Privacy Policy

Last updated: February 28, 2024
QrBuddy is responsible for the processing of personal data as shown in this privacy statement.
Contact information:
https://qrbuddy.click
info@qrbuddy.click
Poland

Personal data we process

QrBuddy processes your personal data when you use our services and/or when you provide these data to us yourself.
Below you will find an overview of the personal data we process:

• First and last name
• Email address
• IP address
• Data about your activities on our website

Special and/or sensitive personal data we process

Our website and/or service does not intend to collect data about website visitors who are younger than 16 years old, unless they have permission from parents or guardians. However, we cannot verify the age of a visitor. We therefore recommend that parents be involved in their children's online activities to prevent the collection of data about children without parental consent. If you believe that we have collected personal data about a minor without permission, please contact us at info@qrbuddy.click, and we will delete this information.

Purposes and legal basis for processing personal data

QrBuddy processes your personal data for the following purposes:

• Handling your payment
• Sending our newsletter
• Being able to call or email you if necessary to provide our services
• Informing you about changes to our services and products
• Offering you the possibility to create an account
• QrBuddy also processes personal data when we are legally obliged to do so, such as data we need for our tax returns.

Retention period

QrBuddy does not retain your personal data longer than strictly necessary to achieve the purposes for which your data are collected.

Sharing personal data with third parties

QrBuddy only provides personal data to third parties if necessary for the execution of our agreement with you or to comply with a legal obligation.

Cookies and similar techniques used

QrBuddy only uses technical and functional cookies, as well as analytical cookies that do not infringe on your privacy. A cookie is a small text file that is stored on your computer, tablet, or smartphone when you first visit this website. The cookies we use are necessary for the technical functioning of the website and your convenience. They ensure that the website works properly and remember your preferences, for example. They also help us optimize our website. You can opt out of cookies by configuring your internet browser not to store cookies anymore. Additionally, you can also delete any previously stored information through your browser settings.

Accessing, correcting, or deleting data

You have the right to access, correct, or delete your personal data. You can do this by contacting us through this website on info@qrbuddy.click. Additionally, you have the right to withdraw your consent to data processing or object to the processing of your personal data by our company. You also have the right to data portability, meaning you can submit a request to us to send the personal data we hold about you in a computer file to you or another organization mentioned by you.

If you wish to exercise your right to object and/or right to data portability or if you have any other questions/comments about data processing, please send a specific request to info@qrbuddy.click.

To ensure that the request for access is made by you, we ask you to include a copy of your identification document with the request. In this copy, please black out your photograph, MRZ (machine-readable zone, the numbers at the bottom of the passport), passport number, and Citizen Service Number for privacy protection. QrBuddy will respond to your request as soon as possible, but no later than four weeks.

QrBuddy would also like to inform you that you have the right to lodge a complaint with the national supervisory authority, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). You can do so through the following link: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons

How we secure personal data

QrBuddy takes the protection of your data seriously and implements appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unauthorized alteration. If you believe that your data is not properly secured or if there are indications of abuse, please contact our customer service or email us at info@qrbuddy.click. QrBuddy has implemented the following measures to secure your personal data:

• TLS (formerly SSL): We transmit your data over a secure internet connection. You can identify this by the 'https' in the address bar and the padlock icon displayed.
• DNSSEC: It is an additional security measure (in addition to DNS) for translating a domain name (#company_website) to the associated IP address (server name); it is provided with a digital signature. You can have that signature automatically verified. This helps prevent redirection to a false IP address.
• Hashing: User passwords are hashed using a one-way hashing algorithm before storing them in the database. This means that the actual passwords are never stored, only their hashed representations. We use strong cryptographic hashing algorithms such as SHA-256 or bcrypt to ensure that passwords are securely hashed.
• Salting: To further enhance security, we employ the technique of salting along with hashing. A unique salt is added to each password before hashing, ensuring that even if two users have the same password, their hashed passwords will be different.
• Encryption: In addition to hashing, sensitive data transmissions, including passwords, are encrypted using industry-standard encryption protocols such as HTTPS to prevent eavesdropping and unauthorized access during transmission.
• Password Policies: We encourage users to create strong passwords by enforcing password policies such as minimum length, complexity requirements, and expiration periods. This helps mitigate the risk of brute-force attacks and password guessing.
• Secure Storage: Passwords are stored securely in our database using industry best practices for data storage and access control. Access to the database is restricted to authorized personnel only, and strong access controls are enforced to protect against unauthorized access.