Privacy Policy

Last updated: June 2026

1. Introduction

Snapkit ("we", "our", or "us") operates snapkit.store, a QR code generation service that includes free static QR tools and paid dynamic QR code features with analytics. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and services.

2. Information We Collect

Static QR Codes (No Account Required)

When you use our free static QR code generator, the text, URLs, or other content you enter is processed in your browser. We do not store this content on our servers unless you explicitly save or export it yourself.

Account Information

If you create an account to use dynamic QR codes or purchase a paid plan, we collect:

  • Email address
  • Password (stored in hashed form by our authentication provider; we never see your plain-text password)
  • Account creation date and sign-in activity
  • Plan type, trial status, and QR code usage limits

Dynamic QR Code Data

When you use dynamic QR codes, we store the following in our database:

  • QR code names and short redirect codes
  • Destination URLs you configure
  • Scan counts and creation/update timestamps

Scan Analytics

When someone scans a dynamic QR code, we log analytics data to provide scan statistics. This may include:

  • IP address
  • Browser type and version
  • Operating system and device type
  • Referring page (if provided by the browser)
  • Date and time of the scan

This data is associated with the QR code being scanned, not with the person scanning it unless they are also a registered Snapkit user.

Payment Information

If you purchase a paid plan, payments are processed by Stripe. We do not collect or store your full credit card number, CVV, or bank account details. Stripe may collect billing name, billing address, payment method details, and transaction history. We store:

  • Your Stripe customer ID
  • Plan type and purchase/subscription status
  • Transaction metadata needed to manage your account

Automatically Collected Information

When you visit our website, we may automatically collect:

  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website addresses
  • Device type and screen resolution

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our services
  • Create and manage your account
  • Process payments and manage subscriptions
  • Host, redirect, and track dynamic QR codes
  • Display scan analytics to account holders
  • Enforce plan limits and trial periods
  • Improve and optimize user experience
  • Analyze usage patterns and trends
  • Display relevant advertisements
  • Detect and prevent fraud or abuse
  • Respond to support requests
  • Comply with legal obligations

4. Third-Party Service Providers

We use trusted third-party services to operate Snapkit. These providers process data on our behalf and are bound by their own privacy policies:

Supabase

We use Supabase for user authentication, database hosting, and secure storage of account data, dynamic QR codes, and scan analytics. Supabase may process data in the United States and other regions where its infrastructure operates.

Supabase privacy policy: https://supabase.com/privacy

Stripe

We use Stripe to process payments, manage subscriptions, and provide a customer billing portal. When you check out or manage billing, you are redirected to Stripe-hosted pages where Stripe collects and processes your payment information directly.

Stripe privacy policy: https://stripe.com/privacy

Google Analytics

We use Google Analytics to analyze website usage. Google Analytics gathers information about website use by means of cookies. The information gathered is used to create reports about the use of our website.

Google's privacy policy is available at: https://policies.google.com/privacy

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

5. Cookies and Similar Technologies

We use cookies and similar technologies to operate our service. These include:

  • Essential cookies — required for authentication and keeping you signed in to your account (managed via Supabase Auth)
  • Analytics cookies — used by Google Analytics to understand how visitors use our site

You can control non-essential cookie preferences through your browser settings. Disabling essential cookies may prevent you from signing in or using account features.

6. Advertising (Future)

We may use Google AdSense to display advertisements on our website in the future. Google may use cookies and similar technologies to serve ads based on your prior visits to our website or other websites. You can opt out of personalized advertising by visiting Google Ads Settings.

7. Data Retention

We retain your information for as long as necessary to provide our services:

  • Account data — retained while your account is active and for a reasonable period after deletion to comply with legal obligations
  • Dynamic QR codes — retained while your account is active and your plan permits their use
  • Scan analytics — retained while the associated QR code exists and your account remains active
  • Payment records — retained as required for tax, accounting, and legal compliance; Stripe maintains its own records per its policies

You may request account deletion by contacting us. Upon deletion, we will remove or anonymize your personal data within a reasonable timeframe, except where retention is required by law.

8. Data Security

We implement appropriate technical and organizational measures to protect your information, including encrypted connections (HTTPS), access controls, and industry-standard authentication. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States, where our service providers (Supabase, Stripe, Google) maintain infrastructure. By using our services, you consent to such transfers. Where required by law, we rely on appropriate safeguards such as standard contractual clauses offered by our providers.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Request a portable copy of your data
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with your local data protection authority

To exercise these rights, please contact us via our contact page. We will respond within the timeframe required by applicable law.

11. Third-Party Links

Our service may contain links to third-party websites, including destination URLs configured in QR codes. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

12. Children's Privacy

Our service is not directed to children under 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. Paid plans require users to be at least 18 years old or have parental consent. If you believe we have collected information from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of the service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please visit our contact page or email us at andressh11@gmail.com.