QQuickQR
HomeFeedbackPricing

Privacy Policy

Last updated: July 12, 2026

This policy is written for users in the European Economic Area (EEA), the United Kingdom, the United States, and other regions. It describes how we process personal data when you use QuickQR at toolupgo.com.

Contents

  1. Who we are
  2. Scope
  3. Summary
  4. Data we do not collect
  5. Data we collect
  6. Purposes and legal bases
  7. Cookies and similar technologies
  8. Recipients and processors
  9. International transfers
  10. Retention
  11. Security
  12. Your rights (EEA / UK)
  13. Your rights (United States)
  14. Children
  15. Changes
  16. Contact and complaints

1. Who we are (data controller)

Lu Yang, operating ToolUp (“ToolUp”, “we”, “us”, “our”) operates QuickQR, a browser-based QR code generator.

Privacy contact: [email protected]
Website: https://toolupgo.com/qr

For the purposes of the EU General Data Protection Regulation (GDPR), UK GDPR, and applicable US state privacy laws, we act as the data controller (or “business”) for personal data described in this policy.

2. Scope

This Privacy Policy applies to your use of QuickQR on our website, including the home tool, SEO landing pages, Feedback form, and related pages. It does not apply to third-party websites or services linked from our site (for example Google AdSense or Cloudflare), which have their own privacy policies.

3. Summary

  • QR content stays on your device. We do not receive the text, URLs, Wi‑Fi credentials, or other payload you encode.
  • We collect limited data when you submit feedback, when you accept non-essential cookies (analytics and advertising), and when our infrastructure processes technical data for security.
  • We do not sell or share personal information for cross-context behavioral advertising as defined under the California Consumer Privacy Act (CCPA), as amended by the CPRA. Google AdSense, if you consent, may use cookies under Google’s own policies.
  • You control non-essential cookies through our cookie banner (Accept / Reject). See our Cookie Policy.

4. Data we do not collect

When you use the QR generator:

  • We do not upload your QR payload to our servers.
  • Logo images you select are processed locally in your browser only.
  • We do not require an account to use QuickQR in v0.1.
  • We do not knowingly collect QR content, scan analytics, or dynamic QR tracking data.

5. Personal data we collect

5.1 Feedback form

If you submit our Feedback form, we may process:

DataSourceRequired?
Feedback category (bug / feature / other)YouYes
Message contentYouYes
Email addressYouNo (optional)
Hashed IP addressAutomaticN/A
Browser user-agentAutomaticN/A
Submission timestampAutomaticN/A

We use Cloudflare Turnstile on the feedback form to mitigate abuse. Turnstile may process device and interaction signals; see Cloudflare’s Privacy Policy.

5.2 Analytics (only with consent)

If you click Accept on our cookie banner, we may process:

  • Aggregated page views and referrers via Cloudflare Web Analytics (if enabled)
  • Non-identifying product events (e.g. QR type selected, download completed) sent to our API — labels such as type, format, or reason only; never QR content or feedback text

5.3 Advertising (only with consent)

If you accept non-essential cookies, we load Google AdSense. Google may set cookies and process online identifiers to deliver and measure ads. We do not control Google’s processing. See Google Privacy Policy and Google partner sites policy.

5.4 Cookie preference

We store your choice (accepted or rejected) in browser local storage under qq_consent.

5.5 Strictly necessary technical data

Our host Cloudflare may process IP addresses, request metadata, and security tokens to deliver the site, prevent abuse, and protect availability. This processing is necessary to provide the service you request.

6. Purposes and legal bases (EEA / UK)

Where GDPR or UK GDPR applies, we rely on the following:

ProcessingPurposeLegal basis (Art. 6 GDPR)
Feedback storageOperate, support, and improve QuickQRLegitimate interests (Art. 6(1)(f)); Consent where required (checkbox)
Security (Turnstile, IP hashing, CDN)Prevent spam and protect infrastructureLegitimate interests (Art. 6(1)(f))
Analytics beacons / eventsUnderstand usage and fix errorsConsent (Art. 6(1)(a)) — non-essential cookies
AdSense cookies / scriptsDisplay and measure advertisingConsent (Art. 6(1)(a))
Legal complianceRespond to lawful requestsLegal obligation (Art. 6(1)(c)) where applicable

You may withdraw consent at any time by clearing site data for toolupgo.com or contacting us. Withdrawal does not affect processing already lawfully performed. Where we rely on legitimate interests, you mayobject as described in Section 12.

