'%3e%3crect%20x='48'%20y='48'%20width='416'%20height='416'%20rx='84'%20fill='%230B1220'%20/%3e%3crect%20x='72'%20y='72'%20width='368'%20height='368'%20rx='72'%20fill='url(%23qmGrad)'%20opacity='0.10'%20/%3e%3c/g%3e%3cg%3e%3cg%20transform='translate(108,108)'%3e%3crect%20x='0'%20y='0'%20width='120'%20height='120'%20rx='26'%20fill='none'%20stroke='url(%23qmGrad)'%20stroke-width='16'%20/%3e%3crect%20x='34'%20y='34'%20width='52'%20height='52'%20rx='14'%20fill='url(%23qmGrad)'%20/%3e%3c/g%3e%3cg%20transform='translate(284,108)'%3e%3crect%20x='0'%20y='0'%20width='120'%20height='120'%20rx='26'%20fill='none'%20stroke='url(%23qmGrad)'%20stroke-width='16'%20/%3e%3crect%20x='34'%20y='34'%20width='52'%20height='52'%20rx='14'%20fill='url(%23qmGrad)'%20/%3e%3c/g%3e%3cg%20transform='translate(108,284)'%3e%3crect%20x='0'%20y='0'%20width='120'%20height='120'%20rx='26'%20fill='none'%20stroke='url(%23qmGrad)'%20stroke-width='16'%20/%3e%3crect%20x='34'%20y='34'%20width='52'%20height='52'%20rx='14'%20fill='url(%23qmGrad)'%20/%3e%3c/g%3e%3c/g%3e%3cg%20fill='%23E5E7EB'%20opacity='0.96'%3e%3crect%20x='292'%20y='258'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='322'%20y='258'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='352'%20y='258'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='262'%20y='288'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='292'%20y='288'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='352'%20y='288'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='262'%20y='318'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='322'%20y='318'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='352'%20y='318'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='232'%20y='348'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='262'%20y='348'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='292'%20y='348'%20width='22'%20height='22'%20rx='7'%20/%3e%3crect%20x='352'%20y='348'%20width='22'%20height='22'%20rx='7'%20/%3e%3c/g%3e%3cg%20fill='none'%20stroke='%23E5E7EB'%20stroke-opacity='0.35'%20stroke-width='10'%20stroke-linecap='round'%3e%3cpath%20d='M232%20359%20H214%20V214%20H300'%20/%3e%3cpath%20d='M374%20269%20V214%20H300'%20/%3e%3c/g%3e%3c/svg%3e)
Privacy Policy
Last updated: January 2026
1. Data Collection
QrCodeMatrix does not store your QR content or personal data on our servers. QR code generation happens locally in your browser.
2. Cookies and Tracking
We use Cloudflare Web Analytics to understand site usage. This service may collect aggregated metrics such as page views, referrers, and device or browser information. It is used for performance and usage insights, not advertising. We also use Matomo Analytics on our own servers with anonymized data for aggregated statistics.
We set a security cookie named qrstudio_csrf to help protect against CSRF attacks. This cookie is Secure and SameSite=Strict (in production), and is not used for tracking.
Our website is added to Google Search Console. Google may retain search analytics (for example, queries, impressions, and clicks) under its own policies.
Cookies we use
The table below summarizes the essential cookies used on this site and their purpose.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| _id.3.6aa0 | qrcodematrix.com (Matomo) | Identifies returning visitors for Matomo analytics. | Up to 13 months |
| _pk_ses.3.6aa0 | qrcodematrix.com (Matomo) | Short session cookie for Matomo analytics. | Session |
| MATOMO_SESSID | matomo.digicatech.net (Matomo) | Maintains Matomo session state. | Session |
| ph_phc_4URIAm1uYfJO7j8kWSe0J8lc8IqnstRLS7Jx8NcakHo_posthog | digicatech.net (PostHog) | Product analytics and event tracking. | Up to 12 months |
| qrstudio_csrf | qrcodematrix.com | CSRF protection for requests. | Session |
| qrstudio_locale | qrcodematrix.com | Stores language preference. | Up to 12 months |
| rl_anonymous_id | digicatech.net (RudderStack) | Anonymous analytics identifier. | Up to 12 months |
| rl_page_init_referrer | digicatech.net (RudderStack) | Stores initial referrer for attribution. | Up to 12 months |
| rl_page_init_referring_domain | digicatech.net (RudderStack) | Stores initial referring domain for attribution. | Up to 12 months |
| rl_session | digicatech.net (RudderStack) | Session management for analytics. | Up to 12 months |
| rl_trait | digicatech.net (RudderStack) | Stores analytics user traits. | Up to 12 months |
| rl_user_id | digicatech.net (RudderStack) | Stores analytics user ID. | Up to 12 months |
3. Server Mode and PDF Export
PDF export is only used when server mode is enabled. During this process, the payload is processed temporarily to generate the PDF and is not retained.
4. Data Security
We apply security measures for data in transit. However, no transmission over the internet can be guaranteed to be 100% secure.
5. Sharing and Third Parties
We use Cloudflare as a service provider for aggregated analytics. No advertising profiles are created, and we do not sell personal data.
6. Changes to This Policy
We may update this policy from time to time. Significant changes will be posted on this page.
7. Contact
For privacy questions, please reach out via the contact page.