Privacy Policy

1. Introduction and scope

This Privacy Policy explains how easyfreeqr.com (the "service"), operated by TFB Beyond UG (i.G.), Germany (the "operator", "we", "us"), handles personal data of users accessing the service from Jamaica. We have prepared this policy with reference to the Data Protection Act, 2020 of Jamaica (the "DPA") and the eight Data Protection Standards established under the DPA, as overseen by the Office of the Information Commissioner (OIC) of Jamaica.

2. Data processing in the browser

QR code generation on easyfreeqr.com takes place entirely in your browser (client-side in JavaScript). The data you enter (URLs, texts, Wi-Fi credentials, contact details, uploaded logos, etc.) is never transmitted to our servers; it is processed directly on your device. We do not replace your link with a tracking URL — the scanned QR code contains exactly the data you entered.

3. Server-side logs (hosting)

When you access the website, technical data (IP address, user agent, requested URL, timestamp, referrer) is stored by the hosting provider (Netlify Inc., 44 Montgomery Street, Suite 300, San Francisco, CA 94104, USA) in server logs as standard. This data is processed for operational security and to deliver the website to you, in line with our legitimate interests as operator. Logs are automatically deleted after 7 days.

4. External CDNs (jsDelivr)

The following JavaScript libraries are loaded via the jsDelivr CDN (operated by Prospect One Sp. z o.o., delivered through Cloudflare and Fastly):

• qr-code-styling — for QR code rendering
• jsPDF — for the PDF download
• Simple Icons — for official platform logos (Instagram, Facebook, etc.; only when "Social Media" is selected)

During loading, your IP address, user agent and referrer are transmitted to the CDN. We use these CDNs for performance reasons. We apply Subresource Integrity (SRI) to prevent tampering with the loaded scripts.

5. Cookies

We use only the following:

• Strictly necessary storage (local in the browser, localStorage): stores your cookie/consent choice so that we do not ask again on every visit.
• Advertising cookies (Google AdSense) — only after your explicit consent.

You may withdraw your consent at any time via the "Cookie settings" footer button.

6. Google AdSense (only after consent)

This website may display advertisements via Google AdSense (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). The AdSense script is loaded dynamically only after your explicit consent — before that, no data is transferred to Google. Once loaded, Google may use cookies to serve relevant ads. Personalised advertising is delivered only when you have given consent via Consent Mode v2. More information: Google Privacy Policy.

7. Amazon Associates Programme (affiliate links)

On the recommendations page as well as on individual topic pages, we link to products through the Amazon Associates Programme. These links are labelled as "Ad" or "sponsored". If you click such a link and then make a purchase on Amazon, we receive a small commission — at no extra cost to you. When you click an affiliate link, a tracking cookie is set by Amazon to attribute the purchase. You can prevent this by disabling cookies in your browser or by not clicking our affiliate links. Amazon privacy information: Amazon Privacy Notice.

8. Your rights under the Jamaica Data Protection Act, 2020

Where the Jamaica DPA applies to the processing of your personal data, you have the right to:

• Be informed about the processing of your personal data;
• Access the personal data we hold about you (subject access request);
• Have inaccurate personal data corrected;
• Request erasure or blocking of your personal data where the legal conditions are met;
• Object to processing that is likely to cause damage or distress;
• Object to direct marketing;
• Object to automated decision-making and request human review;
• Lodge a complaint with the Office of the Information Commissioner (OIC), Jamaica.

To exercise any of these rights, please contact us at hello@schnelligkeitstest.de.

9. The eight Data Protection Standards

We aim to handle personal data in line with the eight Standards under the Jamaica DPA: (1) lawful and fair processing; (2) processing for specified, explicit and legitimate purposes; (3) adequate, relevant and limited data; (4) accurate and up-to-date data; (5) retention only as long as necessary; (6) processing in accordance with data subject rights; (7) appropriate technical and organisational security measures; and (8) restrictions on transfers outside of Jamaica without adequate protection. Because QR generation runs entirely in your browser, the personal data we actually receive is minimal (mainly server logs and cookie-based advertising data after consent).

10. International data transfers

The operator is based in Germany. The hosting provider (Netlify) operates from the United States, and CDN providers operate global infrastructure. Where personal data is transferred outside Jamaica, we rely on contractual safeguards offered by these providers and, where applicable, internationally recognised data protection frameworks.

11. Supervisory authority

The supervisory authority for data protection in Jamaica is the Office of the Information Commissioner (OIC), Jamaica. You have the right to lodge a complaint with the OIC if you believe that the processing of your personal data infringes the Jamaica DPA.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our service or in applicable law. The current version is always available on this page; the "Last updated" date at the top indicates the most recent revision.

13. Data controller / responsible party

See Legal Notice for full provider and contact details.