FlashQR← Back to home

Legal

Privacy Policy

Last updated: March 23, 2026

1. Introduction

FlashQR is a product of AGP Software Solutions, Inc. (“AGPSoft”, “we”, “our”, or “us”). AGP Software Solutions, Inc. is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QR code management platform at flashqr.io (the “Service”). Please read this policy carefully. By using the Service, you consent to the practices described here.

2. Information We Collect

2.1 Account Information

When you register, we collect your name, email address, and a hashed password. We never store your password in plain text.

2.2 Google Sign-In

You may sign in using your Google account via OAuth 2.0. When you do, Google shares your name, email address, and profile picture URL with us. We use this information solely to create or identify your FlashQR account. We do not receive your Google password, and we do not access any other Google data (such as Gmail, Drive, or contacts) beyond what is needed to authenticate you.

The data received from Google is stored in our database in the same way as data provided during email/password registration. If you sign in with Google for the first time, an account is created automatically using your Google name and email. You will not need to set a password unless you later choose to add one in your account settings.

Google’s use of data shared with us is governed by the Google Privacy Policy. You can revoke FlashQR’s access to your Google account at any time from your Google account permissions.

2.3 QR Code Data

We store the QR codes you create, including their names, destination URLs, content type, and design settings (colors, format).

2.4 Scan Analytics

Each time one of your QR codes is scanned, we may automatically collect:

  • Browser name and version
  • Operating system and version
  • Device type (desktop, mobile, tablet)
  • Country and city (derived from IP address — the IP itself is not stored)
  • HTTP referrer
  • Timestamp of the scan

This data is attributed to your QR code, not to the individual scanner, and is used solely to provide you with analytics.

2.5 Payment Information

Billing and payment processing is handled entirely by Stripe on behalf of AGP Software Solutions, Inc. We do not store credit card numbers or banking details on our servers. We receive and store a Stripe customer ID and subscription status to manage your plan. Charges will appear on your statement under AGP Software Solutions or AGPSoft.

2.6 Usage and Log Data

We may collect standard server log data such as request timestamps, pages visited, and error events for operational and security purposes. This data is retained for a limited period and is not sold or shared.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service
  • Authenticate your account via email/password or Google OAuth, and keep it secure
  • Display scan analytics on your dashboard
  • Process payments and manage subscriptions
  • Send transactional emails (account creation, billing receipts, subscription changes)
  • Respond to support inquiries
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

We do not use your data to serve third-party advertising, and we do not sell your personal information to any third party.

4. Cookies and Tracking

We use strictly necessary cookies to maintain your authenticated session. We do not use advertising cookies or cross-site tracking technologies. Specifically:

  • Session cookie: Used to keep you logged in. Expires when you sign out or after an extended period of inactivity.
  • CSRF token: Used to protect form submissions from cross-site request forgery.

5. Data Sharing and Third Parties

We share data only as described below:

  • Google (OAuth): If you choose to sign in with Google, your name and email are received from Google and stored in our database. We do not share your FlashQR data back with Google. This integration is governed by the Google Privacy Policy.
  • Stripe: Payment processor acting on behalf of AGP Software Solutions, Inc. Billing data is handled entirely by Stripe and subject to Stripe’s Privacy Policy.
  • Cloudflare: QR code scans are routed through Cloudflare Workers and Key-Value storage for redirect processing. Cloudflare may process scan request metadata (IP address, user-agent) transiently; we do not instruct Cloudflare to store this data beyond what is needed to serve the redirect.
  • Hosting infrastructure: Our servers are hosted on cloud infrastructure providers. Data is stored within the EU/US depending on deployment configuration. All providers are subject to appropriate data processing agreements.
  • Legal requirements: We may disclose information if required to do so by law, court order, or governmental authority.

6. Data Retention

We retain your account data and QR code data for as long as your account is active. Scan analytics are retained for a rolling period of up to 24 months. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes.

7. Data Security

We implement industry-standard security measures including HTTPS encryption for all data in transit, hashed passwords (bcrypt), and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict certain processing
  • Data portability (receive a copy of your data in a machine-readable format)

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

9. Children’s Privacy

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from anyone under 16. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice in your dashboard. The “Last updated” date at the top of this page reflects the most recent revision. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us:

AGP Software Solutions, Inc.

Operating as FlashQR

Email: [email protected]