Privacy Policy
Application: QR scanner • Barcode generator
Platform: iOS (Apple App Store)
Developer: Stepa Mobile FZE LLC
Effective date: 1 October 2022
Last updated: 6 July 2026
This Privacy Policy (the “Policy”) describes how Stepa Mobile FZE LLC (“Stepa Mobile”, “we”, “us” or “our”) collects, uses, discloses and protects information in connection with your download, installation and use of our iOS application QR scanner • Barcode generator (the “App” or the “Service”). The App is a freemium application, meaning it is available to download at no cost and offers optional paid subscriptions and features. We are committed to protecting your privacy and to being transparent about the data we and our partners process when you use the App. Please read this Policy carefully so that you understand our practices and the choices available to you.
1. Introduction and Acceptance
This Policy applies to all users of the App worldwide and forms part of, and should be read together with, our Terms of Use. By downloading, installing, accessing or using the App, you acknowledge that you have read and understood this Policy and you agree to the collection, use and disclosure of information as described here. If you do not agree with any part of this Policy, you should not download, install or use the App and should remove it from your device. Your continued use of the App following any update to this Policy will be deemed to constitute your acceptance of the revised terms.
2. Who We Are (Data Controller)
For the purposes of applicable data protection laws, the controller responsible for your personal data collected through the App is Stepa Mobile FZE LLC, a company established in the United Arab Emirates. You can reach us at any time by email at [email protected] for any question, request or concern relating to this Policy or to the way your information is handled. Where the App integrates software from third parties (for example, providers of advertising, analytics, subscription management, crash reporting and platform services), those third parties may act as independent controllers or as our processors with respect to the data they handle, as described in this Policy and in their own privacy policies.
3. Scope of This Policy
This Policy covers only the information collected in connection with the App. It does not apply to any third-party websites, platforms, stores, advertisements or services that may be linked to or accessible from within the App, nor to any information you provide directly to those third parties. We do not control, and are not responsible for, the privacy practices of any third party. We encourage you to review the privacy policies of every third-party service you interact with, including the Apple App Store, because those policies will govern how those parties handle your information.
4. Information You Provide to Us
The App is designed to be used without creating an account, and it does not require you to submit your name, postal address or similar direct identifiers in order to function. The main circumstance in which you actively provide information to us is when you choose to contact us – for example, when you email our support address to request assistance, report a problem, send feedback, or exercise a privacy right. In those cases we receive whatever information you decide to include, such as your email address and the content of your message. We use this information solely to respond to you and to improve the App.
5. Information Collected Automatically
When you use the App, certain information is collected automatically by us and by the third-party technologies integrated into the App. This information generally includes technical and device data such as the device model, operating system and version, system language and region settings, screen characteristics, network and connectivity information, and similar configuration details. It also includes usage data, such as the features you interact with, session frequency and duration, in-app events, the settings you select, and how you interact with advertisements and subscription screens. This information helps us operate the App, understand how it is used, and improve its performance and stability.
6. Camera Access and Scanned Content
The core function of the App is to scan QR codes and barcodes and to generate codes. To scan, the App needs access to your device camera, and, if you choose to scan a code from an existing picture, it may request access to your photo library. You control these permissions through your device settings and can change them at any time. The camera is used solely to detect and read codes; the content of the codes you scan or generate is processed to provide the scanning and generating functionality and, where applicable, may be stored locally on your device as part of your history. We do not use the camera to take pictures of you for identification, and scanned content is not used to build advertising profiles.
7. Device and Advertising Identifiers
The App and its partners may access certain identifiers associated with your device or installation, such as the Identifier for Vendor (IDFV) and, where permitted, the Identifier for Advertisers (IDFA), as well as other technical identifiers used for analytics, subscription management, fraud prevention and advertising. These identifiers are used to recognise your device across sessions, to measure the performance of the App and of advertising, and to limit how frequently you see the same advertisement. You can reset your advertising identifier and manage tracking through your device settings, as described in the next section.
