Privacy Policy
Last updated: May 6, 2026
Effective Date: May 6, 2026
Operated by: India Tax Info Private Limited
App: QRBell – Smart Video Doorbell
QRBell ("we", "our", or "us") is a smart video doorbell service operated by India Tax Info Private Limited. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use the QRBell mobile application and website (qrbell.co.in). By using QRBell, you agree to the practices described in this policy.
1. Information We Collect
a) Information You Provide
- Phone number and country code — used for account registration and OTP verification via SMS
- Full name — used for your vendor profile displayed inside the app
- Email address — optional, used for account recovery and communication
- Google account information — if you sign in with Google, we receive your name and email address from Google Sign-In
- Family member details — if you add family members to your account, we collect their name, relationship, phone number (optional), email address (optional), and access permissions you configure
- QR code location — if you choose to tag a QR code with a location, we collect the GPS coordinates (latitude and longitude) and/or a text address. This is entirely optional and user-initiated
- Support ticket content — text descriptions and replies you provide when submitting support requests
- Auto-reply messages — custom text messages you configure to be sent automatically to visitors
b) Information Collected Automatically
- Call history — records of visitor calls including timestamps, duration, and status (answered, missed, declined)
- Visitor device information — when a visitor scans your QR code, we log their IP address and browser user agent for security purposes (e.g. blocking abusive visitors). If the visitor's browser shares their location, their GPS coordinates may be logged
- Device push token (FCM token) — collected by Firebase Cloud Messaging to deliver incoming call notifications to your device
- Crash reports — automatically collected by Firebase Crashlytics including device model, OS version, and app state at time of crash
- Payment references — when you purchase a subscription, we store the Razorpay order ID and payment ID for transaction verification. We do not store your card or bank details; these are handled entirely by Razorpay
c) Information Collected During Calls
- Camera and microphone (video calls) — accessed only during an active video/audio call with a visitor. Audio and video streams are transmitted in real time through Agora RTC's infrastructure and are not stored by us
- Camera (QR scanning) — the camera is also used to scan QR codes within the app (e.g. to look up or manage a QR code). No images or video from QR scanning are stored
2. How We Use Your Information
- To create and manage your QRBell vendor account
- To authenticate your identity via OTP or Google Sign-In during login
- To auto-fill OTP codes from incoming SMS with your consent (SMS User Consent API)
- To deliver incoming visitor call notifications to your device
- To enable real-time video and audio calls between you and your visitors
- To enable in-app QR code scanning for QR management
- To display your call history and activity log in the app
- To manage family members and their access permissions to your QR codes
- To tag your QR codes with a physical location (only when you explicitly set one)
- To process subscription payments and verify transactions via Razorpay
- To send service-related updates and alerts
- To diagnose crashes and improve app stability using Crashlytics
- To respond to your support requests and tickets
- To enforce visitor blocking by logging visitor IP addresses
3. Camera and Microphone Access
QRBell uses your device camera and microphone for two purposes:
- Video/audio calls — camera and microphone are accessed during an active call with a visitor who scanned your QR code. We do not record, capture, or store any call audio or video
- QR code scanning — camera is used to scan QR codes within the app for management purposes. No images are captured or stored during scanning
4. Third-Party Services and SDKs
QRBell uses the following third-party services and SDKs that may collect or process your data. We only use SDKs that comply with Google Play Developer Program policies and applicable data protection regulations.
Agora RTC (Agora.io)
Real-time video and audio calls are powered by the Agora RTC SDK (v4.6.3). During an active call, your audio and video streams are transmitted through Agora's global infrastructure. Agora may collect technical metadata such as device type, network quality, and call duration for quality-of-service purposes. Call audio and video content is not stored by Agora or by us.
Privacy policy: agora.io/en/privacy-policy
Firebase — Cloud Messaging & Crashlytics (Google LLC)
- Firebase Cloud Messaging (FCM) — delivers push notifications to alert you of incoming visitor calls. FCM registers and stores a device push token on your device
- Firebase Crashlytics — automatically collects crash reports including device model, OS version, and app stack traces to help us identify and fix bugs
Firebase is operated by Google LLC. Privacy policy: policies.google.com/privacy
Google Sign-In (Google LLC)
QRBell supports sign-in with your Google account. If you choose this option, Google shares your name and email address with us via an OAuth token. We do not receive your Google password. You can revoke this access at any time from your Google account's connected apps settings.
