GDPR Compliance

Our commitment to data protection • Last updated: February 8, 2026

EU‑ready privacy
Rights‑first

GDPR Compliance Statement

EQRGen is committed to protecting personal data and supporting GDPR requirements for users in the European Economic Area. We design our platform to align with GDPR principles across collection, processing, and security practices.

Privacy by design
Rights request support
Secure processing

GDPR Compliance Principles

Our GDPR posture is built around lawful processing, transparency, and user control.

Lawful Basis for Processing

We process personal data only when we have a legal basis

  • Consent for marketing communications
  • Contract performance for service delivery
  • Legitimate interests for service improvement
  • Legal compliance for regulatory requirements

Transparency

Clear information about data collection and use

  • Plain language privacy notices
  • Clear consent mechanisms
  • Detailed data processing information
  • Regular policy updates and notifications

Data Security

Robust technical and organizational measures

  • End-to-end encryption
  • Regular security audits
  • Access controls and authentication
  • Incident response procedures

Data Subject Rights

Comprehensive rights for EU individuals

  • Right to access personal data
  • Right to rectification and erasure
  • Right to data portability
  • Right to object to processing

Your Rights Under GDPR

Right to be Informed

Information provided at collection

You have the right to know how your data is collected and used

How to exercise: Review our Privacy Policy and data processing notices

Right of Access

Response within 30 days

You can request a copy of your personal data we hold

How to exercise: Submit a data access request via email

Right to Rectification

Correction within 30 days

You can request correction of inaccurate personal data

How to exercise: Contact us with correct information

Right to Erasure

Deletion within 30 days

You can request deletion of your personal data

How to exercise: Submit a deletion request via email

Right to Restrict Processing

Response within 30 days

You can request limitation of how we process your data

How to exercise: Contact us with specific restrictions

Right to Data Portability

Export within 30 days

You can receive your data in a structured format

How to exercise: Request data export via email

Right to Object

Response within 30 days

You can object to certain types of data processing

How to exercise: Contact us with your objection

How to Exercise Your Rights

Contact Information

Email: support@eqrgen.com

Phone: +91 9900072347

Response Time: Within 30 days

Required Information

  • Full name and email address
  • Account information (if applicable)
  • Specific request details
  • Identity verification documents

Our Compliance Measures

Data Protection Impact Assessments

Regular assessments of high-risk processing activities

Privacy by Design

Data protection considerations built into all systems

Data Minimization

We collect only necessary personal data

Regular Training

Staff training on data protection requirements

Vendor Management

Due diligence on all third-party processors

Breach Notification

Procedures for reporting breaches within 72 hours

Data Processing Summary

Data We Collect

  • Account and profile details
  • QR code content and configuration
  • Scan analytics (device, time, location)
  • Billing and subscription records

Legal Basis

  • Contract performance
  • Legitimate interests
  • User consent (where required)
  • Legal compliance

Controller & Processor

EQRGen acts as a data controller for account data and as a processor for QR content and analytics processed on behalf of your organization, depending on your use case.

Data Requests

You can request access, export, correction, or deletion by contactingsupport@eqrgen.com.

Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection supervisory authority.

For EU residents: You can find your local authority at European Data Protection Board