Privacy promise

What we collect. What we don't. Why.

This is not the legal policy. This is the plain-English version of what happens to your data when you use QRBliss.

What we collect

Three things. That is the whole list.

  • Hashed IP address

    SHA-256, one-way — we cannot reverse it to find you.

  • Device class

    Mobile or desktop. Not the model, not the OS version.

  • Timestamp

    When the scan happened.

That is it. No name, no email (unless you sign up), no location beyond what the IP hash implies.

What we never collect

Four things we made sure to leave out.

  • Raw IP addresses

    Hashed on arrival, the original discarded.

  • Tracking cookies

    None, ever.

  • Cross-site tracking

    QRBliss does not follow you anywhere.

  • Your data sold to third parties

    Never — including to analytics vendors.

How analytics work

Two systems. Both built to know as little as possible.

Plausible

Cookie-free · GDPR-compliant

Handles page-level traffic — which pages get visited. No personal data, no cookies.

Postgres

Our own database

Handles per-QR scan counts. Stores only the hashed IP, device class, and timestamp.

The guarantee

On a paid plan, this is contractual.

If you are on a paid plan, this commitment is part of your subscription agreement. We cannot quietly change it without notifying you.

Why

Why we built it this way.

We built QRBliss for restaurant owners, designers, and small businesses. They don't need their customers' data sold. Neither do we.

Read the full Privacy policy →