Privacy Policy

Last updated: July 2026

1. Introduction

CrowAbout ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QR code generation service.

2. Information We Collect

Account Information

  • Email address
  • Business name
  • Password (encrypted)
  • Payment information (processed securely by Stripe)

QR Code & Scan Data

  • QR code content you create (labels, destination URLs, and design)
  • Logos and images you upload for branding
  • Scan data: scan counts and timestamps
  • Scan analytics: coarse device type (mobile/tablet/desktop) and approximate country/city derived from the visitor's IP at scan time

Usage Data

  • Log data and analytics
  • Device and browser information
  • IP addresses

3. How We Use Your Information

  • To provide and maintain our service
  • To generate your QR codes and redirect scans to your chosen destinations
  • To produce scan analytics for your QR codes
  • To process payments and manage subscriptions
  • To provide customer support
  • To send service-related communications
  • To improve our service and develop new features
  • To detect and prevent fraud

4. Data Sharing

We share your information with:

  • Stripe - For payment processing
  • Supabase - For data storage and authentication
  • Vercel - For hosting
  • Resend - For email delivery

We do not sell your personal information to third parties.

5. Data Retention

We retain your account data for as long as your account is active. QR codes and their scan data are retained while your account is active and the codes are in use. Scan analytics history is available according to your plan. You may request deletion of your data at any time by contacting us.

6. Your Rights (GDPR)

If you are in the UK or EU, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing of your data
  • Data portability
  • Withdraw consent at any time

7. Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted passwords, and secure payment processing through Stripe. We also offer two-factor authentication for account security.

8. Cookies

We use essential cookies for authentication and session management. These are required for the service to work and do not track you.

With your consent, we also set one Google Ads cookie on our own site. It tells us whether you arrived from one of our adverts, so we can measure which ads are worth running. If you consent and then sign up or upgrade, a privacy-protected (hashed) version of your email address is shared with Google for the same ad-measurement purpose — never your plain address. If you decline, no advertising cookie is set, nothing about you is shared, and Google receives only anonymous, cookieless signals. We never track you across other websites, and no advertising cookies are used on QR landing pages or forms hosted for our customers.

9. Contact Us

For privacy-related inquiries, please contact us at: [email protected]

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.