diff --git a/app/models/QRCode.server.js b/app/models/QRCode.server.js
index 6fe3abd..7d4bcc6 100644
--- a/app/models/QRCode.server.js
+++ b/app/models/QRCode.server.js
@@ -1,55 +1,71 @@
 import qrcode from "qrcode";
 import invariant from "tiny-invariant";
-import db from "../db.server";
+import {
+  getQRCodeById,
+  getQRCodes as getQRCodesFromRepo,
+} from "./qrcode.repository";
 
 // [START get-qrcode]
-export async function getQRCode(id, graphql) {
-  const qrCode = await db.qRCode.findFirst({ where: { id } });
+export async function getQRCode(id, graphql, shop) {
+  const qrCode = await getQRCodeById(graphql, id);
 
   if (!qrCode) {
     return null;
   }
 
-  return supplementQRCode(qrCode, graphql);
+  return supplementQRCode(qrCode, graphql, shop);
 }
 
 export async function getQRCodes(shop, graphql) {
-  const qrCodes = await db.qRCode.findMany({
-    where: { shop },
-    orderBy: { id: "desc" },
-  });
+  const qrCodes = await getQRCodesFromRepo(graphql);
 
   if (qrCodes.length === 0) return [];
 
   return Promise.all(
-    qrCodes.map((qrCode) => supplementQRCode(qrCode, graphql))
+    qrCodes.map((qrCode) => supplementQRCode(qrCode, graphql, shop))
   );
 }
 // [END get-qrcode]
 
 // [START get-qrcode-image]
-export function getQRCodeImage(id) {
-  const url = new URL(`/qrcodes/${id}/scan`, process.env.SHOPIFY_APP_URL);
+export function getQRCodeImage(id, shop) {
+  // Extract the numeric ID from the GID if needed
+  const idForUrl = extractIdFromGid(id);
+  const url = new URL(`/qrcodes/${idForUrl}/scan`, process.env.SHOPIFY_APP_URL);
+  // Include shop as query parameter for unauthenticated access
+  if (shop) {
+    url.searchParams.set("shop", shop);
+  }
   return qrcode.toDataURL(url.href);
 }
+
+function extractIdFromGid(gid) {
+  // If it's already a simple ID, return as-is
+  if (!gid.startsWith("gid://")) {
+    return gid;
+  }
+  // Extract the ID from gid://shopify/Metaobject/123456
+  const match = gid.match(/\/(\d+)$/);
+  return match ? match[1] : gid;
+}
 // [END get-qrcode-image]
 
 // [START get-destination]
-export function getDestinationUrl(qrCode) {
+export function getDestinationUrl(qrCode, shop) {
   if (qrCode.destination === "product") {
-    return `https://${qrCode.shop}/products/${qrCode.productHandle}`;
+    return `https://${shop}/products/${qrCode.productHandle}`;
   }
 
   const match = /gid:\/\/shopify\/ProductVariant\/([0-9]+)/.exec(qrCode.productVariantId);
   invariant(match, "Unrecognized product variant ID");
 
-  return `https://${qrCode.shop}/cart/${match[1]}:1`;
+  return `https://${shop}/cart/${match[1]}:1`;
 }
 // [END get-destination]
 
 // [START hydrate-qrcode]
-async function supplementQRCode(qrCode, graphql) {
-  const qrCodeImagePromise = getQRCodeImage(qrCode.id);
+async function supplementQRCode(qrCode, graphql, shop) {
+  const qrCodeImagePromise = getQRCodeImage(qrCode.id, shop);
 
   const response = await graphql(
     `
@@ -82,11 +98,12 @@ async function supplementQRCode(qrCode, graphql) {
 
