Protected, controlled, and ready
MYQER is built to protect your information while making it available when it matters most. You control what is stored and what is shared, and access is limited, intentional, and read only.
Security by design
MYQER is built privacy first. We collect only what is needed, we restrict access by default, and your information becomes visible only when you choose to share it through your QR. We keep the system focused on a single purpose, making your chosen information available in an emergency, and we avoid collecting anything beyond that.
Encryption and data protection
- In transit: all data travels over encrypted HTTPS connections.
- At rest: your information is stored on secure certified infrastructure with encryption applied.
- Read only emergency view: a person who scans can see your information, but cannot change it.
- Minimal exposure: only the information you choose to include is ever shown.
How the two QR codes are protected
The online QR points to your live profile. It shows your latest information when there is signal, and the emergency view is always read only.
The offline QR is different. When you generate your card, the information in your profile at that moment is encoded inside the QR code itself, so it works with no signal. Because the information is held inside the code, anyone who has that printed card may be able to read what it contains. If you update your profile, your online QR updates automatically, but a printed card keeps its older snapshot until you generate and reprint it. Keep your printed card somewhere appropriate, and reprint it when your information changes.
Access control
- You decide: you choose what information is included, and you can update or remove it at any time.
- Role based and row level controls: within our database, access is restricted so that records are reached only by those permitted to.
- No advertising trackers: MYQER does not use advertising trackers, does not build advertising profiles, and does not sell your data.
- Not publicly searchable: your information is reached through your QR, not through a search engine.
Infrastructure and hosting
- Hosted on SOC 2 and ISO 27001 certified infrastructure.
- Systems are monitored and kept updated to maintain reliability and security.
- Backups are maintained to help protect against data loss. When you delete your account, your information is removed from active systems straight away, and from secure backups within thirty days.
A note on certifications. The SOC 2 and ISO 27001 certifications belong to the infrastructure that hosts MYQER, not to MYQER itself. We are clear about this on purpose, and we will not claim a certification we do not hold.
Security review and disclosure
Security is reviewed as part of our ongoing development. We monitor our dependencies and address risks as they are identified. If an issue is found, we act quickly to resolve it.
If you believe you have found a security issue, please tell us at hello@myqer.com. We review every report and respond as soon as we can. We are grateful to anyone who helps us keep MYQER safe.
What is in place, and what is next
We separate what is true today from what is on our roadmap, because we will never present a future plan as a present fact.
In place today
- Encryption in transit and at rest.
- Role based and row level access controls.
- Read only emergency views.
- SOC 2 and ISO 27001 certified hosting.
- ICO registration ZC076886.
On our roadmap
- Cyber Essentials certification, currently in progress.
- Independent security testing as we grow.
- Incident response and breach notification testing.
- Continuous review of how data is stored and accessed.
Want the full detail?
Our Trust and Compliance Centre sets out the law, your rights, and how organisations can rely on MYQER.