§LEGAL / PRIVACIDAD
Privacy policy
Updated: 2026-04-28
This policy explains what personal data codigo-qr.es collects, for what purpose, for how long and the rights granted to the user under GDPR and Spanish data protection law.
Data we collect
If you use the free generator without an account, we collect no personal data. If you create an account for dynamic QRs, we collect email, optional name and payment data managed by Stripe (codigo-qr.es never stores card numbers).
Scan data
For dynamic QRs we record scans anonymously: hashed IP with daily salt (irreversible), country and city inferred via approximate geolocation, device type, operating system and browser. We do not store IPs in plain text or track users across sessions.
Purpose
Data is used exclusively to provide the service: managing the account, processing subscription payments and showing analytics to the QR owner. Data is not shared with third parties for advertising.
Retention
Account data is kept while the account is active. Scan events are kept 12 months by default and then anonymized or deleted. The user can request earlier deletion at any time.
User rights
You have the right to access, rectify, delete, object, limit processing and port your data. To exercise them, write to hola@codigo-qr.es clearly stating which right you want to exercise.
Data processors
codigo-qr.es works with providers acting as processors: Vercel (hosting), Supabase (database), Stripe (payments) and Resend (transactional email). All comply with GDPR.
For any question about this text, contact us: hola@codigo-qr.es