This Privacy Policy outlines how data is collected, processed, and protected on the MyQrMood platform. Built on principles of technical transparency, the platform strictly avoids marketing tracking, invasive ad networks, and the sale of personal data.
1. Information Collection & Usage
Because the platform operates in a B2B2C model, data collection is separated into two categories:
- For End-Users (Consumers): When claiming or managing a QR Code, the platform collects only an email address (for authentication via Magic Link or Google OAuth) and temporarily processes the IP address for security and rate-limiting purposes.
- For Merchants (Store Owners): Account creation requires an email address and a Google ID (via OAuth). The platform does not collect or extract personal names from Google accounts. Additional collected data is limited to brand configurations explicitly provided via forms (Brand Name, Logo URLs, and Brand URL).
- Temporary Order Processing: If a Merchant integrates third-party fulfillment services (Printful or Gelato), the platform temporarily accesses order data (such as the buyer's name and Order ID) strictly to generate the production queue and filename structures. This end-consumer data is processed strictly in memory; it is never saved in the database, nor is it ever used for marketing or direct contact.
2. Data Protection & Encryption
Protecting your data is the highest priority. The system employs strict encryption and isolation protocols:
- End-to-End Encryption: Sensitive data, including Merchant API keys and End-User dashboard texts and links, are encrypted at rest using AES-256-GCM. The platform cannot read encrypted End-User messages unless explicitly reported via the moderation system.
- Asset Security: Merchant design templates are stored securely using cloud providers (Cloudflare R2) behind authenticated, pre-signed URLs. Strict tenant isolation ensures templates cannot be accessed by other users.
- Infrastructure Protection: All inbound traffic IP addresses are temporarily processed via in-memory caching (Redis) to prevent DDoS attacks and enforce rate limits, ensuring platform stability.
3. Financial Data & Third-Party Processors
The platform does not store, process, or transmit credit card numbers. All financial transactions are handled securely by Paddle (the Merchant of Record). The database only retains a transaction history, receipt URLs, and a non-sensitive billing identifier (paddleCustomerId).
To provide the service, necessary data is routed through trusted sub-processors:
- Google: Identity provider (OAuth) and API validations (Google Web Risk).
- Resend: Transactional email delivery (Magic Links).
- Upstash (Redis): Temporary IP processing for rate limiting.
- MongoDB Atlas: Secure cloud database storage.
- Cloudflare R2: Secure cloud storage for Merchant design templates and image assets.
- Tenor: Processing search queries for GIF integrations.
4. Data Retention & Right to be Forgotten
- End-Users:You may unlink your email from any claimed physical product using the “Account Settings” panel. This action permanently purges your personal association and resets the QR Code to its factory state.
- Merchants (Soft Delete): When a Merchant deletes their account, personal data (email) is immediately anonymized/hashed, and original image files are permanently deleted from cloud storage. However, the internal Store ID is retained exclusively to ensure that physical QR Codes already sold to End-Users continue to function normally.
5. Cookie Policy (Strictly Necessary)
The platform operates without marketing, tracking, or cross-site advertising cookies. Only “Strictly Necessary” cookies and local storage technologies are utilized to ensure security and core functionality. Because these are mandatory for the system to operate, they cannot be disabled.
- Authentication (NextAuth): Secure session cookies (session-token, csrf-token) are used to keep users logged in and protect against Cross-Site Request Forgery (CSRF) attacks.
- Payment Operations (Paddle SDK): The billing portal injects cookies required to process payments, detect fraud, and display correct localized currencies.
- Integrations: A temporary cookie (printful_oauth_state) is utilized exclusively during the Printful authorization flow to secure the connection.
- Local Processing (Web Workers): For maximum privacy and speed, the platform utilizes your browser's native capabilities (Canvas and Web Workers) to merge final artwork directly on your device, rather than uploading uncompressed files to external servers.
Privacy Inquiries
If you have any questions regarding this Privacy Policy or wish to exercise your data rights, please contact support at support@myqrmood.com.