Privacy Policy — TalkingQRCodes.com

§ 01

Who We Are

TalkingQRCodes.com ("we," "us," or "our") is an AI-powered voice QR code generation platform operated as an independent business based in San Antonio, Texas, United States.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, purchase our products, or participate in our affiliate program. Please read this policy carefully.

✅ The Short Version We collect only what we need to deliver your service and run our business. We don't sell your personal data. We don't run ads. We use reputable third-party processors (Stripe, ElevenLabs) that have their own strong privacy standards.

§ 02

Data We Collect

We collect information in the following categories:

Data Type	Examples	How Collected
Identity Data	Name, email address	Purchase forms, affiliate signup
Payment Data	Card last 4 digits, billing zip	Stripe (we never see full card numbers)
Content Data	Text messages you submit for audio generation	Submitted via our QR creation form
Technical Data	IP address, browser type, device type	Automatically via server logs
Usage Data	Pages visited, QR code scan counts	Automatically via analytics
Affiliate Data	Affiliate ID, referral clicks, commission amounts	Affiliate dashboard & tracking links
Transaction Data	Purchase history, payment intent IDs	Stripe webhook & payment processing

📋 Content You Submit Text messages you submit for audio generation are processed by ElevenLabs to create your audio file. These messages are stored on our servers as part of your QR code's audio player. Do not submit sensitive personal information (SSNs, passwords, financial details) as QR code message content.

§ 03

How We Use Your Data

We use the data we collect for the following purposes:

Service Delivery — Processing payments, generating audio files, creating QR codes, and delivering your purchased products
Account Management — Managing affiliate accounts, tracking commissions, processing payouts
Customer Support — Responding to inquiries, resolving disputes, processing refund requests
Security & Fraud Prevention — Rate limiting, CSRF protection, detecting and preventing fraudulent transactions
Legal Compliance — Meeting tax obligations (1099 reporting for affiliates), responding to lawful requests
Service Improvement — Analyzing usage patterns to improve our platform (using anonymized data)
Communications — Sending transaction receipts, important service updates (not marketing emails without consent)

🚫 What We Don't Do We do not send unsolicited marketing emails. We do not sell your data to advertisers or data brokers. We do not use your content to train AI models. TalkingQRCodes.com products are ad-free.

§ 04

Affiliate Tracking

Our affiliate program uses tracking technology to credit referrals accurately. Here's how it works:

When you click an affiliate link (e.g., talkingqrcodes.com?ref=abc123), your affiliate ID is stored in your browser session
If you make a purchase during that session, the affiliate ID is stored in Stripe payment metadata to credit the referring affiliate
Affiliate IDs are stored in our database alongside purchase records for commission calculation and payout purposes
Affiliates can see aggregate performance data (clicks, sales, commissions) but cannot see individual customer personal information
If you are an affiliate, your name, email, payment details, and commission history are stored in our affiliate database

ℹ️ Session-Based Tracking We use PHP session tracking (not persistent cookies) for affiliate referrals. The referral is captured at the moment of purchase and stored server-side. If you clear your cookies or start a new browser session, the referral link must be clicked again.

§ 05

Cookies & Analytics

We use the following types of cookies and tracking:

Session Cookies (Essential) — Required for CSRF security protection and affiliate referral tracking. These expire when you close your browser. You cannot opt out of these without breaking core site functionality.
Server Logs (Technical) — Our web server automatically logs IP addresses, page requests, and browser information for security monitoring and uptime purposes. These logs are retained for 30 days.
QR Code Scan Analytics — When someone scans your QR code, the scan event (timestamp, approximate location if available) is logged. This data is available to the QR code owner in their account dashboard.

We currently do not use Google Analytics, Facebook Pixel, or other third-party advertising trackers on TalkingQRCodes.com. If this changes, this policy will be updated and users notified.

§ 06

Third-Party Services

We use the following third-party services to operate our platform. Each has its own privacy policy:

Stripe (Payment Processing)
Handles all payment card data. We never see or store full card numbers. Stripe is PCI-DSS Level 1 certified. See stripe.com/privacy
ElevenLabs (AI Voice Generation)
Processes the text you submit to generate audio files. Your text is transmitted to ElevenLabs' API for synthesis. See elevenlabs.io/privacy
FormSubmit.co (Contact & Onboarding Forms)
Processes contact form submissions from our thank-you and onboarding pages. Form data is emailed to us and the submitting user. See formsubmit.co/privacy
Web Hosting Provider
Our website is hosted on a third-party server. The hosting provider has access to server-level data including IP addresses and file contents as part of operating the server infrastructure.