8. App Tracking Transparency (ATT)
On Apple devices, before we or our partners access the IDFA or otherwise track you across apps and websites owned by other companies, the App will ask for your permission through Apple’s App Tracking Transparency framework. You may grant or deny this permission, and you can change your choice at any time in your device settings under privacy and tracking controls. If you deny tracking, you will still be able to use the App, and any advertising shown to you will be non-personalised or contextual rather than based on cross-app tracking.
9. Subscription and Purchase Information
Because the App is freemium, it offers optional auto-renewable subscriptions and may offer other in-app purchases. When you make a purchase, the transaction itself is processed by Apple through the App Store, and we do not receive or store your payment card details. We and our subscription-management partner receive information related to your purchases and subscriptions, such as your subscription status, purchase history, transaction and receipt identifiers, whether a free trial has been used, and renewal or cancellation events. We use this information to provide the paid features, to manage your subscription, to prevent fraud, and to understand and improve our paid offerings.
10. Log Data and Diagnostic Information
Whenever you use the App, and in particular if the App encounters an error or crash, technical log data may be collected automatically through third-party tools. This diagnostic data may include information such as your device’s Internet Protocol (IP) address, the device state and configuration of the App at the time of the event, the operating system version, the date and time of the event, and other technical statistics. We use log and diagnostic data to detect, investigate and fix technical problems, to improve the stability and reliability of the App, and to protect against fraud, abuse and security incidents.
11. Approximate Location Information
The App does not collect precise GPS location. However, an approximate, coarse location – such as your country or region – may be inferred from your IP address or similar network information by us and by our advertising and analytics partners. This general location information is used for purposes such as delivering region-appropriate content and advertising, understanding the geographic distribution of our users in aggregate, complying with regional legal requirements, and preventing fraud. We do not use this information to track your specific movements or to identify the exact place where you are located.
12. How We Use Information
We use the information described in this Policy to provide, maintain and operate the App and its features; to provide, manage and renew subscriptions and other purchases; to display advertising, including, where permitted, personalised advertising; to measure and analyse how the App is used so that we can improve existing features and develop new ones; to detect, prevent and address technical issues, crashes, fraud and abuse; to respond to your support enquiries and communicate with you about the App; and to comply with our legal obligations, enforce our Terms of Use, and protect our rights and the rights of our users. We only use your information for the purposes for which it was collected or for compatible purposes permitted by law.
13. Advertising
The free version of the App may be supported by advertising. We work with advertising partners that may use your identifiers and other technical and usage data to select and display advertisements, to cap how often you see a given advertisement, and to measure whether advertisements are effective. Depending on your region and your choices – including your response to the App Tracking Transparency prompt – advertising may be personalised or non-personalised. Where the law or platform rules require your consent for personalised advertising or tracking, we or our partners will ask for it, and you may refuse or later withdraw it. Purchasing a subscription that removes advertising, where offered, will reduce or eliminate the advertisements you see.
14. Analytics and Performance Measurement
We use analytics and performance-measurement technologies to understand how users interact with the App, which features are used most, where users encounter difficulty, and how the App performs across different devices. The information processed for analytics is generally aggregated or used in a way that does not directly identify you, and it helps us make informed decisions about improvements, bug fixes and new features. Analytics providers may set or read identifiers on your device in order to distinguish one session or installation from another and to compile statistical reports for us.
