tknuth/QR-master
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MVP

Browse Source
This commit is contained in:
Timo Knuth
2025-10-18 17:55:32 +02:00
parent 254e6490b8
commit 91b78cb284
65 changed files with 4481 additions and 1078 deletions
Download Patch File Download Diff File Expand all files Collapse all files

228
src/app/(marketing)/privacy/page.tsx Normal file
View File

@@ -0,0 +1,228 @@
import React from 'react';
import Link from 'next/link';
export const metadata = {
title: 'Privacy Policy | QR Master',
description: 'Privacy Policy and data protection information for QR Master',
};
export default function PrivacyPage() {
return (
<div className="min-h-screen bg-white py-12">
<div className="container mx-auto px-4 sm:px-6 lg:px-8 max-w-4xl">
<div className="mb-8">
<Link href="/" className="text-primary-600 hover:text-primary-700 font-medium">
Back to Home
</Link>
</div>
<h1 className="text-4xl font-bold text-gray-900 mb-4">Privacy Policy</h1>
<p className="text-gray-600 mb-8">Last updated: January 2025</p>
<div className="prose prose-lg max-w-none">
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">1. Introduction</h2>
<p className="text-gray-700 mb-4">
Welcome to QR Master ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data.
This privacy policy will inform you about how we look after your personal data when you visit our website and use our services,
and tell you about your privacy rights and how the law protects you.
</p>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">2. Information We Collect</h2>
<p className="text-gray-700 mb-4">We collect and process the following data about you:</p>
<h3 className="text-xl font-semibold text-gray-900 mb-3">2.1 Information You Provide</h3>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li><strong>Account Information:</strong> Name, email address, and password when you create an account</li>
<li><strong>Payment Information:</strong> Payment details processed securely through Stripe (we do not store credit card information)</li>
<li><strong>QR Code Data:</strong> Content, URLs, and customization settings for QR codes you create</li>
<li><strong>Profile Information:</strong> Any additional information you choose to provide</li>
</ul>
<h3 className="text-xl font-semibold text-gray-900 mb-3">2.2 Information We Collect Automatically</h3>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li><strong>Usage Data:</strong> QR code scans, analytics data, and interaction with our services</li>
<li><strong>Technical Data:</strong> IP address, browser type, device information, and operating system</li>
<li><strong>Analytics Data:</strong> Website usage analytics collected via PostHog (only with your consent)</li>
<li><strong>Cookies:</strong> We use cookies to improve your experience (see our Cookie Policy below)</li>
</ul>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">3. How We Use Your Information</h2>
<p className="text-gray-700 mb-4">We use your personal data for the following purposes:</p>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li>To provide and maintain our QR code generation and analytics services</li>
<li>To process your payments and manage your subscription</li>
<li>To provide customer support and respond to your inquiries</li>
<li>To improve our services and develop new features</li>
<li>To detect and prevent fraud and abuse</li>
<li>To comply with legal obligations</li>
</ul>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">4. Legal Basis for Processing (GDPR)</h2>
<p className="text-gray-700 mb-4">We process your personal data under the following legal bases:</p>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li><strong>Contract Performance:</strong> Processing necessary to provide our services to you</li>
<li><strong>Consent:</strong> Where you have given clear consent for specific purposes</li>
<li><strong>Legitimate Interests:</strong> For improving our services, security, and fraud prevention</li>
<li><strong>Legal Obligation:</strong> To comply with applicable laws and regulations</li>
</ul>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">5. Data Sharing and Third Parties</h2>
<p className="text-gray-700 mb-4">We may share your data with the following third parties:</p>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li><strong>Stripe:</strong> Payment processing (subject to Stripe's privacy policy)</li>
<li><strong>PostHog:</strong> Website analytics platform for tracking user behavior and improving our services (only with your consent, subject to PostHog's privacy policy)</li>
<li><strong>Cloud Hosting:</strong> Vercel and database providers for hosting our services</li>
<li><strong>Service Providers:</strong> Companies that help us provide our services (under strict confidentiality agreements)</li>
<li><strong>Legal Requirements:</strong> When required by law or to protect our rights</li>
</ul>
<p className="text-gray-700 mb-4">
We do not sell your personal data to third parties. PostHog analytics are only activated if you accept analytics cookies,
and we use privacy-friendly settings including respecting Do Not Track (DNT) headers.
</p>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">6. Data Security</h2>
<p className="text-gray-700 mb-4">
We implement appropriate technical and organizational measures to protect your personal data, including:
</p>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li>Secure HTTPS transmission for data in transit</li>
<li>Secure password hashing using bcrypt</li>
<li>Database security and access controls</li>
<li>Cookie-based authentication with HttpOnly flags</li>
<li>CSRF protection for sensitive operations</li>
