Privacy Policy

Last Updated: April 2026

1. Introduction

QR Guard ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application for QR code scanning and verification.

By using QR Guard, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide Directly

Account Information (Optional):

• Google Sign-In credentials (name, email, profile picture)
• User ID from Firebase Authentication
• Username (if you choose to create one)

User-Generated Content:

• QR code comments and reviews you submit
• Scam reports and safety ratings
• QR codes you generate and customize
• Business information for merchant verification

2.2 Information Collected Automatically

Device Information:

• Device model and manufacturer
• Android OS version
• App version and build number
• Unique device identifiers (Firebase Installation ID)

Usage Data:

• QR codes scanned (content hash, not raw data)
• Scan timestamps and frequency
• App interaction and feature usage
• Crash reports and performance metrics

Camera Permission:

• Camera access for QR code scanning (required)
• Gallery access for scanning QR codes from images (optional)

3. How We Use Your Information

We use the information we collect to:

• Provide Core Functionality: Scan QR codes, generate custom QR codes, and display safety information
• Community Safety: Enable community-powered trust scoring and scam reporting
• Authentication: Secure your account and protect against unauthorized access
• Personalization: Save your scan history, preferences, and generated QR codes
• Analytics: Understand app usage patterns and improve user experience
• Security: Detect and prevent fraud, abuse, and security incidents
• Communication: Send you important updates, security alerts, and support messages

4. Data Storage and Security

4.1 Local Storage

On-Device Data:

• Scan history stored locally using AsyncStorage
• Generated QR codes saved on your device
• App preferences and settings
• You can clear local data anytime from app settings

4.2 Cloud Storage (Firebase)

Firebase Services We Use:

• Firebase Authentication: Secure user authentication and identity management
• Cloud Firestore: Store user profiles, QR code data, comments, and community reports
• Firebase Realtime Database: Real-time sync of trust scores and safety alerts
• Firebase Analytics: Anonymous usage statistics and crash reporting
• Firebase Cloud Messaging: Push notifications for security alerts

Data Residency:

• All data is stored in Firebase servers in asia-south1 (Mumbai, India) region
• Compliant with India's Digital Personal Data Protection (DPDP) Act, 2023

4.3 Security Measures

• End-to-end encryption (HTTPS/TLS) for all data in transit
• Firebase security rules to protect user data
• Server-side validation for all user inputs
• Rate limiting to prevent abuse
• ECDSA signature verification for API integrity
• Regular security audits and updates

5. Data Sharing and Disclosure

We do NOT sell, trade, or rent your personal information to third parties.

We may share information only in the following situations:

• Service Providers: With Firebase (Google Cloud Platform) for app infrastructure and functionality
• Community Features: Anonymous QR code safety reports and trust scores are shared with other users (without personal identifiers)
• Legal Requirements: If required by law, court order, or governmental regulation
• Protection of Rights: To protect our rights, privacy, safety, or property, and/or that of our users or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets (users will be notified)

6. Third-Party Services

QR Guard integrates with the following third-party services:

• Google Sign-In: For optional account authentication (Google Privacy Policy applies)
• Firebase (Google): For backend infrastructure, analytics, and crash reporting (Google Cloud Privacy Policy applies)
• Razorpay: For payment processing (if you purchase premium features) (Razorpay Privacy Policy applies)

7. Your Rights and Choices

Under the DPDP Act 2023 and applicable privacy laws, you have the right to:

• Access: Request a copy of your personal data we hold
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your account and personal data (uninstall app or contact us)
• Data Portability: Export your data in a structured, machine-readable format
• Objection: Object to processing of your personal data
• Withdraw Consent: Withdraw consent at any time (may affect app functionality)
• Grievance Redressal: Contact our Data Protection Officer at privacy@qrguard.app

8. Children's Privacy

QR Guard is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected personal information from a child under 13, we will delete it immediately.

9. International Data Transfers

As we operate in India and use Firebase infrastructure, your data is processed and stored in India. By using QR Guard, you consent to the transfer of your data to India, which has data protection laws that may differ from your country of residence.

10. Data Retention

We retain your personal information only for as long as necessary:

• Account Data: Until you delete your account or 2 years of inactivity
• Scan History: Stored locally on your device until you clear it
• Community Reports: Retained for 5 years for fraud prevention
• Analytics Data: Anonymized after 14 months
• Logs: Security logs retained for 1 year

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Prominent in-app notification (for material changes)
• Email notification (if you have provided an email address)

Your continued use of QR Guard after changes constitutes acceptance of the new Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: ahmedsameerbinan2@gmail.com
• Website: https://binan-maker.github.io/QRS
• Address: Kerala, India

13. Compliance

QR Guard is compliant with:

• Digital Personal Data Protection (DPDP) Act, 2023 (India)
• Google Play Developer Program Policies
• Kerala Startup Mission (KSUM) Guidelines
• Firebase Data Protection Requirements

← Back to Home