Privacy Policy

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use the Service. If you do not agree with this Policy, please do not use the Service.

Effective Date: 08-01-2026
Company: Arta, doing business as Cheap Joe’s QR codes (“Company,” “we,” “us,” or “our”)
Website/Service: https://cheapjoesqr.com and related pages, plugins, and services that generate static and dynamic QR codes (the “Service”).

What We Collect

We collect information in three ways: (a) you provide it, (b) it’s collected automatically, and (c) it’s received from third parties (e.g., payment processors).

A. Information You Provide

  • Account & Contact Data: name, email address, billing/shipping address, company name (optional), and password (hashed and not visible to us).
  • Order Details: QR style choices (e.g., framed/static/dynamic), caption text, payload type (URL, vCard, Wi-Fi, Email/SMS, Calendar, Geo/Maps, Payment), and any content you choose to encode.
  • Support Requests: messages and attachments you send to support.

B. Payment Information

  • We do not store or process full credit/debit card numbers. Payments are handled by WooCommerce and third-party processors (e.g., StripePayPalApple Pay). Those companies collect and process card data per their own policies. We receive limited transaction metadata (e.g., transaction ID, status) so we can fulfill your order.

C. Automatically Collected Data

Dynamic QR Analytics (if enabled): when a dynamic QR is scanned, we may log event data (e.g., scan time, approximate location derived from IP, user agent, referring info) to operate redirects and provide analytics. Static QR codes do not produce ongoing scan logs after delivery.

Log & Device Data: IP address, browser type, device identifiers, pages viewed, and timestamps.

Cookies & Similar Tech: to keep you signed in, remember preferences, prevent fraud, and analyze use of the Service. See “Cookies” below.

How We Use Information

We use personal information to:

  • Provide the Service: create and email your QR codes; host and manage dynamic redirects; process orders and deliver receipts.
  • Operate & Secure: authenticate users, prevent fraud/abuse, enforce policies, and maintain site functionality.
  • Communicate: send transactional emails (order confirmations, delivery emails, service notices). With your consent or as allowed by law, we may send product updates or promotions (you can opt out).
  • Legal & Compliance: meet tax, accounting, and legal obligations.

Legal Bases (EEA/UK users): contract performance (to provide the Service), legitimate interests (security, improvement), consent (where required), and compliance with legal obligations.

Your Responsibility for QR Content & Credentials

You control the content encoded in your QR codes. Do not encode sensitive data (e.g., full payment card numbers, bank details, government IDs, health information, passwords, or secrets). If you choose to include sensitive data, you do so at your own risk.

Account Security: You are responsible for maintaining the confidentiality of your login credentials and for all activity under your account. We are not responsible for any loss or damage arising from unauthorized access to your account resulting from your failure to safeguard credentials (“lost password hacks”) or from compromised email inboxes or devices not caused by our breach. Consider using a unique, strong password and enabling any available two-factor authentication.

Sharing of Information

We do not sell personal information. We may share information with:

Business Transfers: in a merger, acquisition, financing, or sale of assets, information may be transferred as permitted by law.

Service Providers: hosting, cloud storage, email delivery, analytics, customer support tools, and payment processors (WooCommerce, Stripe, PayPal, Apple Pay).

Legal/Compliance: to comply with law, enforce our terms, or protect rights, safety, and property.

Cookies & Analytics

We use:

  • Strictly Necessary Cookies for log-in, cart, checkout, and security.
  • Preference/Functional Cookies to remember settings.
  • Analytics Cookies to understand usage and improve the Service.

You can manage cookies in your browser settings. Blocking essential cookies may break site functionality.

Data Retention

We retain personal information only as long as needed for the purposes stated above or as required by law.

  • Account & Order Records: typically 7 years for tax and accounting (or longer if legal obligations require).
  • Dynamic QR Scan Logs: typically 90 days by default for analytics and security, after which data may be anonymized or deleted.
  • Server Logs: typically 30–90 days, unless needed for security or legal reasons.
  • Static QR Assets: retained to fulfill your order and for recordkeeping; static codes do not generate ongoing scan logs after delivery.

Retention periods may vary due to legal requirements or technical constraints.

Retention periods may vary due to legal requirements or technical constraints.

Data Security

We use administrative, technical, and physical safeguards designed to protect personal information. However, no security method is 100%. To the maximum extent permitted by law, we are not liable for unauthorized access not caused by our violation of applicable data-protection obligations (including, without limitation, breaches resulting from credential reuse, weak or leaked passwords, phishing of your email account, or compromised devices).

International Transfers

We may process and store information in the United States and other countries where we or our service providers operate. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for cross-border transfers.

Your Rights

Depending on your location, you may have rights to:

  • Access, correct, or delete personal information;
  • Portability (receive a copy in a usable format);
  • Object or restrict certain processing;
  • Withdraw consent where processing is based on consent;
  • California (CPRA): know, delete, correct, and opt-out of “sale”/“sharing” of personal information (we do not sell personal information).
  • EEA/UK: lodge a complaint with your supervisory authority.

To exercise rights, contact us at Hello@CheapJoesQR.com. We may verify your request to protect your data.

Children’s Privacy

The Service is not intended for children under 18 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us to delete it.

Role Clarification: Controller vs. Processor

For your account, order, and website usage data, we act as an independent controller.

For content you encode into QR codes and scan-event data for your dynamic codes, we act as a processorproviding hosting/redirect infrastructure on your behalf. You are responsible for ensuring that your QR content and instructions comply with applicable law and that you have a lawful basis to process any third-party personal data you encode.

Email Delivery of QR Codes & Communications

We typically E-mail the QR codes and order confirmations to the address you provide. Email is not end-to-end encrypted; avoid including sensitive data in QR content that would be exposed if the email is forwarded or compromised. You can adjust marketing preferences or unsubscribe using links in our emails or by contacting us.

Change to This Policy

We may update this Policy from time to time. The “Effective Date” shows when it was last revised. Material changes will be posted on the Website or communicated via email where appropriate

Contact Us

Arta
Address: Walnut Creek, CA, USA
Email: Hello@CheapJoesQR.com
If you are in the EEA/UK and require a DPO or EU/UK representative, list their contact details here.

Supplemental Notice at Collection (California)

We collect the following categories of personal information for the purposes described above: Identifiers (name, email, IP), Customer Records (billing/shipping address), Commercial Information (orders), Internet/Network Activity (logs, device data), Geolocation (approximate, from IP for dynamic scans), and Inferences (preferences). We do not sellpersonal information and do not share it for cross-context behavioral advertising. Retention periods are as described in Section 6.

Important Notes (Keep for Your Records)

  • This template is general information, not legal advice. Laws change, and requirements differ by jurisdiction. Have your attorney review and finalize this Policy and a separate Terms of Service (for warranties, liability caps, prohibited uses, and indemnities).
  • If you enable dynamic analytics, verify your cookie/consent banner covers analytics where required (e.g., EU/UK).
  • If you ever enable advertising technologies, update the Policy and your consent mechanisms accordingly.

Effective Date: 08-01-2025
Company: ARTA, doing business as CheapJoesQR (“Company,” “we,” “us,” or “our”)
Website/Service: https://CheapJoesQR.com and related pages, plugins, and services that generate static and dynamic QR codes (the “Service”).

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use the Service. If you do not agree with this Policy, please do not use the Service.