15. Third-Party Services and SDKs
To provide, monetise, measure and improve the App, we integrate software development kits (SDKs) and services supplied by trusted third parties. Depending on your region and configuration, the App may use the following, each of which processes information in accordance with its own privacy policy:
- Apple App Store and related services (distribution, purchases and subscriptions) – https://www.apple.com/legal/privacy/
- AppLovin (advertising mediation) – https://www.applovin.com/privacy/
- Google Mobile Ads / AdMob (advertising) – https://policies.google.com/privacy
- Meta / Facebook SDK (advertising and analytics) – https://www.facebook.com/privacy/policy/
- AppsFlyer (attribution and marketing measurement) – https://www.appsflyer.com/legal/services-privacy-policy/
- Adjust (attribution and marketing measurement) – https://www.adjust.com/terms/privacy-policy/
- Apphud (subscription and purchase management) – https://legal.apphud.com/privacy
- Yandex AppMetrica (analytics) – https://appmetrica.yandex.com/about/privacy-policy
- Google Analytics for Firebase (analytics) – https://firebase.google.com/support/privacy
- Firebase Crashlytics (crash and stability reporting) – https://firebase.google.com/support/privacy
AppLovin serves as our advertising mediation layer and may display advertisements from partner networks, including AdColony, ByteDance (Pangle), Meta Audience Network, Fyber, Google AdMob, InMobi, ironSource, Mintegral, myTarget, Unity Ads and Yandex, each of which is subject to its own privacy policy.
We select our partners with care, but we do not control and are not responsible for their independent data practices. We encourage you to review the privacy policies linked above, as well as the privacy policy of the Apple App Store, to understand how these parties handle your information.
16. Legal Bases for Processing (EEA and UK Users)
If you are located in the European Economic Area or the United Kingdom, we rely on the following legal bases under the General Data Protection Regulation to process your personal data. We rely on your consent for personalised advertising, for tracking under App Tracking Transparency, and for any other processing that requires it, and you may withdraw that consent at any time. We rely on our legitimate interests to operate, secure and improve the App, to serve non-personalised advertising, to prevent fraud, and to understand aggregated usage. We rely on the performance of a contract to provide the App and the paid features you purchase, and on compliance with a legal obligation where processing is necessary to meet legal requirements. Where we rely on legitimate interests, you have the right to object as described below.
17. How We Share Information
We do not sell your personal data for money. We may, however, share or disclose information: with the third-party service providers and partners described in this Policy, so that they can perform advertising, analytics, subscription management, crash reporting and similar functions; with Apple, in connection with the processing of purchases and subscriptions; where necessary to comply with applicable law, legal process, or an enforceable governmental or regulatory request; where necessary to detect, prevent or address fraud, security or technical issues, or to protect the rights, property or safety of Stepa Mobile, our users or the public; and in connection with a corporate transaction such as a merger, acquisition, financing, reorganisation or sale of assets, in which case any recipient of the data will remain bound by commitments consistent with this Policy. Certain disclosures for cross-context behavioural advertising may be considered a “sale” or “sharing” under some laws, and you can exercise the choices described below.
18. International Data Transfers
Because we and our partners operate globally, information collected through the App may be transferred to, stored in, and processed in countries other than the one in which you live, including countries outside the European Economic Area, the United Kingdom and the United Arab Emirates. Data protection laws in those countries may differ from the laws of your country. Where we transfer personal data across borders, we take steps to ensure that appropriate safeguards recognised under applicable law – such as standard contractual clauses or transfers to jurisdictions recognised as providing adequate protection – are in place to protect your information consistent with this Policy.
19. Data Retention
We retain information only for as long as necessary to fulfil the purposes described in this Policy, unless a longer retention period is required or permitted by law. The exact period depends on the type of information and the purpose for which it is processed: subscription and purchase records are retained as long as needed to provide the paid features and to meet legal, accounting and anti-fraud obligations; operational and diagnostic data is generally kept for the time needed to run and improve the App and is often held in aggregated or de-identified form; and support correspondence is kept for as long as needed to handle your request and for a reasonable period afterwards. When information is no longer needed, we take reasonable steps to delete or anonymise it. Third-party providers retain data in accordance with their own policies.
20. Security
We use commercially reasonable technical and organisational measures designed to protect information against unauthorised access, disclosure, alteration and destruction, including access controls, the use of reputable service providers, and reliance on encrypted transmission where offered by the underlying platforms. Nevertheless, no method of transmission over the Internet, and no method of electronic storage, is completely secure, and we cannot guarantee the absolute security of your information. You are also responsible for taking reasonable steps to protect your own device and to keep its operating system and security features up to date.
