Privacy Policy

Last updated: 2026-04-03

This Privacy Policy explains how QR Menu (“we”, “us”, “our”) collects, uses, and protects your information when you use our website and services (the “Service”).

Quick summary
We collect only what’s necessary to run the Service (accounts, menus, and basic analytics/logs). You control your menu content. We do not sell personal data.

1) Information We Collect

  • Account data: email address, password (stored securely as a hash), plan type, subscription expiry.
  • Menu content you create: menu title, categories, items, descriptions, prices, allergens, images (Premium), promotions/ads.
  • Technical data: IP address, browser/device info, timestamps, error logs (for security and debugging).
  • Cookies / session identifiers: to keep you logged in and protect your account (CSRF/session).

2) How We Use Information

  • To create and manage accounts and subscriptions.
  • To provide and improve the Service (menu publishing, QR access, rendering pages).
  • To prevent fraud, abuse, and security incidents.
  • To communicate important service updates (e.g., security or system changes).

3) Legal Bases (GDPR-style)

Depending on your location, we rely on one or more legal bases such as: performance of a contract (providing the Service), legitimate interests (security, analytics), and consent (where required).

4) Sharing of Information

We may share information only in limited cases:

  • Service providers: hosting, monitoring, email delivery (as needed to run the Service).
  • Legal obligations: if required by law or valid legal process.
  • Security: to protect users, prevent fraud, or enforce Terms.

We do not sell your personal data.

5) Data Retention

  • Account and menu data are retained while your account is active.
  • We may retain certain logs for security and debugging for a limited period.
  • You may request deletion of your account; some data may be retained if legally required.

6) Cookies

We use essential cookies/sessions to keep you logged in and to protect the Service (e.g., CSRF prevention). Optional analytics cookies may be added later; if so, we will update this policy and (where required) ask for consent.

7) Your Rights

Depending on your region, you may have rights such as:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of your data
  • Restriction or objection to processing
  • Data portability (where applicable)

To exercise these rights, contact us using the details below.

8) International Users

Our Service may be used globally. Your data may be processed in countries where our infrastructure or service providers operate. We take reasonable steps to protect data in line with this policy.

9) Security

  • Passwords are stored as secure hashes (never plain text).
  • We use sessions and CSRF protection for account safety.
  • We limit access to personal data to authorized personnel only.
Note
No system is 100% secure. Please use a strong password and keep your login details safe.

10) Children’s Privacy

The Service is not intended for children under 13 (or the minimum age required by applicable law). We do not knowingly collect personal data from children.

11) Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date will reflect the latest revision.

12) Contact

For privacy requests or questions, contact us via the support channel listed on the website.

Links: TermsHomePremium