7. Cookies and similar technologies

We use cookies, local storage, and similar technologies as described in our Cookie Policy. Non-essential analytics and advertising technologies are loaded only after you Accept on our cookie banner.

8. Recipients and processors

We share personal data only as needed with the following categories of recipients:

RecipientRoleLocation
Cloudflare, Inc.Hosting, CDN, D1 database, Turnstile, Web AnalyticsGlobal / US
Google LLC (AdSense)Advertising (if you consent)US / global

We require processors to protect personal data under contractual and applicable legal standards. We do not sell personal information to data brokers.

9. International transfers

We and our processors may process data in countries outside your own, including the United States. Where GDPR or UK GDPR requires safeguards for transfers, we rely on:

  • Your consent (for non-essential cookies), where applicable
  • Appropriate safeguards offered by processors (such as the EU Standard Contractual Clauses or UK International Data Transfer Addendum, where applicable)
  • Legitimate interests for limited security and abuse-prevention processing

You may contact us for more information about transfer safeguards relevant to your request.

10. Retention

DataRetention period
Feedback records6 months from submission, unless deleted earlier upon request
Analytics / event logsShort operational retention per Cloudflare and our logging configuration
Cookie preference (qq_consent)Until you clear browser storage
Ad-related cookiesPer Google’s policies while consent remains active

11. Security

We implement appropriate technical and organizational measures, including HTTPS, access controls, and storing IP addresses only in hashed form for feedback. No method of transmission or storage is completely secure. If you believe your interaction with us is no longer secure, please notify us immediately.

12. Your rights (EEA / UK)

Subject to applicable law, you may have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Restrict processing
  • Object to processing based on legitimate interests
  • Data portability where processing is based on consent or contract and carried out by automated means
  • Withdraw consent at any time (without affecting prior lawful processing)
  • Lodge a complaint with a supervisory authority

To exercise these rights, email [email protected] with sufficient detail for us to identify your data (for example, the email you used in feedback and approximate date). We respond within one month, as required by GDPR, and may extend by two further months for complex requests (we will inform you).

Supervisory authorities (examples):

  • UK: Information Commissioner’s Office (ICO)
  • EEA: your local data protection authority — see the European Data Protection Board member list

13. Notice to US residents (including California)

Depending on your state of residence, you may have additional rights under US privacy laws (including the CCPA/CPRA for California residents).

13.1 Categories collected (last 12 months)

CategoryExamplesCollected?Source
IdentifiersEmail (optional), hashed IP, cookie IDs (if consented)YesYou / automatic
Internet or network activityAnalytics events, page views (if consented)Yes (with consent)Automatic
Customer recordsFeedback messageYesYou
Sensitive personal information—No—

13.2 Sale or share

We do not sell personal information. We do not share personal information for cross-context behavioral advertising except where you consent to third-party advertising cookies (Google AdSense), which operates under Google’s policies. You may limit ad personalization via Google Ads Settings and our cookie controls.

13.3 Your US rights

Where applicable, you may request to know, access, delete, or correct personal information, and you have the right to non-discrimination for exercising privacy rights. Submit requests to [email protected]. We will verify your request as permitted by law.

14. Children

QuickQR is not directed at children under 16 in the EEA/UK, or under 13 in the United States. We do not knowingly collect personal information from children. If you believe a child has provided personal data, contact us and we will delete it promptly.

15. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the “Last updated” date. Where required by law, we will provide additional notice (for example, a prominent site notice or refreshed consent for material changes to cookie processing).

16. Contact

Lu Yang, operating ToolUp
Email: [email protected]
Website: https://toolupgo.com/qr

This document is provided for transparency and compliance alignment. It does not constitute legal advice. For formal legal review, consult a qualified attorney in your target markets.

Ad placeholder · 320×50
Ad placeholder · 728×90
Tools
All typesWifiTextvCardUrlEmailPhone
PrivacyTermsCookiesFeedback

© 2026 QuickQR · Generated locally in your browser