Privacy policy: policies.google.com/privacy
Google SMS User Consent API (Google LLC)
When you log in via OTP, the app uses Android's SMS User Consent API to automatically detect and pre-fill the OTP code from an incoming SMS. A system prompt asks for your permission before reading the SMS. The app reads only the single OTP message and does not access any other SMS content.
Privacy policy: policies.google.com/privacy
Google ML Kit Barcode Scanning (Google LLC)
QRBell uses Google ML Kit's on-device barcode scanning to scan QR codes within the app. All scanning processing happens locally on your device; no camera frames are sent to Google's servers.
Privacy policy: policies.google.com/privacy
Razorpay (Razorpay Software Pvt Ltd)
Subscription payments are processed by Razorpay. When you purchase a plan, the payment flow is handled through Razorpay's secure payment interface. We receive only a transaction reference (order ID and payment ID) to verify your payment. We do not store your card number, bank details, or UPI credentials — these are handled solely by Razorpay under their PCI-DSS compliant infrastructure.
Privacy policy: razorpay.com/privacy
SMS / OTP Gateway
We use a third-party SMS gateway to send OTP verification codes to your mobile number during login. Your phone number is shared with this provider solely for this purpose and is not used for marketing.
Amazon Web Services (AWS)
QR code images and user avatars are stored securely on Amazon S3. AWS handles storage under their standard data protection and security practices.
Privacy policy: aws.amazon.com/privacy
5. Push Notifications
QRBell sends push notifications to alert you when a visitor scans your QR code and initiates a call. Notifications are delivered via Firebase Cloud Messaging (FCM).
You can disable notifications at any time through your device settings. Disabling notifications will prevent you from receiving incoming call alerts even when the app is in the background.
6. Information Sharing
We do not sell, trade, or rent your personal information to any third party. We share your data only in the following limited circumstances:
- Service providers — Firebase, Agora, AWS, and SMS gateway providers as described above, each bound by their own privacy policies
- Legal compliance — when required by applicable law, court order, or government authority
- Safety — to protect the rights, property, or safety of QRBell, our users, or the public
- Business transfer — in the event of a merger, acquisition, or sale of assets, with prior notice provided to users
7. Data Security
- All data transmitted between the app and our servers is encrypted using HTTPS/TLS
- Authentication tokens are stored securely on your device using Android's encrypted DataStore
- Session tokens are excluded from Android's cloud backup to prevent unintended restoration on new devices
- We do not store call audio or video content
While we implement industry-standard security measures, no method of transmission over the internet is 100% secure. We encourage you to keep your app updated to receive the latest security improvements.
8. Data Retention
- Account data (name, phone, email) — retained for the lifetime of your account
- Family member data — retained until you delete the family member or your account
- Call history — retained for up to 12 months from the date of the call (subject to your subscription plan limits)
- QR code location data — retained until you remove the location or delete the QR code
- Payment references (Razorpay order/payment IDs) — retained for up to 7 years as required for financial record-keeping under applicable law
- Crash reports — retained by Firebase Crashlytics for 90 days
- FCM push tokens — retained until you log out or uninstall the app
- Support tickets — retained for up to 2 years from the date of submission
Upon account deletion, your personal data, QR codes, family members, and call history are permanently deleted within 30 days, except where retention is required by applicable law (e.g. payment records).
9. Your Rights
You have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you
- Correction — request correction of inaccurate or incomplete information
- Deletion — request deletion of your account and all associated data
- Opt-out — disable push notifications or marketing communications at any time
- Portability — request an export of your data in a structured format
To exercise any of these rights, email us at contact@qrbell.co.in or use our contact form at qrbell.co.in/contact.
10. Account Deletion
You can request deletion of your QRBell account and all associated data at any time through either of the following:
- Submit a request via our contact page: qrbell.co.in/contact — select subject "Account Deletion Request"
- Email us at contact@qrbell.co.in with the subject line "Delete My Account"
11. Cookies and Tracking
Our website (qrbell.co.in) may use cookies and similar technologies for session management and basic analytics. You can control cookie preferences through your browser settings.
The QRBell mobile app does not use advertising cookies or third-party tracking SDKs for marketing purposes.
12. Children's Privacy
QRBell is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete it promptly.
If you believe a child has submitted their data to QRBell, please contact us immediately at contact@qrbell.co.in.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you through the app or by email. Your continued use of QRBell after changes are posted constitutes your acceptance of the updated policy.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us: