Privacy & Security
How QrioTag keeps you safe — encrypted tag IDs, anonymous messaging, and the controls you have over your data, explained in plain English.
QrioTag is designed so that the tag itself reveals nothing about you. This page is the plain-English summary of how that works. If you want the technical deep-dive, see the developer security guide and tag encryption guide.
In 30 seconds
QR and NFC tags do not store your personal information — they store an encrypted identifier. Only QrioTag's servers can resolve it. Finders only see the short message you chose. All contact happens through an anonymous relay — nobody exchanges phone numbers or emails.
Encrypted tag IDs
A QrioTag QR or NFC tag does not contain your name, address, or even the product type. It contains a short string that has been encrypted with AES-256-GCM — the same standard used by banks and governments.
The tag
Encoded: an encrypted identifier. Not your email, not your phone, not your address.
The server
Has the key. Decrypts the identifier to look up which account the tag belongs to and which message to show.
A thief with a camera
Gets nothing useful. A photo of your tag cannot be decrypted without the server's key.
If you deactivate
The tag stops resolving within seconds. The encrypted ID becomes permanently inert.
Anonymous relay for messages
When a finder taps Contact Owner, their message is routed through QrioTag. You get an email (or push notification) with a link to reply — but not the finder's email or phone number. Replies go back the same way.
A finder writes a message
They don't need an account, an app, or your contact details. Just a short note about where the item is.
QrioTag routes it to you
You get a notification. You see the message. You do not see their phone or email.
You reply through the relay
Your reply reaches them without exposing your contact info either. Both sides stay anonymous unless they choose to share.
Either side can end it
One tap blocks further contact on that tag. Blocked conversations cannot be reopened.
Anonymous messaging removes the biggest fear people have about labelling their belongings — strangers getting their phone number. See messaging for the full message flow.
What we do and don't store
We do store
Your account email and hashed password. Your recovery message (finders need to see it). A log of scans on your own tags — so we can notify you.
We don't store
The finder's identity (they are anonymous by default). Your precise location (we never ask). Message content beyond the short retention window needed for delivery.
Your controls
Standards we follow
| Area | Standard |
|---|---|
| Tag identifier encryption | AES-256-GCM |
| Scan signature verification | Timing-safe (constant-time) comparison |
| Transport | HTTPS everywhere, HSTS preload |
| Passwords | Stored as bcrypt hashes, never in plain text |
| Reset / verify tokens | SHA-256 hashed at rest |
| Browser security | Strict Content Security Policy, CSRF via Origin header |
| Data rights | GDPR (EU) and DPDP Act 2023 (India) compliance |
If something goes wrong
Suspicious scan activity
If you see scans from unexpected locations, check your notification settings and consider marking the item as LOST or STOLEN. See lost & found.
Account compromised
Change your password immediately and review active sessions under Settings → Security. Enable 2FA if you haven't already.
Lost your phone with an NFC tag
The tag's encrypted ID is tied to your account, not the phone. Your tags are safe. Log in from another device and deactivate anything you no longer have access to.
Spam or harassment via relay
Block the conversation from the message thread. The finder cannot re-initiate contact on a blocked tag.
Learn more
Full privacy policy
The legal document covering data processing, lawful bases, and your rights in detail.
Security architecture (technical)
How the platform is secured end to end — for developers and auditors.
Tag encryption (technical)
Exactly how tag IDs are encrypted, signed, and verified.
Was this page helpful?