Privacy Policy

QR Code Check

Last updated: March 24, 2026

Data Collection

QR code detection and image processing is performed entirely on your device. No images or camera data are transmitted.

When a URL is detected, it may be sent to third-party threat intelligence services (Google Web Risk and URLhaus) for security analysis.

On-device AI models analyse URL features locally without sending data to any server.

On-Device Processing

Camera frames are processed locally to detect QR codes. Frames are never stored or transmitted.

AI threat analysis uses CoreML models that run entirely on your device. URL feature vectors are computed and classified locally.

Heuristic URL analysis is performed on-device without network access.

Third-Party API Usage

Google Web Risk API: Decoded URLs are checked against Google's threat database. Subject to Google's Privacy Policy.

URLhaus (abuse.ch): Decoded URLs are checked against the URLhaus database of malware distribution sites. Subject to abuse.ch Terms of Service.

Only the decoded URL text is sent to these services -- no device identifiers, location data, or personal information.

Local Storage

Scan history (URLs, risk scores, timestamps) is stored locally on your device using SwiftData.

You can delete all scan history at any time from Settings > Data Management.

API keys are securely embedded in the app and protected with encryption.

Camera & Photo Access

Camera access is used solely to scan QR codes in real time. No photos or videos are captured or stored.

Photo library access is used only when you choose to scan a screenshot for QR codes. Selected images are processed on-device and not stored.

Advertising & Analytics

QR Code Check contains no advertising, no analytics SDKs, and no tracking of any kind.

No personal data is collected, shared, or sold to third parties.

Data Retention

Scan history is retained locally for up to 90 days and can be deleted anytime from Settings. There is no server-side data retention.

Uninstalling the app removes all locally stored data.

Your Rights

Depending on your jurisdiction (including under the GDPR, Australian Privacy Act, or CCPA), you may have the right to:

• Access the personal data we hold about you

• Request correction or deletion of your data

• Object to or restrict processing of your data

• Data portability — receive your data in a structured format

• Withdraw consent at any time

Because QR Code Check processes all data on-device and does not collect personal information on any server, most of these rights are automatically satisfied. You can delete all locally stored data at any time from Settings > Data Management, or by uninstalling the app.

To exercise any of these rights or if you have questions, contact us at support@qrcodecheck.app.

Children's Privacy

QR Code Check does not knowingly collect any personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. Continued use of the app after changes constitutes acceptance of the revised policy.

Contact

For privacy-related inquiries, contact: support@qrcodecheck.app

For general support, contact: support@qrcodecheck.app