Let's start now

[email protected]

Let`s start now

Mail us

[email protected]

Privacy Policy

HomePrivacy Policy

Website: https://qrandpay.com
Contact: [email protected]

1. Who We Are

We operate QRandPay — a digital platform that enables customers to leave non-cash tips, donate, and pay for orders using QR codes, NFC, or payment links.
Payments may be processed through Stripe and/or Everypay (SEB Bank partner) depending on the merchant and payment type.

We are the data controller responsible for how your personal data is collected, used, and protected when you use our services.

2. What Data We Collect

a) Payment and Transaction Data

When you make a payment, tip, or donation, we may collect:

  • Name (if voluntarily entered)

  • Email (for receipt or confirmation)

  • Payment amount

  • Transaction ID

  • Timestamp and currency

  • Payment method (e.g., card, Apple Pay, Google Pay, SEB/Everypay)

  • Service provider or merchant identifier

  • Payment status, confirmation, and reference codes

We never store full credit card numbers or CVV codes.
Sensitive payment data is processed directly by Stripe or Everypay, both of which comply with PCI-DSS security standards.

b) Technical Data

  • IP address

  • Browser and device type

  • Operating system

  • Access time

  • Referring URL

c) Optional Input

  • Comment or feedback messages

  • Uploaded media files (if applicable)

d) Website Use & Login Data (if applicable)

  • Login credentials (if registration exists)

  • Session cookies and preferences

3. Legal Basis for Processing

We process your data under the following GDPR legal bases:

  • Performance of a contract – to process payments, tips, or donations.

  • Consent – when you voluntarily submit optional information.

  • Legitimate interest – fraud prevention, platform security, and service improvement.

  • Legal obligation – accounting, taxation, anti-money-laundering (AML), and compliance.

4. How We Use Your Data

We use your data to:

  • Process payments through Stripe or Everypay/SEB

  • Generate receipts and confirmations

  • Distribute tips, donations, and order payments to the correct recipient

  • Maintain financial and transaction records

  • Provide customer support

  • Detect, investigate, and prevent fraud

  • Improve platform performance and user experience (anonymous analytics)

5. Comments and Embedded Content

If you leave a comment:

  • We store the data you enter, your IP address, and your browser agent (for spam detection).

  • An anonymized string may be sent to Gravatar for avatar verification.

Articles may contain embedded content (videos, images, etc.) which may collect data as if you visited those websites directly.

6. Cookies

We use cookies to:

  • Store display preferences

  • Maintain login sessions (if applicable)

  • Track minimal session data for functionality and analytics

You may control cookies in your browser settings.

7. Media Uploads

If you upload images, please avoid including GPS or location metadata (EXIF), as other users may download and access this information.

8. Who We Share Your Data With

We share your data only with trusted third parties when necessary, such as:

  • Stripe, for payment processing

  • Everypay (SEB Bank partner), for payment processing

  • Anti-fraud and spam detection services

  • Merchants, service staff, or business owners to assign payments correctly

  • Legal or regulatory authorities when required

  • IT infrastructure providers (hosting, email delivery)

We do NOT sell your data to advertisers or third-party marketers.

9. How Long We Retain Your Data

  • Comments are stored indefinitely for spam detection and auto-approval.

  • Registered users can view, edit, or delete their profile information at any time.

  • Payment and transaction data is stored for 5–10 years, as required by Lithuanian law and EU accounting/tax regulations.

  • Logs and technical data are retained for security and operational purposes, typically 30–180 days unless required longer for legal reasons.

10. Your Rights (GDPR)

You may:

  • Access your personal data

  • Request correction or deletion

  • Request a copy of your data (data portability)

  • Object to or restrict processing

  • Withdraw consent at any time

  • File a complaint with the State Data Protection Inspectorate (VDAI)

To make a request, email: [email protected]

11. Where Your Data Is Sent

  • Payment data is securely transmitted to Stripe or Everypay

  • Comments may be checked through automated anti-spam services

  • Technical data is processed by infrastructure providers

  • All transfers follow GDPR and security best practices

If data is transferred outside the EU, it is protected by Standard Contractual Clauses (SCCs) or equivalent safeguards.

12. Security

We apply strong security measures, including:

  • TLS/SSL encryption

  • Role-based access control

  • Encrypted storage of personal data

  • PCI-compliant payment partners (Stripe and Everypay)

  • Continuous monitoring and incident-response procedures

13. Updates to This Policy

We may update this Privacy Policy periodically.
Any changes will be posted on this page with an updated effective date.
Continued use of QRandPay means you accept these changes.

Contact Information

For privacy questions or GDPR requests:
📧 [email protected]

en_USEnglish
lt_LTLietuvių kalba en_USEnglish