Privacy Policy

Last updated: 9 March 2025

This Privacy Policy describes how Quiztorndhak ("we", "us", "our") collects, uses, stores, and protects your personal data when you use our website https://quiztorndhak.world and related services, including the Zenovita product. We are committed to complying with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), the General Data Protection Regulation (GDPR) where applicable to users in the European Economic Area (EEA), and other applicable data protection laws.

1. Data controller and contact details

Data controller: Quiztorndhak

Address: Circular Quay Station, E2/E3 Alfred St, Sydney NSW 2000, Australia

Email: message@quiztorndhak.world

Phone: +61292413566

For any questions about this Privacy Policy or your personal data, please contact us using the details above.

2. Personal data we collect

We may collect the following categories of personal data:

• Identity and contact data: name, email address, telephone number (if provided), and delivery address when you place an order or contact us.
• Transaction data: details of orders, payments, and communications related to purchases.
• Technical data: IP address, browser type and version, time zone, device type, operating system, and other technology on the devices you use to access our website.
• Usage data: information about how you use our website, including pages visited, time spent, and navigation paths.
• Cookie and similar technologies data: as described in our Cookie Policy.

We do not collect special categories of personal data (such as health data, race, or political opinions) unless you voluntarily provide them in a message and we have a lawful basis to process them.

3. Legal basis for processing (GDPR)

Where the GDPR applies, we process your personal data on the following legal bases:

• Contract: processing necessary to perform a contract with you (e.g. fulfilling orders, responding to enquiries).
• Legitimate interests: processing necessary for our legitimate interests (e.g. improving our website, security, analytics) where not overridden by your rights.
• Consent: where you have given clear consent for specific processing (e.g. marketing, non-essential cookies).
• Legal obligation: processing necessary to comply with a legal obligation (e.g. tax, consumer law).

Under Australian law, we collect and use personal information only for purposes that are reasonably necessary for our functions and activities and as set out in this policy.

4. Purposes of processing

We use your personal data for the following purposes:

• To process and fulfil orders for Zenovita and related products.
• To communicate with you about your orders, enquiries, and customer support.
• To send transactional emails (e.g. order confirmation, shipping updates) where necessary for the performance of the contract.
• To improve our website, services, and user experience (including analytics, where you have consented or where based on legitimate interests).
• To comply with legal and regulatory obligations (e.g. record-keeping, tax, consumer rights).
• To protect our rights and the security of our website and users (e.g. fraud prevention, security monitoring).
• To send marketing communications only where you have given consent or where permitted by law.

5. Data retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations.

• Order and contact data: retained for up to 7 years from the last transaction or communication for legal, tax, and warranty purposes, unless a shorter or longer period is required by law.
• Marketing data: retained until you withdraw consent or object, or for a reasonable period after our last contact.
• Technical and usage data: typically retained for up to 24 months, unless a shorter period is set in our Cookie Policy or required by law.
• Support and correspondence: retained for the duration of the matter plus a reasonable period for follow-up and legal compliance.

After the retention period, we securely delete or anonymise your data so that it can no longer identify you.

6. Data security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction, including:

• Use of HTTPS and encryption for data in transit.
• Access controls and authentication so that only authorised personnel can access personal data.
• Regular review of our security practices and systems.
• Secure storage of data on servers with appropriate safeguards.

Despite our efforts, no method of transmission or storage over the internet is completely secure. We encourage you to use strong passwords and to contact us immediately if you suspect any unauthorised use of your data.

7. Sharing and disclosure

We may share your personal data with:

• Service providers: payment processors, shipping and logistics providers, email and hosting services, and analytics providers, under strict contractual obligations to protect your data and use it only for the purposes we specify.
• Legal and regulatory bodies: when required by law, court order, or to protect our rights and safety.
• Professional advisers: lawyers, accountants, or auditors where necessary for our legitimate business purposes.

We do not sell your personal data to third parties. Where we transfer data outside Australia or the EEA, we ensure appropriate safeguards (e.g. standard contractual clauses, adequacy decisions) are in place as required by applicable law.

8. Your rights

Under Australian Privacy Principles: You have the right to request access to the personal information we hold about you and to request correction of inaccurate or out-of-date information. We will respond within a reasonable time as required by the Privacy Act 1988 (Cth). You may also complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.

Under the GDPR (for EEA users): You have the right to: access your data; rectify inaccurate data; erase your data in certain circumstances; restrict processing; data portability; object to processing based on legitimate interests or for direct marketing; and withdraw consent at any time where processing is based on consent. You also have the right to lodge a complaint with a supervisory authority in your country of residence.

To exercise any of these rights, please contact us using the details in section 1. We will respond within the timeframes required by applicable law (e.g. one month under GDPR).

9. Children

Our website and services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the website. The "Last updated" date at the top will be revised when changes are made. We encourage you to review this page periodically. Material changes may be communicated by email or a notice on our website where required by law.

11. Third-party links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites. We recommend that you read their privacy policies before providing any personal data.