   return {
     ...qrCode,
+    shop,
     productDeleted: !product?.title,
     productTitle: product?.title,
     productImage: product?.media?.nodes[0]?.preview?.image?.url,
     productAlt: product?.media?.nodes[0]?.preview?.image?.altText,
-    destinationUrl: getDestinationUrl(qrCode),
+    destinationUrl: getDestinationUrl(qrCode, shop),
     image: await qrCodeImagePromise,
   };
 }
diff --git a/app/models/qrcode.repository.js b/app/models/qrcode.repository.js
new file mode 100644
index 0000000..335eec0
--- /dev/null
+++ b/app/models/qrcode.repository.js
@@ -0,0 +1,271 @@
+/**
+ * QR Code Repository
+ * Handles all metaobject CRUD operations for QR codes
+ */
+
+const METAOBJECT_TYPE = "$app:qrcode";
+
+/**
+ * Get a single QR code by ID
+ */
+export async function getQRCodeById(graphql, id) {
+  const response = await graphql(
+    `#graphql
+      query GetQRCode($id: ID!) {
+        metaobject(id: $id) {
+          id
+          handle
+          updatedAt
+          title: field(key: "title") { value }
+          productId: field(key: "product_id") { value }
+          productHandle: field(key: "product_handle") { value }
+          productVariantId: field(key: "product_variant_id") { value }
+          destination: field(key: "destination") { value }
+          scans: field(key: "scans") { value }
+        }
+      }
+    `,
+    { variables: { id } }
+  );
+
+  const { data } = await response.json();
+
+  if (!data?.metaobject) {
+    return null;
+  }
+
+  return mapMetaobjectToQRCode(data.metaobject);
+}
+
+/**
+ * Get all QR codes for the shop
+ */
+export async function getQRCodes(graphql) {
+  const response = await graphql(
+    `#graphql
+      query GetQRCodes($type: String!) {
+        metaobjects(type: $type, first: 100, reverse: true) {
+          nodes {
+            id
+            handle
+            updatedAt
+            title: field(key: "title") { value }
+            productId: field(key: "product_id") { value }
+            productHandle: field(key: "product_handle") { value }
+            productVariantId: field(key: "product_variant_id") { value }
+            destination: field(key: "destination") { value }
+            scans: field(key: "scans") { value }
+          }
+        }
+      }
+    `,
+    { variables: { type: METAOBJECT_TYPE } }
+  );
+
+  const { data } = await response.json();
+
+  if (!data?.metaobjects?.nodes) {
+    return [];
+  }
+
+  return data.metaobjects.nodes.map(mapMetaobjectToQRCode);
+}
+
+/**
+ * Create a new QR code
+ */
+export async function createQRCode(graphql, qrCodeData) {
+  const response = await graphql(
+    `#graphql
+      mutation CreateQRCode($metaobject: MetaobjectCreateInput!) {
+        metaobjectCreate(metaobject: $metaobject) {
+          metaobject {
+            id
+            handle
+            title: field(key: "title") { value }
+            productId: field(key: "product_id") { value }
+            productHandle: field(key: "product_handle") { value }
+            productVariantId: field(key: "product_variant_id") { value }
+            destination: field(key: "destination") { value }
+            scans: field(key: "scans") { value }
+          }
+          userErrors {
+            field
+            message
+            code
+          }
+        }
+      }
+    `,
+    {
+      variables: {
+        metaobject: {
+          type: METAOBJECT_TYPE,
+          fields: [
+            { key: "title", value: qrCodeData.title },
+            { key: "product_id", value: qrCodeData.productId },
+            { key: "product_handle", value: qrCodeData.productHandle },
+            { key: "product_variant_id", value: qrCodeData.productVariantId },
+            { key: "destination", value: qrCodeData.destination },
+            { key: "scans", value: "0" },
+          ],
+        },
+      },
+    }
+  );
+
+  const { data } = await response.json();
+
+  if (data?.metaobjectCreate?.userErrors?.length > 0) {
+    throw new Error(data.metaobjectCreate.userErrors.map(e => e.message).join(", "));
+  }
+
+  return mapMetaobjectToQRCode(data.metaobjectCreate.metaobject);
+}
+
+/**
+ * Update an existing QR code
+ */
