Privacy Policy
Scanvas ("we", "us") lets you create QR codes and, for dynamic codes, track scans. This page explains what we collect and why. We try to collect as little as possible.
1. Information you give us
- Account: your email address and a password. Passwords are never stored in plain text — only a one-way cryptographic hash.
- Code content: the destinations, labels and styling you choose for your codes.
2. Information collected when a code is scanned
When someone scans one of your dynamic codes, we log basic analytics so you can see how your codes perform:
- Date and time of the scan
- Approximate location (city / region / country), derived from the scanner's IP address
- Device type, operating system and browser (from the user-agent)
- The referring website, if any
3. Cookies
We use a single, strictly-necessary session cookie to keep you logged in. It is HTTP-only and contains no personal data. We do not use advertising or third-party tracking cookies.
4. Service providers
To run Scanvas we use: Vercel (hosting), Upstash (database), Cloudflare (domain/DNS), and ip-api.com (to turn an IP into an approximate location at scan time). These providers process data on our behalf.
5. How we use the data
To operate your account, generate and serve your codes, show you analytics for your own codes, and keep the service secure. We do not sell your data.
6. Your choices
- You can edit or delete any code at any time from your dashboard.
- You can delete your account from Account settings — this removes your account, your codes and their scan history.
7. Children
Scanvas is not directed at children under 13 and we do not knowingly collect their data.
8. Changes & contact
We may update this policy; material changes will be reflected by the date above. Questions? Contact the site owner.