Privacy & data protection
Privacy Policy for qualtrexghap.world
This document tells you who is responsible for information we might hold about you, what we collect through the site and related email, why we use it, how long we keep it, who we share it with, and what you can ask us to do about it. It is written to work with the UK GDPR, the EU GDPR where it applies, and other standards that expect transparent notice.
Plain summary before the detail
We run a small informational and educational project about pacing routines, primarily serving people who contact us from the United Kingdom and elsewhere. We may see your email address if you write to us, and our host may see technical data when your browser loads a page. We do not use that data to guess your health status, and we do not sell lists of names. Processing is described here in line with the UK GDPR and the Data Protection Act 2018, and, where the EU GDPR applies, that framework too. The table and sections below spell out the legal points; this box is here so the first read is human first.
Data controller and ways to reach us
The controller for the personal data described here is the operator of the brand Qualtrexghap, who can be reached for privacy questions at:
60 Wilmslow Rd, Manchester M14 5AL, United KingdomEmail touch@qualtrexghap.world · Telephone +44 161 224 8501
If you exercise a right that needs identity checks, we may ask for a measured amount of proof, such as a short note from the same email you used before, or redacted documents, so we do not disclose data to the wrong person.
Categories of data, purposes, and lawful bases
We only use data for purposes that match what a reasonable visitor would expect from a site like this, unless we tell you otherwise at the time and the law allows it.
| Data | How we get it | Why we use it | Typical basis | Retention (indicative) |
|---|---|---|---|---|
| Identity and contact fields you type on the contact form | Directly from you | To reply, to keep a fair record of what you asked, and to provide any product you buy | Contractual need, steps before a contract, or legitimate interests in responding to clear requests, together with consent where the box on the form records that | Usually up to twenty-four months after the last substantive message in a thread, unless we must keep a subset for tax, court order, or genuine complaint handling |
| Technical connection data (for example IP address, time, browser type) in server or security logs | Automatically when you request pages | Security, debugging, and understanding traffic in aggregate | Legitimate interests in running a stable and honest service | According to the rolling window the host sets, often days to a few weeks for raw web logs |
| Cookie identifiers and preferences | Your device, subject to the Cookie Policy | Mandatory operation of the site and, if you allow, optional analytics or marketing | Strictly necessary uses as set out in ePrivacy; consent for optional non-essential storage where required | From session length to a year, per cookie, as listed in the cookie page |
| Payment metadata if you buy something in future (amount, time, no full card number on our server) | From our payment service when you check out | To show what you paid for and to meet accounting rules | Contract and legal obligation for records | As long as the law in force says we should keep financial evidence, and no longer in active form if we are allowed to archive |
Legitimate interests
Where we rely on legitimate interests, we have balanced them against your rights. Examples include: stopping automated abuse, seeing which public pages are read most, and following up a polite reply to a question you started. We do not use those interests to build secret health profiles or to rent your name.
When consent comes in
Consent can sit alongside other bases, for example the consent tick next to a form, or a yes to optional cookies. You can pull consent for things that are purely consent-based, without affecting things we must do for a contract you already entered, where the law does not require separate consent to continue.
Recipients, processors, and cross-border flow
We use suppliers who host the site, handle email, or process payments. They act on instructions, not for their own marketing. If a server sits outside the UK or EEA, we look for a legal transfer tool such as the UK and EU standard contractual clauses, the UK IDTA or Addendum, or the adequacy list, plus practical checks. You may ask for a short summary of the main safeguards, though we can redact commercial detail that does not change your rights in practice.
Your rights in outline
Subject to the usual legal limits, you may ask for access, rectification, erasure, restriction, objection to some processing, portability where processing is automatic and you gave data contractually, and an explanation of decisions if we were ever to use solely automated ways that affect you in a legal way (we do not run that style of system today). In the United Kingdom, you may also complain to the ICO, and in the EEA to your local authority. A complaint does not take away the option of solving things with us in good faith first, where that is possible.
Children and vulnerable contexts
Our public writing is for adults who make their own work-life planning choices. We do not set out to collect data from under-sixteens. If a message appears to come from a child, we will delete what we can when we are satisfied of the fact. If you are a parent in the EU or UK and your child has given data without permission, you have paths under local child-protection rules; contact us and we can talk through practical steps even before anything formal.
Security measures we actually use
We choose hosts that use transport encryption for pages served over modern HTTPS, and we keep access to inboxes and administration panels to people who need it. We encourage strong passwords, device locks, and separate environments for work that touches your email. We cannot promise a site will never be attacked, so we also suggest you avoid sending what you would not want copied in any email, such as long medical histories or full payment card numbers, through a general contact form.
How long the policy lasts and when we adjust it
When the way we work changes in a way that truly affects you, or when regulators publish something we must follow, we update this file. The date at the top of this page is driven by the date your browser has when the script runs, so you can see the screen you are reading without hunting for a long legal footer. A paper-style “version number” is not a separate public system here; the text itself is the record.
Further reading in our documents
Cookie detail lives in the Cookie Policy. General site rules are in the Terms of Use. If you have paid, see also the Refund Policy for when money moves.