Skip to content
Start free
Legal · updated 2026-05-02

Acceptable Use Policy (UK)

Plain-English version. Your jurisdiction-specific terms appear at the bottom of the document. Switch jurisdictions if you'd prefer different rules.

Plain-English drafts. These pages are written for clarity, not as substitute legal advice. For binding interpretation, the version executed via dpo@qrnfctap.com on letterhead controls.

Acceptable Use Policy

Last updated: 2026-05-02

This Acceptable Use Policy ("AUP") sets out the rules for using QR NFC Tap. It is incorporated into the Terms of Service. Breach is grounds for suspension or termination of your account.

1. Prohibited content

You may not use the QR NFC Tap service to create, host, or distribute content that is:

1.1 Illegal in the country of the data subject or content recipient

  • Child sexual abuse material (CSAM)
  • Terrorism propaganda or recruitment material
  • Material that incites violence against protected groups
  • Stolen credentials, payment cards, or personal data
  • Counterfeit goods or services
  • Material that violates export-control or sanctions law

1.2 Deceptive or harmful

  • Phishing — QR codes that lead to login pages designed to steal credentials, regardless of which brand is impersonated
  • Malware distribution — QRs that link to executables, drive-by-download pages, or social-engineering installer chains
  • Deceptive QR redirects — QRs that misrepresent their destination (e.g. "Wi-Fi" QR that secretly opens a paid-content page; QR pretending to be from a brand you don't represent)
  • Survey scams, fake giveaways, "you won an iPhone" patterns
  • Content that exploits a vulnerable population (children, the elderly, distressed users)

1.3 IP infringement

  • Content that violates copyright, trade marks, patents, or trade secrets you do not own or licence
  • Counterfeit branding (using third-party logos without permission)

1.4 Privacy violations

  • QR codes whose destination collects personal data without a Privacy Policy
  • Lead-form QRs that don't disclose what data is collected or who is collecting it
  • Surveillance use (e.g. covert location tracking of individuals without consent)

1.5 Illegal commercial uses

  • Unlicensed gambling, regulated-pharma, or regulated-financial services without the requisite licence in the jurisdiction
  • Adult content distributed without age-gating (where required by law)
  • High-yield investment scams, multi-level marketing variants where prohibited by law
  • Sale of regulated weapons/ammunition without licence

2. Prohibited technical activities

  • Probing, scanning, or testing the vulnerability of any system without our written permission (responsible disclosure: security@qrnfctap.com)
  • Circumventing rate limits, IP blocks, or access controls
  • Automated mass account creation
  • Sending unsolicited commercial messages (spam) using QR NFC Tap's email/SMS features
  • Scraping or harvesting data from the Service beyond the public API (rate-limited and authenticated)
  • Reverse-engineering, decompiling, or attempting to extract source code

3. Acceptable use in scale + volume

The Service has fair-use limits. Where you exceed your tier's limits significantly or sustainedly:

  • Free tier: 5 dynamic QRs, 10K scans/month — fair-use throttle at 100 req/min from a single source
  • Pro tier: 50 dynamic, 100K scans/month — API rate 10 req/s
  • Business: 500 dynamic, 1M scans/month — API rate 50 req/s
  • Agency: unlimited customer accounts; per-customer-domain rate limits apply
  • Enterprise: by contract

Sustained excess will trigger an automated email + soft throttle. Burst allowance ~3× the steady rate for 1 minute.

4. Reporting abuse

If you see content on a QR NFC Tap-served URL that violates this AUP, please report it:

  • Email: abuse@qrnfctap.com
  • Include: the offending URL or QR slug, the AUP clause you believe is breached, evidence (screenshot if visual)
  • SLA: We acknowledge within 24 hours, take a decision within 5 business days for routine cases (faster for CSAM, terror content, active phishing — these get same-day action)

For copyright takedowns, see the DMCA process in our Terms of Service section 9.

5. Enforcement

When we identify a breach (whether by abuse report, automated detection, or otherwise), we typically:

  1. Notice + cure — for non-imminent issues, we email the account holder, describe the breach, and give 24-72 hours to remedy.
  2. Suspension — for imminent harm (active phishing, CSAM, immediate platform threat), we suspend without prior notice and email afterward.
  3. Termination — for repeated or severe breaches, we close the account.
  4. Legal escalation — for criminal content, we report to relevant authorities (NCMEC for CSAM, NCA / IWF / CTIRU as applicable, and equivalents in your jurisdiction).

Suspended accounts: the QR redirects are disabled (existing print runs stop working until reinstatement); account data is preserved for 30 days unless legal hold applies.

6. Appeal

If your account is suspended or terminated and you believe it was in error, write to appeals@qrnfctap.com with your account email + reason. A different member of staff (not the original decision-maker) reviews. Decision in 5 business days.

7. Changes

We update this AUP when patterns of abuse evolve. Material changes notified by email with 14 days' notice. Continued use after the effective date constitutes acceptance.

8. Questions

abuse@qrnfctap.com for reports. support@qrnfctap.com for grey areas — we'd rather you ask than guess.

Need anything else?

Contact options.

Privacy / DSAR Access, deletion, correction dpo@qrnfctap.com →
Abuse / takedown Phishing, IP, illegal content abuse@qrnfctap.com →
Security disclosure Responsible-disclosure programme security@qrnfctap.com →
DPA (B2B Article 28) Sign for your company View DPA template →
Start free Shop cards