← Back to SQRL

Privacy Policy

Last updated: April 5, 2026

SQRL ("we", "our", "the app") is built with privacy as a core principle. This policy explains what data we collect (almost nothing) and how we handle it.

Our Privacy Promise

SQRL is designed to protect your privacy, not compromise it. We believe privacy is a fundamental right, not a feature to upsell.

Data We Do NOT Collect

• QR code contents — We never see, store, or transmit the QR codes you scan.
• Browsing history — Your scan history stays encrypted on your device only.
• Personal information — No accounts, no emails, no phone numbers required.
• Location data — We never access your location.
• Contact lists — We never access your contacts.
• Advertising identifiers — We don't use ad SDKs or tracking frameworks.
• Analytics about your behavior — No screen tracking, no event logging, no session recording.

Data Stored on Your Device

SQRL stores the following data locally on your device only, encrypted with AES-256:

• Scan history — QR codes you've scanned, with timestamps and detected types.
• App preferences — Your settings (theme, toggle states, etc.).
• Onboarding status — Whether you've completed the first-launch flow.

This data never leaves your device. It is encrypted at rest and only accessible within the SQRL app. You can delete all stored data at any time from Settings → Clear All History.

Camera Access

SQRL requires camera access solely to scan QR codes. Camera data is processed in real-time on your device and is never recorded, stored, or transmitted. No images are saved unless you explicitly use the gallery import feature.

URL Safety Checks

When you scan a URL, SQRL may check it against the Google Safe Browsing API to detect phishing and malware. This check:

• Sends a hashed prefix of the URL (not the full URL) to Google's servers
• Does not reveal the complete URL you scanned
• Is performed to protect you from malicious websites

You can disable this feature in Settings → Security → Malicious URL Detection.

Tracker Stripping

SQRL's tracker stripping engine runs entirely on your device. No URLs or tracking parameters are transmitted anywhere. The list of known tracker parameters is bundled with the app.

Subscriptions

If you purchase a SQRL Pro subscription, the transaction is handled entirely by Apple (App Store) or Google (Play Store). We do not receive or store your payment information. We receive only a confirmation of your subscription status.

Third-Party Services

SQRL uses the following third-party services:

• Apple App Store / Google Play Store — For app distribution and in-app purchases.
• RevenueCat — For subscription management. RevenueCat receives an anonymous app user ID (not linked to your identity). See RevenueCat's Privacy Policy.
• Google Safe Browsing API — For URL safety checks (optional, can be disabled).
• Open Food Facts — For product lookup when you scan a retail barcode (EAN/UPC/ISBN). Only the barcode number is sent. Optional, can be disabled. See Open Food Facts Privacy Policy.
• Supabase (EU region) — For anonymous app event counts. See "Anonymous Usage Counts" below.
• Sentry (EU region) — For privacy-filtered crash reports. See "Crash Reports" below.

Barcode Product Lookup

When you scan a retail barcode (EAN-13, EAN-8, UPC-A, UPC-E, or ISBN), SQRL queries the Open Food Facts database to show you the product name, brand, category, and image if available. This lookup:

• Sends only the barcode number (already printed on the product package — not personal information)
• Does not send your identity, IP-linked user ID, device info, or location
• Goes to Open Food Facts, a French non-profit collaborative database
• Is skipped entirely for non-retail barcodes (Code 128, Code 39, Data Matrix, QR codes)

You can disable product lookup at any time in Settings → Security → Product Lookup. When disabled, no barcode data leaves your device.

Anonymous Usage Counts

SQRL records a small set of anonymous, count-only events to help us understand how the app is used. Each event is one of:

• app_opened — the app was launched
• qr_scanned — a QR or barcode was scanned
• qr_generated — a QR was created and shared from the Generate tab
• paywall_viewed / paywall_dismissed — the Pro upgrade screen was opened or closed
• subscription_started / subscription_restored — a subscription event occurred (when subscriptions are live)
• safety_warning_shown — a phishing or malware warning was displayed

Each event includes only the event name, a random anonymous ID generated on first launch, and a timestamp. We do not record:

• The contents of any QR code
• Wifi credentials, contacts, or any user input
• Your IP address
• Your device model, OS version, or advertising identifier
• Screen names or navigation paths inside the app

These events are stored in our self-managed Supabase database hosted in the European Union. You can disable usage counts at any time in Settings → Privacy inside the app. The opt-out takes effect immediately.

Crash Reports

When SQRL crashes, an anonymized crash report may be sent to our crash reporting service (Sentry, EU-hosted) so we can fix the bug. Crash reports include the type of error, where in the code it occurred, the app version, and the OS class (iOS or Android). Before sending, the report is filtered to remove:

• QR code contents
• Wifi passwords and SSIDs
• Contact names, phone numbers, and email addresses
• IP addresses and user identifiers
• Device unique identifiers
• Navigation breadcrumbs and HTTP request data

You can disable crash reports at any time in Settings → Privacy inside the app. When disabled, no crash data leaves your device.

Website Analytics (sqrl.cam only)

This marketing website uses Vercel Web Analytics to count anonymous page views. It is configured for the strictest privacy:

• No cookies, ever
• No browser fingerprinting
• No cross-site tracking
• No IP address storage
• Records only: which pages were viewed, the country (derived from IP at request time, not stored), and the device class (mobile/desktop)

This data is used solely to understand how many people visit the site. The SQRL mobile app itself contains no website-tracking code.

Children's Privacy

SQRL does not knowingly collect information from children under 13. The app does not require account creation or personal information.

Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the app constitutes acceptance of the updated policy.

Contact

Questions about this privacy policy? Email us at privacy@sqrl.cam