Privacy Policy
Controller: Quolrixxkhoglore, trading from Geldersekade 84-A, 1012 BL Amsterdam, Netherlands (hereinafter “we”, “us”, or “the controller”).
Contact: supportcenter@quolrixxkhoglore.world · Telephone +31 20 624 0445 · Website https://quolrixxkhoglore.world/
Version: 1.0 · Effective date: 24 March 2025 · Language: English · Primary jurisdiction: Netherlands (EU/EEA)
This Privacy Policy explains how we collect and use personal data when you visit quolrixxkhoglore.world, browse information about the Vigorance food supplement, place an order request, submit a contact form, or otherwise interact with us. We apply the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Dutch GDPR Implementation Act (Uitvoeringswet AVG), and, where relevant, the ePrivacy rules for electronic communications.
1. Scope and roles
This policy covers processing carried out by Quolrixxkhoglore as an independent controller for its website, customer communications, and related records. If we use processors (for example hosting, email delivery, or payment service providers), they process data only on documented instructions and under contracts that meet Article 28 GDPR.
We do not sell personal data. We do not use automated decision-making that produces legal or similarly significant effects for you based solely on automated processing.
2. Categories of personal data
Depending on your interaction, we may process:
- Identity and contact data: name, delivery address (if collected during fulfilment), email address, telephone number where provided.
- Transaction data: product selection, order references, payment status (payment card data is handled by payment processors where applicable; we typically receive limited confirmation data rather than full card numbers).
- Communication data: messages you send through forms, email threads, and call notes when you contact us.
- Technical data: IP address, browser type, device identifiers, timestamps, referring pages, and similar server logs needed for security and diagnostics.
- Cookie and similar data: see our Cookie Policy for identifiers stored on your device when you consent.
- Compliance data: records of consent, marketing preferences, and complaints correspondence.
3. Purposes and legal bases
We process personal data only where a legal basis under Article 6 GDPR applies. The table below summarises main processing activities.
| Purpose | Legal basis | Further explanation |
|---|---|---|
| Operating the website, loading pages, and maintaining security | Legitimate interests (Article 6(1)(f)) and, where required, consent for non-essential cookies (Article 6(1)(a)) | We balance our interest in secure, reliable operations against your rights; essential cookies rely on necessity for the service. |
| Handling order requests, payments, delivery, and customer support | Performance of a contract and steps prior to contract (Article 6(1)(b)) | Processing is necessary to respond to your request and to perform any contract you enter into with us. |
| Responding to contact forms and enquiries | Legitimate interests and, where sensitive, steps at your request (Article 6(1)(b)/(f)) | We process your message content to assist you; special categories are not solicited on this website. |
| Accounting, tax, and regulatory record-keeping | Legal obligation (Article 6(1)(c)) | We retain certain records as required by Dutch commercial and tax law. |
| Analytics and aggregated statistics where cookies are used | Consent when non-essential tools are involved (Article 6(1)(a)) | You can withdraw consent via cookie settings without affecting lawfulness of prior processing. |
| Direct marketing communications where permitted | Consent or soft opt-in where legally available (Article 6(1)(a)) | We provide clear opt-in and unsubscribe mechanisms. |
4. Special categories of personal data
We do not ask you to share health data through this website. If you voluntarily disclose health-related information, we will restrict access, use it only to handle your request where necessary, and delete it when no longer needed unless a separate legal basis applies.
5. Sources of data
We receive personal data directly from you when you submit forms, email us, or call. We may receive technical data automatically from your browser. We may receive updates from payment service providers or carriers to confirm delivery status.
6. Recipients and transfers
We share personal data with:
- Service providers that host infrastructure, transmit email, or provide security monitoring, bound by Article 28 agreements.
- Payment processors and fraud prevention tools where a transaction occurs.
- Logistics partners for shipping and returns.
- Professional advisers (lawyers, accountants) under confidentiality duties.
- Authorities when required by law or a lawful request.
