End-Consumer Privacy Notice (QR scans)
What happens with your data when you scan a QRabl QR code on a product.
End-Consumer Privacy Notice — QR scans
This short notice explains what happens when you scan a QR code on a product label that has been generated using the QRabl platform.
QRabl is a software platform operated by WORQABLE BV (Kerkstraat 120, 2060 Antwerp, Belgium — BCE 0746.698.674) on behalf of the brand or manufacturer whose product you scanned. Two parties are involved in the data flow:
- The brand that owns the product (the "Label Owner"). The Label Owner decides what information is shown on the label page and is responsible for that information.
- WORQABLE BV ("we"), which provides the technical platform.
For everything that happens on the label content side (the product information, ingredients, certifications), the Label Owner is the data controller; we are their processor. For the limited scan analytics dataset (described below), we are an independent controller.
What we collect when you scan
When you scan a QR code generated by QRabl and view the label page, we record:
- the scan timestamp;
- your country, derived from the CDN-level IP geo-lookup (not from a precise IP);
- your device type (mobile / tablet / desktop) and browser category (e.g., "Chrome", without version);
- a non-trackable session identifier (a hashed value scoped to your tab; we cannot follow you across sessions);
- an anonymised IP address (the last octet of an IPv4 / the last 80 bits of an IPv6 are zeroed before storage);
- if you choose to chat with the AI assistant on the label: your chat messages for the duration of that session.
We do not collect your full IP address, your raw user-agent, your name, your email, or any other identifier that would allow us to identify you personally.
Why we collect
| Purpose | Legal basis (Art. 6 GDPR) |
|---|---|
| Aggregate scan analytics for the Label Owner (counts, geographies, device split) | Legitimate interest of the Label Owner (Art. 6(1)(f)) — we balance this against your right to information by collecting only minimised, aggregated data and by publishing this notice |
| Fraud prevention and counterfeit detection (e.g., flagging unusual scan patterns) | Legitimate interest of the Label Owner |
| Operating the AI chat (where you choose to use it) | Legitimate interest of the Label Owner; chat messages retained 30 days for service-quality and abuse review |
| Service security and abuse prevention | Legitimate interest of WORQABLE BV |
Track & Trace participants — separate flow
If you are a supply-chain participant (carrier, inspector, retail-floor staff) using a PIN to record scan events for a specific product batch, additional data is processed (your name, role, scan-event parameters, optionally GPS location, optionally photos). That data flow is separate from this consumer-facing notice and is governed by an explicit consent gate before your first scan and by the Track & Trace agreement between the Label Owner and us.
Cookies
No cookies are set on your device for analytics. We use cookieless analytics (self-hosted Umami). The only data stored locally is a session cookie required to keep the page open and a consent-state cookie if you interact with a consent prompt.
AI features and AI Act transparency
If the Label Owner has enabled the AI chat on the label page, you can ask the AI questions about the product. Beginning 2 August 2026, when Article 50 of the EU AI Act becomes applicable, the chat widget displays a persistent disclosure that you are interacting with an AI system. You can always contact the brand directly instead of using the chat — contact details are usually shown on the label.
The AI is provided by Anthropic (a US-based AI provider) under standard EU contractual clauses and the EU-US Data Privacy Framework. Your messages are not used to train AI models.
Retention
| Data | Retention |
|---|---|
| Scan analytics (anonymised) | 24 months, then further anonymisation of any remaining identifiers |
| AI chat messages | 30 days |
| Track & Trace participant data | Per the Label Owner's instructions; typically 10 years (regulatory) |
Sub-processors
We use a small set of EU-resident sub-processors (Hetzner for hosting, Mailjet for email, Umami self-hosted, ALTCHA self-hosted, WQ SaaS self-hosted). For specific functions we use Anthropic and OpenAI in the United States under appropriate transfer mechanisms. The full list is at qrabl.eu/legal/subprocessors.
Your rights
You have the rights set out in Articles 15-22 GDPR with respect to the limited dataset we control as described above:
- Access: ask what scan-analytics records we hold that pertain to you. Because we only hold anonymised data, we are usually unable to identify "your" records — but we will respond.
- Erasure: you may ask us to delete data identifiable to you, subject to our ability to identify it.
- Object: you can object to processing based on legitimate interest at any time.
- Complaint: you may complain to your local data-protection authority. The Belgian authority is the GBA / APD (Drukpersstraat 35, 1000 Brussels — contact@apd-gba.be).
For the data on the label content side (information about the product, the brand, certifications), please contact the Label Owner directly — they are the controller.
For our side, contact privacy@qrabl.eu.
Contact and updates
This notice may be updated. The version number and effective date at the top indicate the current version.
For questions about this notice or your data:
WORQABLE BV — privacy@qrabl.eu — Kerkstraat 120, 2060 Antwerp, Belgium.