Security & Compliance
Your data is safe with EZQR
We take security seriously. Here's how we protect your data and meet compliance requirements.
SSL/TLS Encrypted
All data in transit is encrypted with TLS 1.3. Your QR codes and analytics are protected.
GDPR Compliant
We follow GDPR requirements including data export, right to erasure, and transparent data processing.
CSA STAR Level 1
Self-assessed against the Cloud Security Alliance Cloud Controls Matrix for cloud security best practices.
DPA Available
Data Processing Agreement available for business customers who need formal data handling documentation.
Data Handling Practices
Data Storage
All user data is stored in encrypted PostgreSQL databases. QR code analytics are processed via secure message queues with end-to-end encryption.
Data Retention
Analytics data is retained for the duration of your subscription. Static QR codes contain no server-side data. Upon account deletion, all data is permanently removed within 30 days.
Your Rights
- Data export: Download all your data from Settings
- Right to erasure: Delete your account and all associated data
- Data portability: Export your QR codes and analytics as CSV/JSON
Third-Party Processors
We use Vercel (hosting), Polar (payments), and Upstash (caching/queues). All processors are GDPR-compliant.