Privacy Policy

Last updated: December 13, 2025

Introduction

SnapGlyph ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QR code generation service and website (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

Information We Collect

Information You Provide

  • Account Information: When you create an account, we collect your name, email address, and password.
  • Payment Information: If you subscribe to a paid plan, we collect payment details through our secure payment processor. We do not store full credit card numbers on our servers.
  • QR Code Content: We store the content you use to generate QR codes, such as URLs, text, contact information, or other data types.
  • Communications: When you contact us for support, we collect the information you provide in your messages.
  • Profile Information: Any additional information you choose to provide in your account profile.

Information Collected Automatically

  • Usage Data: We collect information about how you use our Service, including features accessed, QR codes created, and time spent on the platform.
  • Device Information: We collect device type, operating system, browser type, screen resolution, and unique device identifiers.
  • Log Data: Our servers automatically record information including your IP address, access times, pages viewed, and referring URLs.
  • QR Code Scan Analytics: For dynamic QR codes with tracking enabled, we collect anonymous scan data including approximate location (city/country level), device type, browser, and timestamp.
  • Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies as described in our Cookie Policy.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process transactions and send related information, including purchase confirmations and invoices
  • Send technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and requests
  • Analyze usage patterns to improve user experience and develop new features
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities
  • Protect the rights, property, and safety of SnapGlyph and our users
  • Comply with legal obligations and enforce our Terms of Service
  • Send promotional communications (with your consent, where required)

Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal information based on the following legal grounds:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Legitimate Interests: Processing for our legitimate business interests, such as fraud prevention, security, and service improvement
  • Consent: Processing based on your consent, which you may withdraw at any time
  • Legal Obligation: Processing necessary to comply with applicable laws

Information Sharing

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers: We share information with third-party vendors who assist in providing our services. These providers are contractually obligated to protect your information and may only use it to provide services to us.
  • Legal Requirements: We may disclose information if required by law, legal process, or government request, or when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.
  • With Your Consent: We may share information for other purposes with your explicit consent.
  • Aggregated Data: We may share aggregated, anonymized data that cannot reasonably be used to identify you.

Third-Party Service Providers

We work with trusted third-party service providers to operate our Service. A detailed list of our service providers and their purposes will be maintained and updated as our service evolves. For the current list, please contact us at .

Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL
  • Encryption of sensitive data at rest
  • Regular security reviews and monitoring
  • Access controls and authentication measures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Investigate the breach promptly and take steps to mitigate any harm
  • Notify affected users without undue delay when required by applicable law
  • Notify relevant regulatory authorities as required by law (e.g., within 72 hours under GDPR)
  • Provide information about the nature of the breach and steps you can take to protect yourself

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Service. We may also retain and use your information as necessary to:

  • Comply with our legal obligations
  • Resolve disputes and enforce our agreements
  • Maintain business records for financial reporting and audit purposes

When you delete your account, we will delete or anonymize your personal information within 30 days, except for information we are required to retain for legal, regulatory, or legitimate business purposes.

QR code scan analytics data is retained for as long as your associated QR code exists in our system. Historical analytics may be retained in anonymized form for service improvement purposes.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request access to and receive a copy of your personal data
  • Rectification: Request correction of inaccurate or incomplete personal data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Restriction: Request restriction of processing of your personal data
  • Portability: Request transfer of your personal data to another service
  • Objection: Object to processing of your personal data
  • Withdraw Consent: Withdraw your consent at any time where we rely on consent to process your data
  • Lodge a Complaint: Lodge a complaint with a supervisory authority

To exercise these rights, please contact us at . We will respond to your request within 30 days (or sooner if required by applicable law). We may need to verify your identity before processing your request.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You can request deletion of your personal information
  • Right to Opt-Out: You can opt-out of the sale of your personal information (note: we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise your CCPA rights, contact us at or use the contact information below.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including Canada and the United States. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal information outside of the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at .

If we discover that we have collected personal information from a child under 16, we will promptly delete that information from our servers.

Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) setting. Our Service does not currently respond to DNT signals. However, you can control cookies and tracking through your browser settings and the choices described in our Cookie Policy.

Third-Party Links

Our Service may contain links to third-party websites or services, including QR codes that link to external destinations. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date
  • Sending you an email notification (for material changes)

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

SnapGlyph Software
#1009 - 3909 University Ave NW
Calgary, AB, Canada T3B 6K3
Email:

For EU residents, you may also contact your local data protection authority if you have concerns about our data practices.