protection Regulation (GDPR) in the European Union, the UK Age Appropriate Design Code, and all other applicable laws governing children's privacy worldwide.

The QRDock mobile app does not transfer any data internationally or to any external servers. All app data remains exclusively on your device. As such, there are no cross-border data transfer concerns related to your use of the mobile app. The QRDock website is hosted on Vercel's global infrastructure. Anonymous, aggregated analytics data collected by Vercel Analytics on the website may be processed in the United States or other countries where Vercel operates. This Vercel Analytics data contains no personally identifiable information and cannot be linked to individual users. Google Analytics 4 may transfer website usage data (including a Google-assigned anonymous client identifier stored in your browser cookies and a coarse, IP-derived geographic location) to Google servers in the United States and other countries where Google operates. Google LLC self-certifies under the EU-US Data Privacy Framework (DPF), the UK Extension to the EU-US DPF, and the Swiss-US DPF, which provide an approved transfer mechanism under Article 45 of the GDPR and equivalent UK and Swiss law. The app itself complies with data residency and data localization requirements under all applicable data protection regulations worldwide because no app data leaves the device.

If you are located in the European Union or the European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR): the right of access to your personal data; the right to rectification of inaccurate data; the right to erasure (the "right to be forgotten"); the right to restriction of processing; the right to data portability; the right to object to processing; and the right not to be subject to automated decision-making, including profiling. Because QRDock does not collect, process, or store any personal data on external servers, these rights are inherently and fully satisfied. All data you generate is stored exclusively on your device under your sole control. There is no personal data held by Echo Persona LLC for us to access, correct, delete, restrict, port, or process. You may exercise complete control over your data at any time by managing or deleting it directly on your device. If you believe your rights have not been respected, you have the right to lodge a complaint with your local Data Protection Authority (DPA). Legal bases for website data processing under the GDPR are as follows. For Vercel Analytics (cookieless, anonymous, aggregated traffic data that does not constitute personal data), our legal basis is our legitimate interest in understanding aggregate website traffic and improving the service (Article 6(1)(f) GDPR). For Google Analytics 4, which uses cookies and processes limited personal data, our legal basis is your consent (Article 6(1)(a) GDPR) where consent is required by applicable law, including the EU ePrivacy directive and national implementations thereof; where consent is not legally required, our legal basis is our legitimate interest in measuring website traffic (Article 6(1)(f) GDPR). You may withdraw consent at any time by clearing your browser cookies, installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout), or enabling a Global Privacy Control signal in your browser. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These include: the right to know what personal information is collected, used, shared, or sold; the right to delete personal information held by businesses; the right to opt out of the sale or sharing of personal information; the right to non-discrimination for exercising your privacy rights; the right to correct inaccurate personal information; and the right to limit the use and disclosure of sensitive personal information. Echo Persona LLC does not sell, share, or disclose your personal information to third parties for cross-context behavioral advertising or any other purpose. We do not collect personal information through the QRDock mobile app. Because no personal information is collected or held by us, these rights are inherently satisfied. You may contact us at support@qrdock.app to submit a verifiable consumer request regarding your rights under the CCPA/CPRA.

If you are located in Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD), including: the right to confirmation of data processing; the right to access your data; the right to correct incomplete, inaccurate, or outdated data; the right to anonymization, blocking, or deletion of unnecessary or excessive data; the right to data portability; the right to deletion of personal data processed with your consent; the right to information about public and private entities with which your data has been shared; the right to information about the possibility of denying consent and the consequences thereof; and the right to revoke consent. Because QRDock does not collect, process, or store any personal data on external servers, these rights are inherently satisfied. All data remains on your device under your exclusive control. Echo Persona LLC does not share your personal data with any public or private entities. For inquiries related to the LGPD, please contact us at support@qrdock.app.

If you are located in Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. These include: the right to know why your personal information is being collected; the right to expect that your personal information will be used only for the purposes for which it was collected; the right to access your personal information and challenge its accuracy; and the right to file a complaint with the Office of the Privacy Commissioner of Canada. Because QRDock does not collect, use, or disclose any personal information, these rights are inherently satisfied. Echo Persona LLC does not collect personal information through the QRDock mobile app, and all data you generate remains on your device under your sole control. For inquiries related to PIPEDA, please contact us at support@qrdock.app.

Echo Persona LLC respects privacy rights worldwide. If you are located in the United Kingdom, Australia, Japan, South Korea, India, or any other jurisdiction with applicable data protection laws, you may have similar rights regarding access, correction, deletion, and portability of your personal data. Because QRDock does not collect or store any personal data on external servers, these rights are inherently satisfied regardless of your location. All data remains exclusively on your device. If you have questions about your specific rights under your local data protection laws, please contact us at support@qrdock.app.

We may update this Privacy Policy from time to time to reflect changes in the app, our website, or applicable laws. Any changes will be posted on this page with an updated effective date. Where required by applicable law (such as the GDPR), we will notify you of material changes through the app or other appropriate means. We encourage you to review this Privacy Policy periodically. Your continued use of QRDock after any changes to this policy constitutes your acceptance of the updated terms. If you do not agree with any changes, you should discontinue use of the app.

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at support@qrdock.app. Echo Persona LLC is the entity responsible for QRDock and its compliance with applicable privacy laws worldwide. For GDPR-specific inquiries, Echo Persona LLC acts as the data controller. Mailing address available upon request by emailing support@qrdock.app.