Features
Security, Privacy & Reliability at QRDex.io
QRDex.io is built and operated by Bluejay Labs, LLC, a software company founded in 2014 and based in South Florida. Bluejay Labs generates $240K+ ARR across its portfolio of products including htmlsig.com, businesscards.io, passpass.co, and qrdex.io.
Co-Founder
Former Co-Founder & CEO of Octopi, a Terminal Operating System serving 24+ global cargo ports with 99.99%+ uptime and 24/7 SLA-backed support, sold to Navis/Cargotec in 2019. Former CTO of Intellum, which powers the Meta Blueprint learning platform. MS Electrical Engineering from Georgia Tech (4.0 GPA). BS from University of Virginia.
Product manager and software developer with expertise in AI, technical product management, and design. Based in the Miami-Fort Lauderdale area. Brings a strong focus on user experience and product strategy to every Bluejay Labs product.
Hosted on Heroku, a Salesforce platform, providing enterprise-grade cloud infrastructure backed by AWS.
ISO 27001, 27017, and 27018 certified data centers via Heroku/AWS infrastructure.
SOC 1, SOC 2 Type II, and SOC 3 attestation at the Heroku platform level.
Data encrypted at rest with AES-256 and in transit with TLS.
Each application runs in its own isolated container, preventing cross-application interference.
Managed firewalls preventing IP, MAC, and ARP spoofing at the network level.
Physical security provided by AWS data centers, which are FISMA certified.
Security testing conducted by independent third-party security firms.
GDPR compliant. We follow the principles of the General Data Protection Regulation for all users, including those in the European Economic Area. See our Privacy Policy for full details.
Restricted data access. Customer data is accessed only with explicit approval or when required by legal mandate.
Transparent policies. Our Terms and Conditions and Privacy Policy are publicly available and written in plain language.
All payments are processed by Stripe, which is PCI DSS Level 1 certified -- the highest level of payment security certification.
No credit card data is stored on QRDex servers. Payment information is sent directly to Stripe and never touches our infrastructure.
Secure checkout powered by Stripe Elements, providing a pre-built, PCI-compliant payment form.
Full disk encryption is enabled on all employee devices.
Principle of least privilege governs all system access. Team members only have access to the resources required for their role.
Multi-factor authentication (MFA) is required for all infrastructure access, inherited from the Heroku platform.
Proven track record. Our team built Octopi, which maintained 99.99%+ uptime across 24+ global cargo ports with 24/7 SLA-backed support.
Heroku platform availability with automated failover and redundancy built into the infrastructure.
Continuous protection backups for the database, encrypted and stored in Amazon S3.
PostgreSQL production databases with point-in-time recovery, enabling restoration to any moment in time.
If you have questions about our security practices or need additional information, please contact us through our support channel or visit bluejay.io.