Where data is transferred outside the European Economic Area, we rely on adequacy decisions or appropriate safeguards such as Standard Contractual Clauses, supplemented by technical and organisational measures and transfer impact assessments where appropriate.
7. Retention periods
We keep personal data only as long as necessary for the purposes described, including statutory retention:
- Marketing consents and preferences: until you withdraw consent or object, then suppressed records may be kept as necessary to honour your choice.
- Contracts and invoices: up to seven years to meet Dutch tax and accounting obligations, unless longer retention is justified by disputes.
- Customer service correspondence: typically up to three years after the last interaction unless a claim requires longer retention.
- Server and security logs: rotated on a short cycle (often 30–180 days) unless longer retention is needed to investigate incidents.
- Cookie records: as described in the Cookie Policy, aligned with consent logs.
After retention periods expire, we delete or irreversibly anonymise data where possible.
8. Security measures
We implement appropriate technical and organisational measures, including access controls on a need-to-know basis, encryption in transit where HTTPS is used, secure development practices for our site content, logging and monitoring, vendor due diligence, and staff confidentiality expectations. No online transmission is completely risk-free; you should protect your devices and credentials.
9. Your rights
Under GDPR, you may have the following rights, subject to conditions and exemptions:
- Access: obtain confirmation whether we process your data and receive a copy.
- Rectification: correct inaccurate data.
- Erasure: request deletion where grounds apply (for example unnecessary data or withdrawn consent without another basis).
- Restriction: limit processing in defined circumstances.
- Data portability: receive structured, commonly used data you provided where processing is based on consent or contract and carried out by automated means.
- Object: object to processing based on legitimate interests or to direct marketing.
- Withdraw consent: where processing is consent-based, without affecting lawfulness before withdrawal.
- Complaint: lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.
To exercise rights, contact supportcenter@quolrixxkhoglore.world or write to our Amsterdam address. We may request reasonable identity verification. We will respond within one month, extendable by two further months where complex, informing you of any extension.
10. Children
Our services target adults. We do not knowingly collect data from children under 16 without parental authority. If you believe we have collected such data, contact us for prompt review and deletion.
11. Third-party websites
Our site may link to external resources. Their privacy practices are governed by their own policies. Review them before providing personal data.
12. Changes to this policy
We may update this Privacy Policy to reflect legal, technical, or organisational changes. The effective date at the top will change, and material updates will be highlighted on the website where appropriate. Continued use after changes constitutes acknowledgement where legally permitted.
13. Data protection impact assessments
Where processing is likely to result in a high risk to individuals’ rights and freedoms, we assess necessity, proportionality, and mitigation measures before processing begins, in line with Article 35 GDPR. We consult the supervisory authority when required.
14. Breach notification
In the event of a personal data breach, we document facts, effects, and remedial action. Where the breach is likely to result in a risk to individuals, we notify the Autoriteit Persoonsgegevens without undue delay and, where feasible, within seventy-two hours. If the breach is likely to result in a high risk, we communicate to affected individuals unless exceptions apply.
15. Marketing and newsletters
We send promotional emails only where permitted by law, typically after explicit opt-in or, where applicable, soft opt-in for similar products. Each message includes an unsubscribe link or equivalent mechanism. Suppression lists are maintained to honour opt-outs.
16. Employment and recruitment
If we post vacancies, a separate privacy notice may apply to applicants. We do not use this product website to collect employment data routinely.
17. Automated processing logs
Technical logs may include IP addresses and device metadata. We use them for fraud prevention, troubleshooting, and aggregate analytics after minimisation. Retention follows section 7.
18. International organisations
We do not currently transfer personal data to international organisations without appropriate safeguards. Should that change, this policy will be updated and supplementary measures applied as required by the European Data Protection Board guidance.
19. Contact details for privacy requests
Quolrixxkhoglore · Geldersekade 84-A · 1012 BL Amsterdam · Netherlands · Email supportcenter@quolrixxkhoglore.world · Phone +31 20 624 0445