<li>Rate limiting to prevent abuse</li>
</ul>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">7. Data Retention</h2>
<p className="text-gray-700 mb-4">
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:
</p>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li><strong>Active Accounts:</strong> Data retained while your account is active</li>
<li><strong>Deleted Accounts:</strong> Most data deleted immediately upon account deletion</li>
<li><strong>Legal Requirements:</strong> Some data may be retained to comply with legal obligations</li>
<li><strong>Analytics Data:</strong> Aggregated, anonymized data may be retained indefinitely</li>
</ul>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">8. Your Rights (GDPR)</h2>
<p className="text-gray-700 mb-4">Under GDPR, you have the following rights:</p>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li><strong>Right to Access:</strong> Request a copy of your personal data</li>
<li><strong>Right to Rectification:</strong> Correct inaccurate or incomplete data (edit name in settings)</li>
<li><strong>Right to Erasure:</strong> Request deletion of your data (account deletion available in settings)</li>
<li><strong>Right to Restriction:</strong> Request limitation of processing</li>
<li><strong>Right to Data Portability:</strong> Receive your data in a portable format (available upon request)</li>
<li><strong>Right to Object:</strong> Object to processing based on legitimate interests</li>
<li><strong>Right to Withdraw Consent:</strong> Withdraw consent at any time</li>
</ul>
<p className="text-gray-700 mb-4">
To exercise these rights, please contact us at{' '}
<a href="mailto:privacy@qrmaster.com" className="text-primary-600 hover:text-primary-700">
privacy@qrmaster.com
</a>
</p>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">9. Cookies</h2>
<p className="text-gray-700 mb-4">
We use cookies to improve your experience on our website. Cookies are small text files stored on your device.
</p>
<h3 className="text-xl font-semibold text-gray-900 mb-3">Types of Cookies We Use:</h3>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li><strong>Essential Cookies:</strong> Required for authentication and basic functionality (userId, CSRF token)</li>
<li><strong>Preference Cookies:</strong> Remember your settings and cookie consent preferences (cookieConsent)</li>
<li><strong>Analytics Cookies:</strong> PostHog analytics cookies to track page views, user behavior, and improve our services (only with your consent)</li>
</ul>
<p className="text-gray-700 mb-4">
You can control cookies through your browser settings and our cookie banner. Analytics cookies are only set if you accept them
through our cookie banner. Essential cookies are required for the website to function and cannot be disabled.
</p>
<h3 className="text-xl font-semibold text-gray-900 mb-3">PostHog Analytics:</h3>
<p className="text-gray-700 mb-4">
PostHog is our analytics platform that helps us understand how users interact with our website. When you accept analytics cookies:
</p>
<ul className="list-disc pl-6 mb-4 text-gray-700 space-y-2">
<li>PostHog tracks page views, clicks, and user journeys</li>
<li>We collect device type, browser, operating system, and referral source</li>
<li>PostHog respects Do Not Track (DNT) browser settings</li>
<li>No personally identifiable information (PII) is sent to PostHog without explicit identification</li>
<li>Data is processed in accordance with PostHog's privacy policy</li>
</ul>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">10. International Data Transfers</h2>
<p className="text-gray-700 mb-4">
Your data may be transferred to and processed in countries outside the European Economic Area (EEA).
We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and
adequacy decisions by the European Commission.
</p>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">11. Children's Privacy</h2>
<p className="text-gray-700 mb-4">
Our services are not intended for children under 16 years of age. We do not knowingly collect personal data
from children. If you believe we have collected data from a child, please contact us immediately.
</p>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">12. Changes to This Policy</h2>
<p className="text-gray-700 mb-4">
We may update this privacy policy from time to time. We will notify you of significant changes through
a prominent notice on our website. Continued use of our services after changes constitutes
acceptance of the updated policy.
</p>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">13. Contact Us</h2>
<p className="text-gray-700 mb-4">
If you have any questions about this privacy policy or our data practices, please contact us:
</p>
<div className="bg-gray-50 p-6 rounded-lg">
<p className="text-gray-700 mb-2"><strong>Email:</strong> privacy@qrmaster.com</p>
<p className="text-gray-700 mb-2"><strong>Website:</strong> <a href="/" className="text-primary-600 hover:text-primary-700">qrmaster.com</a></p>
</div>
</section>
<section className="mb-8">
<h2 className="text-2xl font-bold text-gray-900 mb-4">14. Supervisory Authority</h2>
<p className="text-gray-700 mb-4">
If you are located in the EEA and believe we have not addressed your concerns adequately,
you have the right to lodge a complaint with your local data protection supervisory authority.
</p>
</section>
</div>
<div className="mt-12 pt-8 border-t border-gray-200">
<p className="text-gray-600 text-center">
<Link href="/terms" className="text-primary-600 hover:text-primary-700 mr-4">
Terms of Service
</Link>
<Link href="/" className="text-primary-600 hover:text-primary-700">
Back to Home
</Link>
</p>
</div>
</div>
</div>
);
}