QRiteClick Privacy Policy

Effective Date: April 28, 2025

Introduction

QRiteClick is a lightweight browser extension that allows users to generate QR codes for links and pages via right-click. This extension was created with privacy in mind, and we are committed to ensuring your data stays yours.

Information We Collect

We do not collect any personal data.

• No access to browsing history
• No tracking of page content
• No personal or credential data
• No analytics or fingerprinting

What QRiteClick Does

• Uses the contextMenus API for right-click menu
• Accesses the tab URL only when the user requests a QR code
• Displays a floating popup UI
• Generates QR codes entirely in-browser using the bundled QRCodeStyling library
• Provides share icons for platforms like Facebook, Twitter (X), LinkedIn, WhatsApp, Telegram, and Email
• Offers options to download QR codes as PNG, JPG, or SVG

Permissions

• contextMenus: Adds right-click option
• activeTab: Reads tab URL when generating QR
• scripting: Injects popup overlay
• clipboardWrite: Enables copying QR or link
• storage: Persist user preferences (download format) and cache QR-to-URL mappings locally

Data Storage

We use the chrome.storage.local API solely to store:

• Download format preference (PNG, JPG, or SVG)
• QR-to-URL cache, to avoid re-uploading the same QR code when sharing

All data remains within the extension’s private storage area and is never shared with third parties.

External Services

The extension does not send personal data to third parties. Network requests are limited to:

• Imgur: When you share a QR code via the share icons, the QR code image blob is uploaded directly to Imgur’s REST API over HTTPS. No external scripts are executed, and only the image data is sent.

Remote Code

QRiteClick does not load or execute any JavaScript or WebAssembly that isn’t bundled with the extension. Specifically:

• No <script> tags or module imports from external URLs.
• No use of eval() on network-fetched strings.
• All UI code and libraries (including QRCodeStyling) are packaged within the extension.
• Network requests for data only: local assets via chrome.runtime.getURL and image uploads to Imgur’s REST API over HTTPS.
• A strict Content Security Policy blocks any inline or remote script execution.

Changes

Any future updates will be documented here with a changelog.

Contact

Questions or feedback? DM me on Twitter/X or buy me a coffee ☕.

© 2025 Phillip Maizza. All rights reserved.