+export async function updateQRCode(graphql, id, qrCodeData) {
+  const response = await graphql(
+    `#graphql
+      mutation UpdateQRCode($id: ID!, $metaobject: MetaobjectUpdateInput!) {
+        metaobjectUpdate(id: $id, metaobject: $metaobject) {
+          metaobject {
+            id
+            handle
+            title: field(key: "title") { value }
+            productId: field(key: "product_id") { value }
+            productHandle: field(key: "product_handle") { value }
+            productVariantId: field(key: "product_variant_id") { value }
+            destination: field(key: "destination") { value }
+            scans: field(key: "scans") { value }
+          }
+          userErrors {
+            field
+            message
+            code
+          }
+        }
+      }
+    `,
+    {
+      variables: {
+        id,
+        metaobject: {
+          fields: [
+            { key: "title", value: qrCodeData.title },
+            { key: "product_id", value: qrCodeData.productId },
+            { key: "product_handle", value: qrCodeData.productHandle },
+            { key: "product_variant_id", value: qrCodeData.productVariantId },
+            { key: "destination", value: qrCodeData.destination },
+          ],
+        },
+      },
+    }
+  );
+
+  const { data } = await response.json();
+
+  if (data?.metaobjectUpdate?.userErrors?.length > 0) {
+    throw new Error(data.metaobjectUpdate.userErrors.map(e => e.message).join(", "));
+  }
+
+  return mapMetaobjectToQRCode(data.metaobjectUpdate.metaobject);
+}
+
+/**
+ * Delete a QR code
+ */
+export async function deleteQRCode(graphql, id) {
+  const response = await graphql(
+    `#graphql
+      mutation DeleteQRCode($id: ID!) {
+        metaobjectDelete(id: $id) {
+          deletedId
+          userErrors {
+            field
+            message
+            code
+          }
+        }
+      }
+    `,
+    { variables: { id } }
+  );
+
+  const { data } = await response.json();
+
+  if (data?.metaobjectDelete?.userErrors?.length > 0) {
+    throw new Error(data.metaobjectDelete.userErrors.map(e => e.message).join(", "));
+  }
+
+  return data.metaobjectDelete.deletedId;
+}
+
+/**
+ * Increment the scan count for a QR code
+ */
+export async function incrementQRCodeScans(graphql, id) {
+  // First get the current scan count
+  const qrCode = await getQRCodeById(graphql, id);
+
+  if (!qrCode) {
+    return null;
+  }
+
+  const newScans = (qrCode.scans || 0) + 1;
+
+  const response = await graphql(
+    `#graphql
+      mutation IncrementScans($id: ID!, $metaobject: MetaobjectUpdateInput!) {
+        metaobjectUpdate(id: $id, metaobject: $metaobject) {
+          metaobject {
+            id
+            scans: field(key: "scans") { value }
+          }
+          userErrors {
+            field
+            message
+            code
+          }
+        }
+      }
+    `,
+    {
+      variables: {
+        id,
+        metaobject: {
+          fields: [{ key: "scans", value: String(newScans) }],
+        },
+      },
+    }
+  );
+
+  const { data } = await response.json();
+
+  if (data?.metaobjectUpdate?.userErrors?.length > 0) {
+    throw new Error(data.metaobjectUpdate.userErrors.map(e => e.message).join(", "));
+  }
+
+  return { ...qrCode, scans: newScans };
+}
+
+/**
+ * Map a metaobject to a QR code object
+ */
+function mapMetaobjectToQRCode(metaobject) {
+  if (!metaobject) return null;
+
+  return {
+    id: metaobject.id,
+    handle: metaobject.handle,
+    createdAt: metaobject.updatedAt,
+    title: metaobject.title?.value || "",
+    productId: metaobject.productId?.value || "",
+    productHandle: metaobject.productHandle?.value || "",
+    productVariantId: metaobject.productVariantId?.value || "",
+    destination: metaobject.destination?.value || "",
+    scans: parseInt(metaobject.scans?.value || "0", 10),
+  };
+}
diff --git a/app/routes/app._index.jsx b/app/routes/app._index.jsx
index d0001ea..7088719 100644
--- a/app/routes/app._index.jsx
+++ b/app/routes/app._index.jsx
@@ -16,6 +16,12 @@ import {
 import { getQRCodes } from "../models/QRCode.server";
 import { AlertDiamondIcon, ImageIcon } from "@shopify/polaris-icons";
 
+function extractIdFromGid(gid) {
+  if (!gid || typeof gid !== "string") return gid;
+  const match = gid.match(/Metaobject\/(\d+)/);
+  return match ? match[1] : gid;
+}
+
 // [START loader]
 export async function loader({ request }) {
   const { admin, session } = await authenticate.admin(request);
@@ -66,7 +72,7 @@ const QRTable = ({ qrCodes }) => (
     selectable={false}
   >
     {qrCodes.map((qrCode) => (
-      <QRTableRow key={qrCode.id} qrCode={qrCode} />
+      <QRTableRow key={extractIdFromGid(qrCode.id)} qrCode={qrCode} />
     ))}
   </IndexTable>
 );
@@ -74,7 +80,7 @@ const QRTable = ({ qrCodes }) => (
 
 // [START row]
 const QRTableRow = ({ qrCode }) => (
-  <IndexTable.Row id={qrCode.id} position={qrCode.id}>
+  <IndexTable.Row id={extractIdFromGid(qrCode.id)} position={extractIdFromGid(qrCode.id)}>
     <IndexTable.Cell>
       <Thumbnail
         source={qrCode.productImage || ImageIcon}
@@ -83,7 +89,7 @@ const QRTableRow = ({ qrCode }) => (
       />
     </IndexTable.Cell>
     <IndexTable.Cell>
-      <Link to={`qrcodes/${qrCode.id}`}>{truncate(qrCode.title)}</Link>
+      <Link to={`qrcodes/${extractIdFromGid(qrCode.id)}`}>{truncate(qrCode.title)}</Link>
     </IndexTable.Cell>
     <IndexTable.Cell>
       {/* [START deleted] */}
diff --git a/app/routes/app.qrcodes.$id.jsx b/app/routes/app.qrcodes.$id.jsx
index 3533083..5659c0f 100644
--- a/app/routes/app.qrcodes.$id.jsx
+++ b/app/routes/app.qrcodes.$id.jsx
@@ -27,12 +27,23 @@ import {
 } from "@shopify/polaris";
 import { ImageIcon } from "@shopify/polaris-icons";
 
-import db from "../db.server";
 import { getQRCode, validateQRCode } from "../models/QRCode.server";
+import {
+  createQRCode,
+  updateQRCode,
+  deleteQRCode,
+} from "../models/qrcode.repository";
+
+function extractIdFromGid(gid) {
+  if (!gid || typeof gid !== "string") return gid;
+  const match = gid.match(/Metaobject\/(\d+)/);
+  return match ? match[1] : gid;
+}
 
 export async function loader({ request, params }) {
   // [START authenticate]
-  const { admin } = await authenticate.admin(request);
+  const { admin, session } = await authenticate.admin(request);
+  const { shop } = session;
   // [END authenticate]
 
   // [START data]
@@ -43,23 +54,26 @@ export async function loader({ request, params }) {
     });
   }
 
-  return json(await getQRCode(Number(params.id), admin.graphql));
+  // Convert numeric ID to GID format for metaobject lookup
+  const gid = `gid://shopify/Metaobject/${params.id}`;
+  return json(await getQRCode(gid, admin.graphql, shop));
   // [END data]
 }
 
 // [START action]
 export async function action({ request, params }) {
-  const { session } = await authenticate.admin(request);
-  const { shop } = session;
+  const { admin } = await authenticate.admin(request);
 
   /** @type {any} */
   const data = {
     ...Object.fromEntries(await request.formData()),
-    shop,
   };
 
+  // Convert numeric ID to GID format for metaobject operations
+  const gid = params.id !== "new" ? `gid://shopify/Metaobject/${params.id}` : null;
+
   if (data.action === "delete") {
-    await db.qRCode.delete({ where: { id: Number(params.id) } });
+    await deleteQRCode(admin.graphql, gid);
     return redirect("/app");
   }
 
@@ -69,12 +83,22 @@ export async function action({ request, params }) {
     return json({ errors }, { status: 422 });
   }
 
+  const qrCodeData = {
+    title: data.title,
+    productId: data.productId,
+    productHandle: data.productHandle,
+    productVariantId: data.productVariantId,
+    destination: data.destination,
+  };
+
   const qrCode =
     params.id === "new"
-      ? await db.qRCode.create({ data })
-      : await db.qRCode.update({ where: { id: Number(params.id) }, data });
+      ? await createQRCode(admin.graphql, qrCodeData)
+      : await updateQRCode(admin.graphql, gid, qrCodeData);
 
-  return redirect(`/app/qrcodes/${qrCode.id}`);
+  // Extract the numeric ID from the GID for the redirect URL
+  const idForUrl = extractIdFromGid(qrCode.id);
+  return redirect(`/app/qrcodes/${idForUrl}`);
 }
 // [END action]
 
@@ -266,7 +290,7 @@ export default function QRCodeForm() {
               </Button>
               <Button
                 disabled={!qrCode.id}
-                url={`/qrcodes/${qrCode.id}`}
+                url={`/qrcodes/${qrCode.id?.match?.(/Metaobject\/(\d+)/)?.[1] || qrCode.id}?shop=${qrCode.shop || ""}`}
                 target="_blank"
               >
                 Go to public URL
diff --git a/app/routes/qrcodes.$id.jsx b/app/routes/qrcodes.$id.jsx
index 076fc3f..c09f77f 100644
--- a/app/routes/qrcodes.$id.jsx
+++ b/app/routes/qrcodes.$id.jsx
@@ -2,21 +2,27 @@ import { json } from "@remix-run/node";
 import invariant from "tiny-invariant";
 import { useLoaderData } from "@remix-run/react";
 
-import db from "../db.server";
+import { unauthenticated } from "../shopify.server";
+import { getQRCodeById } from "../models/qrcode.repository";
 import { getQRCodeImage } from "../models/QRCode.server";
 
 // [START loader]
-export const loader = async ({ params }) => {
+export const loader = async ({ params, request }) => {
   invariant(params.id, "Could not find QR code destination");
 
-  const id = Number(params.id);
-  const qrCode = await db.qRCode.findFirst({ where: { id } });
+  const url = new URL(request.url);
+  const shop = url.searchParams.get("shop");
+  invariant(shop, "Shop parameter is required");
+
+  const { admin } = await unauthenticated.admin(shop);
+  const gid = `gid://shopify/Metaobject/${params.id}`;
+  const qrCode = await getQRCodeById(admin.graphql, gid);
 
   invariant(qrCode, "Could not find QR code destination");
 
   return json({
     title: qrCode.title,
-    image: await getQRCodeImage(id),
+    image: await getQRCodeImage(gid, shop),
   });
 };
 // [END loader]
diff --git a/app/routes/qrcodes.$id.scan.jsx b/app/routes/qrcodes.$id.scan.jsx
index a473640..ea49c97 100644
--- a/app/routes/qrcodes.$id.scan.jsx
+++ b/app/routes/qrcodes.$id.scan.jsx
@@ -1,27 +1,30 @@
 import { redirect } from "@remix-run/node";
 import invariant from "tiny-invariant";
-import db from "../db.server";
 
+import { unauthenticated } from "../shopify.server";
+import { getQRCodeById, incrementQRCodeScans } from "../models/qrcode.repository";
 import { getDestinationUrl } from "../models/QRCode.server";
 
-export const loader = async ({ params }) => {
+export const loader = async ({ params, request }) => {
   // [START validate]
   invariant(params.id, "Could not find QR code destination");
 
-  const id = Number(params.id);
-  const qrCode = await db.qRCode.findFirst({ where: { id } });
+  const url = new URL(request.url);
+  const shop = url.searchParams.get("shop");
+  invariant(shop, "Shop parameter is required");
+
+  const { admin } = await unauthenticated.admin(shop);
+  const gid = `gid://shopify/Metaobject/${params.id}`;
+  const qrCode = await getQRCodeById(admin.graphql, gid);
 
   invariant(qrCode, "Could not find QR code destination");
   // [END validate]
 
   // [START increment]
-  await db.qRCode.update({
-    where: { id },
-    data: { scans: { increment: 1 } },
-  });
+  await incrementQRCodeScans(admin.graphql, gid);
   // [END increment]
 
   // [START redirect]
-  return redirect(getDestinationUrl(qrCode));
+  return redirect(getDestinationUrl(qrCode, shop));
   // [END redirect]
 };
diff --git a/prisma/migrations/20230718141834_add_product_handle_to_the_database/migration.sql b/prisma/migrations/20230718141834_add_product_handle_to_the_database/migration.sql
index 3a8ee63..5decb97 100644
--- a/prisma/migrations/20230718141834_add_product_handle_to_the_database/migration.sql
+++ b/prisma/migrations/20230718141834_add_product_handle_to_the_database/migration.sql
@@ -9,16 +9,3 @@ CREATE TABLE "Session" (
     "accessToken" TEXT NOT NULL,
     "userId" BIGINT
 );
-
--- CreateTable
-CREATE TABLE "QRCode" (
-    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-    "title" TEXT NOT NULL,
-    "shop" TEXT NOT NULL,
-    "productId" TEXT NOT NULL,
-    "productHandle" TEXT NOT NULL,
-    "productVariantId" TEXT NOT NULL,
-    "destination" TEXT NOT NULL,
-    "scans" INTEGER NOT NULL DEFAULT 0,
-    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
-);
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 3cbcb94..e2279c0 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -21,17 +21,4 @@ model Session {
   userId      BigInt?
 }
 
-// [START qrcode-model]
-model QRCode {
-  id               Int      @id @default(autoincrement())
-  title            String
-  shop             String
-  productId        String
-  productHandle    String
-  productVariantId String
-  destination      String
-  scans            Int      @default(0)
-  createdAt        DateTime @default(now())
-}
-
 // [END qrcode-model]
diff --git a/shopify.app.toml b/shopify.app.toml
index 7659888..b884053 100644
--- a/shopify.app.toml
+++ b/shopify.app.toml
@@ -1,3 +1,3 @@
 # This file stores configurations for your Shopify app.
 
-scopes = "write_products"
+scopes = "write_products,write_metaobjects,write_metaobject_definitions"