QRsuite — Privacy Policy

Effective date: April 19, 2026

This policy explains what data QRsuite collects, why, and the choices you have. It is written in plain English on purpose — you should be able to read it in a few minutes.


1. Who we are

QRsuite is an iOS app for scanning and generating QR codes and barcodes. It is developed and operated by Abdullah Al Hadi ("we", "us"). For the purposes of the EU / UK / EEA General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA), Abdullah Al Hadi is the data controller for personal data collected through the QRsuite app. For any privacy questions, contact us at hadi.fiftytwo@gmail.com.

This policy covers the QRsuite iOS app and its bundled extensions (Widget and Share Extension).


2. Data we collect

Stays only on your device — never sent anywhere

Everything below is stored locally on your device using Apple's SwiftData framework. If you have iCloud Backup enabled on your iPhone, Apple includes this data in your encrypted iCloud backup — that backup is between you and Apple; we have no access to it.

You can delete any of this at any time from within the app (swipe-to-delete, bulk-delete, or Settings → "Clear all history"). Uninstalling the app removes all of it.

Sent to Firebase (Google)

We use two Firebase services from Google to improve the app: Analytics and Crashlytics. Both are configured with the minimum data surface needed for product decisions and crash fixing — no advertising identifiers, no cross-app tracking.

Firebase Analytics collects:

We do NOT request App Tracking Transparency permission. Firebase Analytics, as we use it, does not collect your advertising identifier (IDFA) and cannot link you across other apps or websites.

What we do NOT send: the contents of any QR or barcode (scanned or created), the text of your notes, the names of your folders or templates, the contents of your photo library, any image bytes, any passwords, or any Wi-Fi credentials.

Firebase Crashlytics collects data only when the app crashes:


3. Permissions the app asks for


4. How we use this data

We do not sell your personal information, and we do not share it for cross-context behavioral advertising (as those terms are defined under the California Consumer Privacy Act). We do not share data with advertisers, and we do not build profiles across other apps.


5. Third parties

The only third-party service the app communicates with is Firebase, operated by Google LLC. Google processes Analytics and Crashlytics data as our service provider, under the Firebase Data Processing and Security Terms. Google's own privacy practices are covered by the Google Privacy Policy.

Google primarily processes this data on servers located in the United States. For users in the EEA, UK, or Switzerland, international transfers rely on Google's Data Processing and Security Terms, which incorporate the European Commission's Standard Contractual Clauses and the UK International Data Transfer Addendum.

No other third-party analytics, advertising, or tracking SDK is bundled in the app.


6. How long we keep it


7. Your rights and choices


8. Children's privacy

QRsuite is not directed at children under 13. We don't knowingly collect data from children under 13. If you believe a child has used the app and want the data associated with that device erased, email hadi.fiftytwo@gmail.com — we'll help you uninstall and reset.


9. Security


10. Changes to this policy

If we change this policy, the new version will replace this page at https://hadicuet.github.io/qrsuite-legal/ and the "Effective date" at the top will be updated. Material changes (e.g. a new third-party service, a new category of data) will be called out in the app's release notes.


11. Contact us

Questions, requests, or complaints: hadi.fiftytwo@gmail.com.