§ 07

Data Sharing

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

Service Providers — We share necessary data with Stripe, ElevenLabs, and FormSubmit solely to deliver our services as described above
Legal Requirements — We may disclose data if required by law, subpoena, court order, or to protect our legal rights
Business Transfer — If TalkingQRCodes.com is acquired or merged, your data may transfer to the new owner, who will be bound by this privacy policy
Fraud Prevention — We may share data with payment processors or law enforcement to investigate fraudulent transactions or chargebacks
Tax Compliance — Affiliate earnings data is shared with tax authorities as required (e.g., Form 1099-NEC for U.S. affiliates earning $600+)

§ 08

Data Retention

We retain different types of data for different periods:

Audio files & QR codes — Retained indefinitely as part of your purchased product (lifetime hosting). Deleted upon your request or account termination.
Transaction records — Retained for 7 years for tax and legal compliance purposes
Affiliate records — Retained for 7 years after last activity for tax and commission dispute resolution
Server logs — Retained for 30 days, then automatically purged
Contact form submissions — Retained in email for up to 2 years, then deleted
Session data — Expires when browser session ends or within 1 hour of inactivity

§ 09

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access — Request a copy of the personal data we hold about you
Correction — Request correction of inaccurate personal data
Deletion — Request deletion of your personal data (subject to legal retention requirements)
Portability — Request your data in a machine-readable format
Opt-Out — Opt out of any marketing communications
Restriction — Request restriction of processing in certain circumstances

📬 Exercise Your Rights To exercise any of these rights, email us at talkingqrcodes@gmail.com with the subject line "Privacy Request." We will respond within 30 days. We may need to verify your identity before processing the request.

Note: Some data cannot be deleted if we are legally required to retain it (e.g., transaction records for tax purposes). In such cases, we will inform you of what we can and cannot delete.

§ 10

Children's Privacy

TalkingQRCodes.com is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will delete it promptly.

Our affiliate program requires participants to be at least 18 years of age. If you believe a minor has submitted data through our platform, please contact us at talkingqrcodes@gmail.com immediately.

§ 11

Security

We implement industry-standard security measures to protect your data:

HTTPS/TLS encryption for all data transmitted to and from our website
CSRF tokens on all forms to prevent cross-site request forgery
Rate limiting on API endpoints to prevent brute-force attacks
Payment card data handled exclusively by Stripe — we never store raw card numbers
Server-side input validation and sanitization to prevent injection attacks
Access to production data limited to authorized personnel only

⚠️ No Absolute Guarantee No method of transmission over the internet or electronic storage is 100% secure. While we implement strong security practices, we cannot guarantee absolute security of your data. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.

§ 12

California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you additional rights:

Right to Know — You may request disclosure of the categories and specific pieces of personal information we have collected about you in the past 12 months
Right to Delete — You may request deletion of personal information we collected from you, subject to certain exceptions
Right to Opt-Out of Sale — We do not sell personal information. You do not need to opt out.
Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA rights

To submit a CCPA request, email talkingqrcodes@gmail.com with "CCPA Request" in the subject line. We will respond within 45 days.

§ 13

International Users

TalkingQRCodes.com is operated from the United States. If you are accessing our services from outside the United States — including from the European Union, United Kingdom, or other regions — please be aware that your data will be transferred to and processed in the United States.

The data protection laws in the United States may differ from those in your country. By using our services, you consent to this transfer. We take reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

🇪🇺 Note for EU/UK Users If you are located in the European Economic Area or United Kingdom, you may have rights under GDPR. We process your data on the legal basis of contract performance (to deliver the service you purchased) and legitimate interests (security, fraud prevention). Contact us at talkingqrcodes@gmail.com for GDPR-related requests.

§ 14

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Update the "Last Updated" date at the top of this page
Notify active affiliates and customers via email for significant changes
Post a notice on our homepage for a reasonable period

Your continued use of TalkingQRCodes.com after the effective date of the revised Privacy Policy constitutes your acceptance of the changes. We encourage you to review this policy periodically.

§ 15

Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:

📬 TalkingQRCodes.com — Privacy Team Email: talkingqrcodes@gmail.com
Subject line: "Privacy Request" or "CCPA Request" or "GDPR Request"
Website: talkingqrcodes.com
Location: San Antonio, Texas, United States
Response time: Within 30 days

This Privacy Policy was last reviewed and updated on February 28, 2026. If you need this policy in an alternative format due to a disability, please contact us at the email above.