Skip to main content

Privacy Policy

Last updated: October 7, 2025

1. Introduction

Query OÜ ("we," "our," or "us") operates QR First (the "Service"), a comprehensive QR code management platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use our Service.

2. Information We Collect

2.1 Personal Information

We collect the following personal information when you register and use our Service:

  • Email Address: Required for account creation, authentication, and communication
  • Account Information: User preferences, settings, and subscription status

2.2 Content Data

We store content you create through our Service, including:

  • QR code lists and their metadata
  • Custom QR code content and configurations
  • Uploaded images and files associated with QR codes
  • List sharing settings and permissions

2.3 Usage Information

We automatically collect certain information about your use of our Service:

  • Log data (IP address, browser type, access times)
  • Device information (device type, operating system)
  • Usage patterns and feature interactions
  • QR code generation and scanning analytics

2.4 Cookies and Tracking Technologies

We use cookies for sessions, analytics, and feature improvements; you may disable them via browser settings. These technologies enhance your experience, maintain user sessions, and analyze service usage.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide, maintain, and improve our QR code management platform
  • Authentication: To verify your identity and secure your account
  • Communication: To send verification codes, service updates, and support responses
  • Analytics: To understand usage patterns and improve service performance
  • Security: To detect and prevent fraud, abuse, and security threats
  • Legal Compliance: To comply with applicable laws and regulations

4. Information Sharing and Disclosure

4.1 User-Controlled Sharing

You control the sharing of your QR code lists through our sharing features. When you share a list, recipients can access the shared content according to the permissions you set.

4.2 Service Providers

We may share information with trusted third-party service providers who assist us in operating our Service, including:

  • Cloud hosting and storage providers
  • Payment processing services (for paid accounts)
  • Email delivery services
  • Analytics and monitoring tools

4.3 Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights, property, or safety, or that of our users or the public.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction.

4.5 Data Monetization Policy

We do not sell, rent, or trade your personal information to third parties for monetary gain.Your data is not a product that we monetize. We only share information as explicitly described in the sections above and never for commercial purposes beyond providing our Service to you.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

  • HTTPS encryption for all data transmission
  • Secure authentication systems with verification codes
  • Regular security audits and monitoring
  • Access controls and employee training
  • Secure data storage with backups

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain account data while active, content according to account type, and logs up to 12 months. Billing info is kept as required by law. You may request deletion of your account and associated data by contacting us.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing of your information
  • Restriction: Request restriction of processing in certain circumstances

To exercise these rights, please contact us using the information provided below.

8. Third-Party Services

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these external services. We encourage you to review the privacy policies of any third-party services you access.

When you generate QR codes that link to external websites, those websites will have their own privacy practices that are outside our control.

9. International Data Transfers

Our Service is operated from Estonia, and we may transfer and process your information in Estonia and other countries. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable laws.

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

11. GDPR Compliance

For users in the European Union, we comply with the General Data Protection Regulation (GDPR). Our legal basis for processing personal information includes:

  • Contract: Processing necessary to provide our Service
  • Consent: Where you have given clear consent
  • Legitimate Interest: For analytics, security, and service improvement
  • Legal Obligation: To comply with applicable laws

EU business users can request our Data Processing Agreement (DPA) by contacting us at info@qrfirst.com with "DPA Request" in the subject line.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also send you an email notification.

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • By email: info@qrfirst.com
  • Company: Query OÜ
  • Country: Estonia
  • Subject line: "Privacy Policy Inquiry"
Summary: We collect your email for authentication and store your QR code content to provide our service. We use secure practices to protect your data and only share information as described in this policy or with your explicit consent. For more details, see our Terms of Use. You have rights regarding your personal information and can contact us with any privacy concerns.