Legal
Privacy Policy
Last updated: 23 June 2026
1. Who Controls Your Data
HostingQr is operated by Svarog d.o.o., Jovana R. Deretica 61, 89101 Trebinje, Bosnia and Herzegovina. JIB: 4404749190009. For privacy questions, deletion requests, or data requests, contact support@hostingqr.com.
2. Data We Collect
We collect account data such as your name, email address, authentication identifier, and session information. We also collect project data you create, including project names, slugs, language variants, QR-related public URLs, background settings, uploaded images or files, file names, generated image versions, and metadata needed to operate the service.
If you contact us, we collect the information you provide in the form or email, including your name, email address, message, optional language details, and optional uploaded files. If you subscribe to a paid plan, payment and billing details are handled by the checkout provider, such as Polar, and we receive subscription status information needed to unlock access.
3. Public Content
Content published to a hosted page may be visible to anyone with the public URL or QR code. This can include uploaded menu images, generated page images, file names, project names, and language variants. Do not upload personal data, confidential material, or content you do not want to make public unless you understand the sharing risk.
4. How We Use Data
We use data to provide accounts, authentication, hosted pages, uploads, language variants, QR-page access, support, subscription access, security, abuse prevention, service maintenance, legal compliance, and product improvement. We do not sell your personal data.
5. Legal Bases For EU/EEA Users
Where EU/EEA privacy law applies, we process data based on contract performance when providing HostingQr, legitimate interests when securing and improving the service, legal obligations when required by law or accounting rules, and consent where a specific consent mechanism is used.
6. Service Providers
We use third-party providers to run the service. These may include Netlify for frontend hosting and domain/DNS services, Railway for backend/database hosting, Cloudflare R2 for uploaded asset storage, Google for authentication, Polar for checkout/subscription handling where applicable, and our email provider for support and contact-form messages. These providers process data only as needed to provide their services to us.
7. Payments
Payment details are processed by the payment provider shown during checkout, including Polar where applicable. We do not store full card details. We may store subscription tier, subscription status, customer identifiers, billing-period status, and related records needed to provide or restrict access.
8. Cookies And Sessions
HostingQr uses essential cookies or similar session mechanisms to keep users signed in and to protect authenticated account areas. These are necessary for the service to work. We may add analytics or marketing cookies later only with appropriate notice or consent where required.
9. Retention
We keep account, project, and uploaded content data while your account or project is active or as needed to provide the service. We may retain limited records for security, dispute resolution, accounting, tax, legal compliance, backups, and abuse prevention. Public pages and uploaded content may remain available until deleted, disabled, or removed under our policies.
10. Security
We use reasonable technical and organizational measures to protect data, but no internet service is completely secure. You are responsible for keeping your authentication account secure and for not uploading sensitive content unless you accept the risks of public hosting.
11. International Processing
Our providers may process data in countries outside Bosnia and Herzegovina or outside the EU/EEA. Where required, we rely on provider safeguards, contractual protections, and legal transfer mechanisms available through those providers.
12. Your Rights
Depending on where you live, you may have rights to access, correct, delete, restrict, object to processing, or receive a copy of your personal data. You may also have the right to complain to a data protection authority. To make a request, contact support@hostingqr.com. We may need to verify your identity before responding.
13. Children
HostingQr is not intended for children. You must not use the service if you are not legally able to enter into a binding agreement or operate a business account in your jurisdiction.
14. Changes To This Policy
We may update this Privacy Policy from time to time. The updated date will show the latest version. Continued use of HostingQr after updates means the revised policy applies.
This page is written to explain current product data practices and is not legal advice. Have it reviewed by a qualified privacy/legal professional before a large-scale paid launch.