SmartyTags

Privacy Policy

Last updated: February 1, 2026

1. Introduction

SmartyTags Inc. (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our QR code management platform and related services (the “Service”).

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, and password. If you subscribe to a paid plan, we collect billing information through our payment processor (Stripe). We do not store full credit card numbers on our servers.

2.2 QR Code Data

We store the content, settings, and metadata associated with QR codes you create, including destination URLs, titles, descriptions, and configuration settings such as smart rules and design customizations.

2.3 Scan Analytics Data

When someone scans a QR code created through our Service, we collect:

  • Timestamp of the scan
  • Approximate geographic location (based on IP address, which is then discarded)
  • Device type and operating system
  • Browser type and version
  • Referrer information

We do not collect personally identifiable information from QR code scanners. IP addresses are used solely for geolocation and are not retained after processing.

2.4 Usage Data

We automatically collect information about how you use the Service, including pages visited, features used, actions taken, and time spent on the platform. This helps us improve the Service and provide a better user experience.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and send billing-related communications
  • Provide analytics and insights about QR code performance
  • Send service-related notifications and updates
  • Respond to support requests and inquiries
  • Detect, prevent, and address technical issues and abuse
  • Comply with legal obligations

4. Data Sharing

We do not sell, rent, or trade your personal information. We may share information with:

  • Service Providers: Third parties that help us operate the Service (e.g., hosting, payment processing, email delivery)
  • Legal Requirements: When required by law, regulation, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance
  • Access controls and authentication requirements

6. Data Retention

We retain your account information for as long as your account is active. Scan analytics data is retained according to your plan (30 days for Free, indefinitely for paid plans). When you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal information
  • Export your data in a portable format
  • Opt out of certain data processing activities
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@smartytags.com.

8. Cookies and Tracking

We use essential cookies to maintain your session and preferences. We also use analytics cookies to understand how the Service is used. You can control cookie preferences through your browser settings. The Service functions without non-essential cookies.

9. International Data Transfers

Our servers are located in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States. We implement appropriate safeguards for international data transfers, including Standard Contractual Clauses where applicable.

10. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The “Last updated” date at the top indicates when the policy was last revised.

12. Contact Us

If you have questions or concerns about this Privacy Policy, contact us at: