Privacy Policy

1. Data controller and applicable law

The data controller for the processing of personal data through easyfreeqr.com is TFB Beyond UG (i.G.), Blieschendorferweg 24, 23769 Fehmarn, Germany. For users in Ghana, this policy is intended to comply with the Data Protection Act, 2012 (Act 843, Ghana). The supervisory authority is the Data Protection Commission Ghana: dataprotection.org.gh.

2. Data processing in the browser

QR code generation on easyfreeqr.com takes place entirely in the user's browser (client-side in JavaScript). The data you enter (URLs, texts, Wi-Fi credentials, contact details, uploaded logos, etc.) is never transmitted to our server, but is processed directly on your device. We do not replace your link with a tracking URL — the scanned QR code contains exactly the data you entered.

3. Data protection principles under Act 843

Where we do process limited personal data, we apply the principles set out in sections 17 to 24 of the Data Protection Act, 2012 (Act 843):

• Accountability — we are responsible for compliance with the Act (section 18).
• Lawfulness of processing — data is processed only with consent or another lawful justification (section 20).
• Specification of purpose — data is collected for explicitly defined and lawful purposes (section 21).
• Compatibility of further processing with purpose of collection — further processing must be compatible with the purpose for which the data was collected (section 22).
• Quality of information — we take reasonable steps to keep data complete, accurate and up to date (section 23).
• Openness — this Privacy Policy explains how we handle personal data (section 24).
• Data security safeguards — we use TLS encryption, Subresource Integrity (SRI) and limited retention periods (section 28).
• Data subject participation — you may exercise the rights set out in section 8 below (sections 32 to 41).

4. Server-side logs (hosting)

When you access the website, technical data (IP address, user agent, requested URL, timestamp, referrer) is stored by the hosting provider (Netlify Inc., 44 Montgomery Street, Suite 300, San Francisco, CA 94104, USA) in server logs as standard. Lawful basis under section 20(2) of Act 843: our legitimate interest in the operational security and integrity of the service. This data is automatically deleted after 7 days.

5. External CDNs (jsDelivr)

When you load the page, the following JavaScript libraries are loaded via the jsDelivr CDN (operated by Prospect One Sp. z o.o. via Cloudflare & Fastly):

• qr-code-styling — for the actual QR code generation
• jsPDF — for the PDF download
• Simple Icons — for official platform logos (only when "Social Media" is selected)

During loading, your IP address, user agent and referrer are transmitted to jsDelivr / Cloudflare / Fastly. We use these CDNs for performance reasons. We use Subresource Integrity (SRI) to prevent tampering with the loaded scripts.

6. Cookies

We use exclusively:

• Strictly necessary cookies (local in the browser, localStorage): stores your cookie choice.
• Advertising cookies (Google AdSense) — only with your explicit consent under section 20(1)(a) of Act 843.

You may withdraw your consent at any time via the "Cookie settings" footer button.

7. Google AdSense (only after consent)

This website uses Google AdSense (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to deliver advertisements. The AdSense script is only loaded dynamically after your explicit consent — before that, no data is transferred to Google whatsoever. Personalised ads are only delivered after your consent. More information: Google Privacy Policy.

8. Your rights as a data subject under Act 843

In accordance with sections 32 to 41 of the Data Protection Act, 2012, you have the right to:

• access your personal data held by us (section 35);
• request correction or deletion of personal data which is inaccurate, irrelevant, excessive, out-of-date, incomplete, misleading or obtained unlawfully (section 33);
• prevent processing likely to cause damage or distress (section 38);
• prevent processing for direct marketing purposes (section 39);
• object to decisions taken solely on the basis of automated processing (section 40);
• compensation for damage caused by unlawful processing (section 43);
• lodge a complaint with the Data Protection Commission Ghana (dataprotection.org.gh).

To exercise these rights, please contact: hello@schnelligkeitstest.de.

9. Cross-border transfer of personal data

As we operate from Germany, personal data processed in server logs is processed in the European Union (Netlify regions) and may be transferred to the United States. Such transfers are carried out in accordance with section 18(2) of Act 843, on the basis of adequate safeguards including standard contractual clauses and certified frameworks of the recipient country.

10. Amazon Associates Programme (affiliate links)

On the recommendations page as well as on individual topic pages, we link to products via the Amazon Associates Programme. These links are labelled as "Ad" or "sponsored". If you click such a link and make a purchase, we receive a small commission — at no extra cost to you. A tracking cookie is set by Amazon to attribute the purchase. Legal basis: your consent through clicking. You may avoid this at any time by not clicking our affiliate links.

11. Data controller

See Legal Notice.