21. Your Privacy Rights (EEA and UK)
If you are located in the European Economic Area or the United Kingdom, you have certain rights over your personal data, subject to applicable law. These include the right to access the personal data we hold about you; the right to request correction of inaccurate or incomplete data; the right to request erasure of your data; the right to restrict or object to certain processing, including processing based on legitimate interests and processing for direct marketing; the right to data portability; and the right to withdraw any consent you have given at any time without affecting the lawfulness of prior processing. You also have the right to lodge a complaint with the data protection authority in your country. To exercise any of these rights, contact us at [email protected], and we will respond as required by law.
22. Your Privacy Rights (California and Other U.S. States)
If you are a resident of California or of another U.S. state with a comprehensive privacy law, you may have additional rights regarding your personal information, subject to certain exceptions. These may include the right to know what categories of personal information we collect, use and disclose; the right to request access to or deletion of your personal information; the right to correct inaccurate personal information; and the right to opt out of the “sale” or “sharing” of personal information for cross-context behavioural advertising. We do not sell personal information for money, and we do not knowingly sell or share the personal information of individuals we know to be under 16. We will not discriminate against you for exercising any of these rights. You may exercise your rights, or opt out of interest-based advertising, by using the App Tracking Transparency and device controls described above and by contacting us at [email protected].
23. Children’s Privacy
The App is intended for a general audience and is not directed to children under the age of 13, or under the equivalent minimum age in your jurisdiction. We do not knowingly collect personal information from children under that age. Consistent with applicable requirements, we take steps intended to avoid delivering interest-based advertising to users who are known to be children. If you are a parent or guardian and you believe that a child under the applicable age has provided us with personal information, please contact us at [email protected] so that we can take reasonable steps to delete such information. For users in the European Economic Area, we do not knowingly process the data of children below the age required for consent in their country, which may be up to 16.
24. Cookies and Similar Technologies
As a mobile application, the App does not rely on browser cookies in the way that a website does. However, the App and the third-party technologies integrated into it may use device identifiers, local storage, software development kits and similar technologies to store and read information on your device for purposes such as remembering your settings and history, measuring usage, managing subscriptions, enabling advertising, and preventing fraud. Where these technologies require consent under applicable law, you will be asked for it, and you can manage certain of them through your device settings.
25. Links to Other Sites and Scanned Destinations
The App may display advertisements, and the codes you scan may contain links to third-party websites or services that we do not operate or control. If you follow such a link, you will be taken to a destination governed by the relevant third party’s own terms and privacy policy, not by this Policy. We are not responsible for the content, security or privacy practices of any third-party destination, and we encourage you to exercise caution and to review the privacy policy of any website you open from a scanned code.
26. Do Not Track and Global Privacy Controls
Some browsers and devices offer “Do Not Track” signals or other global privacy control mechanisms. Because there is not yet a universally accepted standard for how mobile applications should respond to such signals, the App may not respond to them in a consistent way. We do, however, honour the tracking and advertising choices you make through the App Tracking Transparency prompt and your device settings, and we support the rights described in the sections above.
27. Changes to This Privacy Policy
We may update this Policy from time to time to reflect changes in our practices, in the App, or in legal requirements. When we make changes, we will revise the “Last updated” date at the top of this page and post the updated Policy in the same location. If the changes are material, we may provide additional notice as appropriate. We encourage you to review this Policy periodically. Your continued use of the App after the updated Policy takes effect constitutes your acceptance of the changes.
28. Contact Us
If you have any questions, concerns, requests or complaints regarding this Policy or the way your information is handled, or if you wish to exercise any of your privacy rights, please contact us using the details below, and we will do our best to assist you.
- Stepa Mobile FZE LLC
- United Arab Emirates
- Email: [email protected]