qrius.io
Sign inStart Free
🍽️

GDPR-Compliant QR Codes for Restaurants

Digital menus, table ordering, and WiFi sharing — without storing your guests' personal data.

Start free — no credit cardTry the generator →

How restaurants use Qrius

Digital menu accessible via table QR code
Instant WiFi access for guests — no password handover
Loyalty program registration via vCard or URL QR
Daily specials or seasonal menu updates without reprinting

Restaurants and GDPR — what you need to know

Restaurant guests are private individuals. Scanning a menu QR should never generate a data trail. Qrius never stores raw IP addresses — your guests are anonymous even when you track scan volume.

Qrius never stores raw IP addresses, sets no cookies on scan, and keeps all data on EU servers in Stockholm, Sweden. Full GDPR Article 28 DPA available on paid plans.

Full GDPR technical overview →

Recommended QR code types

Menu QRWiFi QRURL / Dynamic linkvCard

All types available in the free generator and QR explorer.

Frequently asked questions

Do I need a cookie banner if guests scan a menu QR code?

With Qrius — no. We use no cookies, no browser storage, and no fingerprinting when a QR code is scanned. Your guests see your menu, not a consent popup. This is by design: scan tracking is based on anonymous hashing, not personal data collection.

Can I update my restaurant menu without printing new QR codes?

Yes. Qrius QR codes are dynamic — the destination URL can be changed at any time from your dashboard. Update your menu link when you change the PDF or website. The printed QR code stays the same.

How do I know how many guests scanned my menu?

Your dashboard shows total scans, daily trends, and device breakdown (mobile vs desktop). All analytics are GDPR-safe — no IP addresses, no personal data, just aggregated counts.

Is it GDPR-compliant for restaurants to use QR codes for WiFi access?

Yes, if you use the right tool. Qrius WiFi QR codes share your network credentials encoded in the QR — the scan does not create any log entry or personal data record. Guests connect, and nothing is stored.

🇪🇺

GDPR-compliant by design — not by policy

Your visitors' IP addresses are never stored. On each scan we run a geo-lookup, then immediately hash the IP with HMAC-SHA256 and a daily rotating salt. The original address is discarded. No cookies. No fingerprinting. All data stays on EU servers in Stockholm, Sweden.

✓ No raw IP addresses✓ No cookies✓ EU hosting✓ DPA available✓ Schrems II safe

Need documentation for your DPO? Full GDPR overview → · Download DPA →

Ready to get started?

Free plan available. GDPR-compliant from day one. No credit card required.

Create free account →