Privacy Policy

1. Introduction

Queblornvakax ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website queblornvakax.world and purchase our products.

We comply with the General Data Protection Regulation (GDPR), the Irish Data Protection Act 2018, and other applicable data protection laws.

2. Data Controller Information

The data controller responsible for your personal data is:

• Company Name: Queblornvakax
• Address: 1 Birch Grove, Kill Ave, Dún Laoghaire, Dublin, A96 TX07, Ireland
• Email: service@queblornvakax.world

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide

• Identity Data: Name, title
• Contact Data: Email address, telephone number, delivery address
• Transaction Data: Details about payments and purchases
• Communication Data: Your correspondence with us, including messages submitted through our contact form

3.2 Information Collected Automatically

• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
• Usage Data: Information about how you use our website, products, and services

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Data Protection Act 2018 (Ireland):

• Consent (Article 6(1)(a) GDPR): Where you have given clear consent—for example, non-essential cookies (where applicable) or marketing emails, where we ask for it
• Contract (Article 6(1)(b) GDPR): Processing necessary to take steps at your request before a contract, to perform a contract with you (such as fulfilling orders), or to manage your customer relationship
• Legal Obligation (Article 6(1)(c) GDPR): Where we must comply with Irish or EU law (for example, tax, accounting, or consumer protection records)
• Legitimate Interests (Article 6(1)(f) GDPR): Where necessary for our legitimate interests (such as website security, fraud prevention, or improving our services), provided your rights and freedoms do not override those interests

Where we process special categories of personal data (if any), we will only do so where a specific condition in Article 9 GDPR applies and, where required, with your explicit consent.

5. How We Use Your Data

We use your personal data for the following purposes:

• Processing and fulfilling your orders
• Managing your account and customer relationship
• Communicating with you about your orders and inquiries
• Sending marketing communications only where you have opted in and can withdraw consent at any time
• Improving our website and services
• Complying with legal obligations
• Preventing fraud and ensuring security

6. Data Sharing and Disclosure

We may share your personal data with:

• Service Providers: Third-party companies that perform services on our behalf, such as payment processing, shipping, and email services
• Legal Authorities: When required by law or to protect our rights
• Business Transfers: In connection with any merger, sale, or acquisition

We do not sell your personal data to third parties for their marketing purposes.

7. International Data Transfers

Your personal data is primarily processed within the EEA. If we transfer personal data to countries outside the EEA (for example, where a service provider is located in the United States or elsewhere), we will ensure a lawful transfer mechanism applies under Chapter V GDPR, such as:

• An adequacy decision of the European Commission (including, where applicable, the UK or other countries listed as adequate)
• Appropriate safeguards such as the EU Commission-approved Standard Contractual Clauses (SCCs), supplemented where required by UK or Irish law
• Another derogation under Article 49 GDPR, only where permitted

You may request further information about transfers and a copy of relevant safeguards by contacting us using the details below.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Transaction Data: 7 years for tax and accounting purposes
• Marketing Data: Until you withdraw consent or unsubscribe
• Technical Data: Up to 2 years where we use analytics or similar tools; shorter retention may apply for basic server logs
• Communication Data: 3 years from your last interaction

9. Your Rights

Under GDPR and the Data Protection Act 2018 (Ireland), you have the following rights in relation to your personal data (subject to conditions and exceptions in law):

• Right of access: Request confirmation of processing and a copy of your personal data
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure ("right to be forgotten"): Request deletion where applicable
• Right to restriction of processing: Request that we limit processing in certain circumstances
• Right to data portability: Receive personal data you provided in a structured, commonly used, machine-readable format, where processing is based on consent or contract and is automated
• Right to object: Object to processing based on legitimate interests or to direct marketing (including profiling related to marketing)
• Rights related to automated decision-making: Where applicable, rights described in section 10 below
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal

To exercise any of these rights, please contact us using the details below. We will respond within one month in principle, or within two further months where a request is complex (we will inform you if an extension applies).

There is no fee unless your request is manifestly unfounded or excessive; in such cases we may charge a reasonable fee or refuse the request as permitted by law.

10. Automated Decision-Making and Profiling

We do not use solely automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you. If this changes, we will inform you, explain the logic involved, and describe the significance and envisaged consequences, and we will rely on a lawful basis under GDPR.

11. Direct Marketing

We will only send you electronic direct marketing (for example, email newsletters or promotional offers) where we have your prior consent or another lawful basis under Irish and EU law. Every marketing message will include a simple way to opt out (such as an unsubscribe link), and you may also contact us at any time to object to marketing.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS encryption for data transmission
• Secure servers and databases
• Access controls and authentication
• Regular security assessments
• Employee training on data protection

13. Cookies and Similar Technologies

We use cookies and similar technologies (such as local storage where used only to remember your cookie choices) on our website. For detailed information, please see our Cookie Policy. Use of non-essential cookies or similar technologies will be aligned with the ePrivacy rules and Irish implementation (including S.I. No. 336 of 2011, as amended), including consent where required.

14. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read the privacy policies of any third-party websites you visit.

15. Children's Privacy

Our website and products are not directed at children. We do not knowingly collect personal data from anyone under 18. If you are a parent or guardian and believe we have collected data from a child, please contact us so we can delete it. In Ireland, the digital age of consent for information society services can be 16 in certain circumstances under national law implementing Article 8 GDPR; our services are intended for adults who can lawfully purchase dietary supplements.

16. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Where required by law, we will obtain your consent or give you additional notice.

17. Complaints and Supervisory Authority

If you have concerns about how we handle your personal data, you may contact us first using the details below. You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement. In Ireland, the supervisory authority is the Data Protection Commission (DPC):

• Website: https://www.dataprotection.ie
• Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland

This does not affect your right to seek a judicial remedy.