qr-super-generator

Privacy Policy for QR Super Generator

Last Updated: January 2024

1. Introduction

This Privacy Policy describes how QR Super Generator (“we,” “our,” or “us”) collects, uses, and protects your information when you use our Chrome extension. We are committed to protecting your privacy and ensuring transparency about our data practices.

2. Information We Collect

2.1 Data You Provide

• QR Code Content: Text, URLs, WiFi credentials, and other data you choose to encode into QR codes
• Settings and Preferences: Your customization choices and extension settings
• Export Data: Information included when you export QR codes

2.2 Automatically Collected Data

• Usage Analytics: Anonymized data about how you use the extension (optional, can be disabled)
• Performance Metrics: Anonymous performance data to improve the extension
• Error Reports: Anonymous crash reports and error logs

2.3 Data We Do NOT Collect

• Personal Identifiers: We do not collect names, emails, or personal identifiers
• Browsing History: We do not track your browsing activity outside of QR generation
• Sensitive Data: We do not collect payment information, passwords, or sensitive personal data
• Cross-Site Data: We do not track you across other websites

3. How We Use Your Information

3.1 Primary Uses

• Core Functionality: Generate QR codes based on your input
• Data Storage: Save your QR code history locally on your device
• Customization: Remember your preferences and settings
• Export Services: Create downloadable files of your QR codes

3.2 Analytics (Optional)

• Usage Patterns: Understand which features are most valuable
• Performance Optimization: Identify and fix performance issues
• Feature Development: Decide what features to build next

3.3 No Commercial Use

• We do NOT sell your data to third parties
• We do NOT use your data for advertising
• We do NOT share your data with marketers

4. Data Storage and Security

4.1 Local Storage

• Primary Storage: All your QR codes and data are stored locally on your device
• Chrome Storage: Uses Chrome’s secure local storage APIs
• No Cloud Storage: Your QR code content is not uploaded to our servers

4.2 Security Measures

• Encryption: Sensitive data is encrypted using industry-standard methods
• Access Control: Only you have access to your data
• Secure Transmission: Any network requests use HTTPS encryption
• Regular Updates: Security patches are applied promptly

4.3 Data Retention

• Local Control: You control how long data is stored on your device
• Manual Deletion: You can delete your data at any time through the extension
• Automatic Cleanup: Old data can be automatically cleaned up based on your settings

5. Third-Party Services

5.1 QR Code Generation

• Local Processing: QR codes are generated locally using the qrcode.js library
• No External APIs: No external services are used for QR generation
• Offline Capability: The extension works completely offline

5.2 Analytics (Optional)

• Anonymous Data: If enabled, only anonymous usage statistics are collected
• No Personal Information: Analytics data cannot be linked back to you
• Opt-Out Available: You can disable analytics at any time

6. Your Rights and Controls

6.1 Data Access

• Full Access: You can view all data stored by the extension
• Export Data: You can export your QR code history at any time
• Data Portability: Exported data is in standard formats (JSON, CSV)

6.2 Data Control

• Delete Data: Remove individual QR codes or clear all data
• Settings Control: Modify all privacy and data collection settings
• History Management: Control what data is saved and for how long

6.3 Privacy Settings

• Analytics Toggle: Enable or disable usage analytics
• Data Retention: Set how long to keep QR code history
• Auto-Delete: Configure automatic cleanup of old data

7. GDPR Compliance (EU Users)

7.1 Legal Basis

• Legitimate Interest: Providing core QR generation functionality
• Consent: For optional analytics and data collection
• User Control: You have full control over your data

7.2 Your GDPR Rights

• Right to Access: Request access to your personal data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Portability: Receive your data in a portable format
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent for data processing

7.3 Data Protection Officer

• Email: privacy@qr-super-generator.com
• Response Time: Within 30 days as required by GDPR

8. CCPA Compliance (California Users)

8.1 California Rights

• Right to Know: Categories of personal information collected
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale of personal information
• Non-Discrimination: No discrimination for exercising your rights

8.2 Data Sale Disclosure

• No Sale: We do not sell personal information to third parties
• No Sharing: We do not share personal information for monetary value

9. Children’s Privacy

9.1 Age Restrictions

• 13+ Only: This extension is not intended for children under 13
• Parental Consent: Users under 18 should have parental consent
• No Targeting: We do not knowingly collect data from children

9.2 COPPA Compliance

• No Collection: We do not knowingly collect information from children under 13
• Immediate Deletion: Any such data is immediately deleted upon discovery
• Parental Rights: Parents can contact us to review or delete their child’s data

10. International Data Transfers

10.1 Data Location

• Local Storage: Data is stored locally on your device
• No International Transfers: Your QR data does not leave your device
• Analytics Only: Only anonymous analytics may be transmitted internationally

10.2 Safeguards

• Standard Contractual Clauses: For any international data processing
• Adequacy Decisions: Transfers only to countries with adequate protection
• User Consent: Clear consent for any international transfers

11. Data Breach Notification

11.1 Breach Response

• Immediate Action: Immediate steps to contain and assess any breach
• User Notification: Affected users notified within 72 hours
• Regulatory Notification: Relevant authorities notified as required
• Remediation: Steps taken to prevent future breaches

11.2 Breach Prevention

• Security Monitoring: Continuous monitoring for security threats
• Regular Audits: Regular security audits and penetration testing
• Employee Training: Regular security training for all team members
• Incident Response Plan: Comprehensive plan for handling security incidents

12. Contact Information

12.1 Privacy Questions

• Email: privacy@qr-super-generator.com
• Response Time: Within 5 business days
• Languages: English, with translation available upon request

12.2 Data Protection Requests

• Subject Access Requests: Use the form at our website
• Deletion Requests: Email with specific details
• Correction Requests: Provide details of inaccurate information

13. Changes to This Policy

13.1 Policy Updates

• Notification: Users notified of significant changes
• Effective Date: Changes effective 30 days after notification
• Version History: Previous versions available upon request

13.2 Continued Use

• Acceptance: Continued use constitutes acceptance of changes
• Opt-Out: You may uninstall the extension if you disagree with changes
• Granular Consent: New features requiring consent will ask explicitly

14. Legal Compliance

14.1 Applicable Laws

• GDPR: General Data Protection Regulation (EU)
• CCPA: California Consumer Privacy Act (US)
• PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
• Local Laws: Compliance with applicable local privacy laws

14.2 Regulatory Cooperation

• Authority Cooperation: Full cooperation with regulatory authorities
• Compliance Monitoring: Regular compliance assessments
• Legal Updates: Prompt updates for new legal requirements

15. Technical Implementation

15.1 Privacy by Design

• Data Minimization: Collect only necessary data
• Purpose Limitation: Use data only for stated purposes
• Storage Limitation: Store data only as long as necessary
• Transparency: Clear information about data practices

15.2 Security Measures

• Encryption at Rest: Local data encrypted on device
• Secure Communication: All network requests use HTTPS
• Access Controls: Strict access controls for any cloud services
• Regular Updates: Prompt security updates and patches

---

Effective Date: January 1, 2024
Last Review: January 2024
Next Review: January 2025

For the most current version of this Privacy Policy, please visit: [Privacy Policy URL]

Contact Us: If you have any questions about this Privacy Policy, please contact us at privacy@qr-super-generator.com