Last updated: 1 June 2026 | Effective date: 1 June 2026
We believe privacy is a right, not a privilege. QR Spark is designed from the ground up to collect the minimum data necessary to operate and improve our service. We never sell your personal data to third parties.
This Privacy Policy explains how QR Spark Ltd ("QR Spark," "we," "us," or "our"), registered in Hong Kong and operating from Unit 2208, 22/F, Skyline Tower, 39 Wang Kwong Road, Kowloon Bay, Hong Kong, collects, uses, and protects information in connection with the QR Spark mobile application ("App") and website ("Site").
By downloading or using the App, or by accessing the Site, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use our services.
Non-Personally Identifiable Information:
Website: When you visit our website, we collect standard server log data including your IP address (anonymised after 24 hours), browser type, pages visited, and referrer. This is used for security and to understand how our site is used.
Contact Forms: When you submit a contact form, we collect your name, email address, and message content. This information is used only to respond to your enquiry.
The App integrates the following third-party SDKs. Each has its own privacy policy, linked below. All use the Android Advertising ID under the purposes described in Section 2.
Pro and Enterprise plan users do not see third-party ads, and their advertising identifiers are not shared with AdMob or Facebook Audience Network.
The following device features or data types may be accessed by the App to provide core functionality, but are never recorded, stored, or transmitted:
Depending on your jurisdiction, you may have the right to:
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
You can reset your Android Advertising ID or opt out of personalised ads at any time in your device settings under Google → Ads.
Crash logs and analytics data are retained for up to 13 months and then automatically deleted. Contact form submissions are retained for up to 24 months or until your request is resolved. IP logs from website visits are anonymised after 24 hours.
All data transmitted between the App or Site and our servers is encrypted in transit using TLS 1.2 or higher. We implement industry-standard access controls, regular security audits, and employee training to safeguard your data. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
The App is rated for users aged 3 and above. We do not knowingly collect personally identifiable information from children under 13. If you believe a child has provided personal information to us, please contact us immediately and we will delete it.
We may update this Privacy Policy from time to time. If we make material changes, we will post the updated policy on this page at least 30 days before the changes take effect and update the "Last updated" date at the top. We encourage you to review this policy periodically.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us: