Privacy Policy

Summary

QR Security is designed with privacy-first principles. We do not collect, sell, or share personal data or messages. Core features — including key generation, message encryption, QR code creation, scanning, and storage — operate locally on your device.

Data We Do Not Collect

Unless you explicitly choose to export or share data yourself, QR Security does not collect the following:

• Personal contact details
• Message contents or metadata
• Device identifiers or analytics
• Location information
• Usage analytics or tracking

Local Storage & Encryption

All cryptographic keys, messages, and contact information created or stored by the app are kept locally on your device and are encrypted at rest using device-level secure storage.

• Keys are generated locally using secure algorithms (Ed25519 / X25519).
• Message content is encrypted locally using authenticated encryption (ChaCha20-Poly1305) before any QR code is created.
• No unencrypted messages or keys are transmitted or backed up to our servers because we do not operate any cloud service for this app.

Optional Exports & User Actions

You may choose to export or share public keys, QR codes, or encrypted payloads manually. These actions are performed by you and are outside the scope of this app's control. We recommend exercising care when sharing exported files or images.

Third-Party Services

QR Security does not rely on cloud storage or analytics providers for core functionality. If you use platform-level sharing (for example, sharing a QR image using another app), that action may involve third-party apps or services — please review their privacy policies separately.

Biometric & Device Security

The app may offer biometric authentication and auto-lock features to protect access to keys and sensitive operations. Biometric checks are performed by your device's operating system and biometric data is never transmitted to us.

Children’s Privacy

QR Security is not intended for children under the age of 13. We do not knowingly collect personal information from children.

Legal Requests

Because we do not store user messages or personal data on our servers, we have minimal data to provide in response to legal requests. If we are ever legally compelled to disclose information, we will comply with applicable law.

Security Practices

We follow security best practices in development and recommend that users keep their devices updated and secure. Although we implement strong encryption, no system is 100% secure; please use caution when sharing sensitive data and verify contacts before exchanging encrypted messages.

Changes to This Policy

We may update this Privacy Policy from time to time. When changes are made the effective date above will be updated. Continued use of the app after updates indicates acceptance of the revised policy.

Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at: admin@isoft4is.com.