Data controller

Kangale Technologie — 6 Rue d'Armaillé, 75017 Paris, France
Email : privacy@k-qrcode.com

Data collected

Account data

Email, name, password (bcrypt hashed)
Subscription plan, payment info (Stripe — K-QRCODE does not store card numbers)

QR scan analytics

Scan count per QR code
Geographic location (city level, via anonymized IP)
Device type and browser
Scan date and time

Cookies and trackers

Google Analytics 4 (anonymized audience measurement)
Authentication session cookie
Language preference cookie (FR/EN)

Processing purposes

Provide QR code creation and tracking service
Display scan statistics in the user's dashboard
Improve the service (aggregated usage analytics)
Send account-related communications (invoices, security alerts)

Data retention

Account data: subscription duration + 3 years
Scan analytics: rolling 24 months
Server logs: 12 months

Data hosting

Data is hosted in the European Union (OVHcloud, France and O2switch, Clermont-Ferrand). No personal data is transferred outside the EU except for certified subprocessors (Stripe for payments, Google Analytics with IP anonymization settings).

Your GDPR rights

In accordance with the General Data Protection Regulation (GDPR), you have the following rights:

Right to access your personal data
Right to rectification
Right to erasure ("right to be forgotten")
Right to data portability
Right to object to processing
Right to withdraw consent at any time

To exercise these rights, contact us at: privacy@k-qrcode.com

Supervisory authority

In case of complaint, you can contact the French Data Protection Authority (CNIL) — www.cnil.fr

Privacy Policy