Privacy Policy
Last updated: 15 May 2026 — for users in Nigeria
1. Data controller and applicable law
The data controller for the processing of personal data through easyfreeqr.com is TFB Beyond UG (i.G.), Blieschendorferweg 24, 23769 Fehmarn, Germany. For users in Nigeria, this policy is intended to comply with the Nigeria Data Protection Act 2023 (NDPA 2023) and, where still applicable, the Nigeria Data Protection Regulation 2019 (NDPR). The supervisory authority is the Nigeria Data Protection Commission (NDPC): ndpc.gov.ng.
2. Data processing in the browser
QR code generation on easyfreeqr.com takes place entirely in the user's browser (client-side in JavaScript). The data you enter (URLs, texts, Wi-Fi credentials, contact details, uploaded logos, etc.) is never transmitted to our server, but is processed directly on your device. We do not replace your link with a tracking URL — the scanned QR code contains exactly the data you entered.
3. Principles of processing under NDPA 2023
Where we do process limited personal data, we apply the principles set out in section 24 of the NDPA 2023 and Article 2.1 of the NDPR:
- processing fairly, lawfully and transparently;
- collection for specific, explicit and legitimate purposes;
- adequacy, relevance and limitation to what is necessary;
- accuracy and up-to-date data;
- retention only for as long as is necessary;
- integrity and confidentiality through appropriate security measures;
- accountability — we can demonstrate our compliance with these principles.
4. Server-side logs (hosting)
When you access the website, technical data (IP address, user agent, requested URL, timestamp, referrer) is stored by the hosting provider (Netlify Inc., 44 Montgomery Street, Suite 300, San Francisco, CA 94104, USA) in server logs as standard. Lawful basis under section 25(1)(f) of the NDPA 2023: our legitimate interest in the operational security and integrity of the service. This data is automatically deleted after 7 days.
5. External CDNs (jsDelivr)
When you load the page, the following JavaScript libraries are loaded via the jsDelivr CDN (operated by Prospect One Sp. z o.o. via Cloudflare & Fastly):
- qr-code-styling — for the actual QR code generation
- jsPDF — for the PDF download
- Simple Icons — for official platform logos (only when "Social Media" is selected)
During loading, your IP address, user agent and referrer are transmitted to jsDelivr / Cloudflare / Fastly. We use these CDNs for performance reasons. We use Subresource Integrity (SRI) to prevent tampering with the loaded scripts.
6. Cookies
We use exclusively:
- Strictly necessary cookies (local in the browser,
localStorage): stores your cookie choice. - Advertising cookies (Google AdSense) — only with your explicit consent under section 25(1)(a) NDPA 2023.
You may withdraw your consent at any time via the "Cookie settings" footer button.
7. Google AdSense (only after consent)
This website uses Google AdSense (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to deliver advertisements. The AdSense script is only loaded dynamically after your explicit consent — before that, no data is transferred to Google whatsoever. Personalised ads are only delivered after your consent. More information: Google Privacy Policy.
8. Your rights as a data subject under NDPA 2023
In accordance with Part VI of the NDPA 2023 (sections 34 to 40) and the NDPR, you have the right to:
- be informed about the processing of your personal data;
- request access to your personal data;
- request rectification of inaccurate or incomplete data;
- request erasure ("right to be forgotten") where the legal grounds apply;
- request restriction of processing;
- data portability in a structured, commonly used and machine-readable format;
- object to processing, including profiling and direct marketing;
- withdraw consent at any time, without affecting prior lawful processing;
- not be subject to a decision based solely on automated processing;
- lodge a complaint with the Nigeria Data Protection Commission (ndpc.gov.ng).
To exercise these rights, please contact: hello@schnelligkeitstest.de.
9. Cross-border transfer of personal data
As we operate from Germany, personal data processed in server logs is processed in the European Union (Netlify regions) and may be transferred to the United States. Such transfers are carried out in accordance with sections 41 to 43 of the NDPA 2023, on the basis of adequate protection mechanisms recognised by the NDPC, including standard contractual clauses and certified frameworks of the recipient country.
10. Amazon Associates Programme (affiliate links)
On the recommendations page as well as on individual topic pages, we link to products via the Amazon Associates Programme. These links are labelled as "Ad" or "sponsored". If you click such a link and make a purchase, we receive a small commission — at no extra cost to you. A tracking cookie is set by Amazon to attribute the purchase. Legal basis: your consent through clicking. You may avoid this at any time by not clicking our affiliate links.
11. Data controller
See Legal Notice.