Quick Responding codes, namely QR codes, are widely used in various communication applications and electronic transactions such as electronic payments and information integrations, since they provide excellent characteristics such as large data capacity, widely coding domain, and stronger error correction ability etc. However, as the QR code is transmitted on public channel and can be scanned by any QR reader, one can obtain the data from the encoded QR code. Simultaneously, the encoding and decoding algorithms are public, the sensitive data such as paying account and password will be revealed to the QR reader, which might incubate the risk of privacy leakage. For solving this problem, this paper proposes a novel approach to protect the private data in QR code. In our method, the secret information is embedded in the random position of a QR code matrix by utilizing an error-correcting mechanism, and only authorized user in possession of required keys will be able to retrieve and recover this secret data embedded and hidden in the QR code. The user without the secret key can only decode public information from the QR code. Although our hiding scheme will decrease the rate of error-correctness of QR decoding, we indicate that the analysis shows that scheme is effect om practical applications. Compared with related schemes, the proposed scheme provides higher security that is less likely to attract the attention of potential attackers.