Privacy Policy

This Privacy Policy describes how Ezra ("we", "us") collects, uses, and shares information when you use the Ezra QR code platform, the service hosted at ezralink.org, and any related APIs, dashboards, and hosted pages (together, the "Service").

By using the Service, you agree to the handling of your information as described here. If you do not agree, please do not use the Service.

Account information. When you create an account we collect your name, email address, and password (stored as a one-way hash by our authentication provider). If you sign in with Google, we receive your name, email, and Google account ID instead.

Organization and team data. We store the organizations you own or belong to, the roles of members, and any invitations you send.

Content you create. QR code destinations, landing-page content, form fields you build, and any assets you upload are stored to deliver the Service to you.

Scan and visit data. When someone scans a QR code or visits a landing page under your account, we record a timestamp, approximate geography derived from the scanner's IP address, device type, browser, referring URL, and the QR code or page they interacted with. This data is attributed to your organization and only visible to its members.

Billing information. If you upgrade to a paid plan, Stripe collects your payment details on our behalf. We never see or store your full card number. Stripe returns us a customer ID, subscription metadata, and the last four digits + brand of the card for display.

Communications. If you contact support we keep the messages you send so we can follow up and improve the Service.

Technical telemetry. We collect error reports and performance traces to keep the Service running. These include the URL, a stack trace, and anonymised user-agent data but not the contents of your forms or landing pages.

To provide and operate the Service — serving QR redirects, rendering landing pages, surfacing analytics, sending invite emails, and processing your subscription.

To secure the Service — detecting abuse, rate-limiting suspicious traffic, and keeping audit logs of sensitive actions such as logins and Terms acceptances.

To support you — responding to your questions and following up on issues.

To improve the Service — measuring which features are used so we can prioritise what to build next. Where we use third-party analytics tools, we configure them to minimise personal data collection.

To comply with the law — responding to lawful requests from courts and regulators, and meeting our own legal obligations.

We do not sell your personal information, and we do not use it to train third-party AI models.

Inside your organization. Members of an organization you belong to can see the QR codes, landing pages, forms, scan analytics, and team roster of that organization. Nothing you create is visible to other organizations or to the public unless you publish it yourself.

Service providers (processors). We share the minimum data needed with the vendors that run our infrastructure: Supabase (database, authentication), Vercel (hosting), Stripe (payments), Resend (transactional email), Sentry (error reporting), and Google Analytics (product analytics, when you have it enabled). Each processor handles your data under their own published terms and privacy notices.

Legal and safety. We may share information when we have a good-faith belief that disclosure is required by law, necessary to protect the rights or safety of any person, or necessary to investigate fraud or a security incident.

Business transfers. If Ezra is acquired or merges with another company, your information may be transferred as part of that transaction. We will update this Policy and notify affected users.

Account data is retained while your account is active and for up to 90 days after you delete it, after which it is purged from production systems. Backups that contain deleted data are overwritten on a rolling schedule of up to 35 days.

Scan and visit data is retained for 13 months from the time of the scan so you can run year-over-year comparisons, after which it is automatically deleted.

Support correspondence is retained for 2 years to help us respond to repeat questions.

Audit records of Terms and Privacy Policy acceptances are retained for the life of your account plus 6 years after deletion, as they are evidence of agreements between us and you.

Depending on where you live, you may have the right to access the personal data we hold about you, correct it if it is wrong, receive a portable copy of it, object to certain processing, or have it deleted. To exercise any of these rights, email privacy@ezralink.org from the address on your account and we will respond within 30 days.

EU and UK residents: the legal bases we rely on are performance of a contract (to run your account), legitimate interests (to secure the Service), consent (for optional analytics), and legal obligation. You have the right to lodge a complaint with your local data protection authority.

California residents: you have additional rights under the CCPA, including the right to know, the right to delete, and the right to opt out of sale. We do not sell personal information.

We use strictly necessary cookies to keep you signed in and to remember theme preferences — these cannot be disabled because the Service will not work without them.

If we have Google Analytics enabled, it sets additional cookies to measure aggregate usage. You can block these cookies in your browser without affecting core functionality. We do not use cookies for advertising or for cross-site tracking.

All traffic to Ezra is encrypted in transit (HTTPS with HSTS). Data at rest in our database is encrypted by the provider. Access to customer data inside the database is protected by row-level security: a query run by one organization cannot return another organization's rows.

We rotate secrets, apply least-privilege access for employees, and log privileged actions. No system is perfectly secure, and we encourage you to choose a strong unique password and to report any suspected incidents to security@ezralink.org.

Ezra is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has given us personal information, email privacy@ezralink.org and we will delete the account.

Ezra is operated from the United States and our primary infrastructure is hosted in the United States. If you use the Service from outside the US, you are transferring your information to the US, which may have different data-protection laws than your country. Where required (e.g. for EU/UK personal data) we rely on Standard Contractual Clauses with our processors to provide an adequate level of protection.

We may update this Privacy Policy from time to time. If the change is material we will prompt you to acknowledge the new version on your next sign-in, in the same way we handle Terms of Service changes. The effective date at the top of the policy shows when it was last updated.

Privacy questions and rights requests: privacy@ezralink.org. Security reports: security@ezralink.org. General support: support@ezralink.org.