Privacy & Security
How itemID protects your privacy.
Privacy by Design
itemID is built with privacy as a core principle, not an afterthought. When someone scans your QR code, they never see your personal information β no name, no email, no phone number. All communication happens through our anonymous messaging system, and you decide what (if anything) to share.
We follow GDPR regulations and apply the principle of data minimization: we only collect and store what's strictly necessary to provide the service.
How Your Data Is Protected
Your account data is protected by multiple layers of security:
- Encryption: All data is encrypted in transit (TLS/HTTPS) and sensitive data is encrypted at rest
- Password hashing: Passwords are hashed using industry-standard bcrypt algorithms
- PIN protection: A secure PIN protects sensitive actions and item claiming. itemID uses 4-digit numeric PINs for standard accounts and 6-character alphanumeric PINs for licensed organization products.
- Session management: Automatic session expiry and the ability to revoke active sessions
What Finders Can See
When someone scans your QR code, they see only what you've chosen to display: the item name, your custom finder message, and a contact form. They cannot see your email address, your real name, or any other personal details. Even your username is not displayed to finders.
Your Rights
As a user, you have full control over your data. You can export all your data at any time, update or delete your personal information, and permanently delete your account along with all associated data. We provide clear data management tools in your account settings to exercise these rights.
For questions about privacy or to request data deletion, you can contact our support team or use the self-service tools in your account settings.