What personal data do you collect during QR Code Tracking and is this GDPR compliant?

book reader icon
1 Minute
facebook logo gray
linkedin logo gray
mail logo gray

The good news is that the tracking process itself does not store any personal data. When requesting a tracking URL or scanning a dynamic QR Code you do not have to worry about GDPR or CCPA.

We just store the following data

Anonymized IP

The IP is encrypted and stored anonymously in the database as a hash value that cannot be decrypted. It is not possible to relate to a person with the anonymized IP address. The anonymized IP is stored to calculate the number of unique visitors who scanned a QR Code

Country and City

Before the IP address is anonymized, the country and city are extracted from it, if possible. For this we use a local database from which we can read the country information. No third-party server or API is included.

Local time and date

We also store the local time and date when the QR Code has been requested. We extract the time zone of the device by its IP address.

Device Information

The device who scans the QR Code sends us a user agent that contains information about the brand, the device name, the operating system and browser used.

No Cookies are left on the device

The redirection to the destination address is executed directly via a 301 redirect and we do not place any cookies on the device scanning the QR Code.

No browser finger printing

We do not use browser fingerprinting techniques to identity a user.

GDPR compliance

You can find a detailed description of how we deal with the data we collect under our GDPR page. To avoid data breaches and other complications, we regularly undergo pen tests by an external company.

Last update 3 months ago