Privacy Policy | Quimnarrsquozrel

Introduction and scope

We respect your privacy and aim to describe our practices in plain language. This Privacy Policy applies to personal information processed in connection with the public website at https://quimnarrsquozrel.world/, direct email to our team, optional consulting or guidance about walking habits, and the sale of educational products. It does not apply to third-party sites, apps, or services that we link to for reference; those services have their own policies.

By using the site, submitting a contact form, or purchasing from us, you acknowledge that you have read this Policy. If you disagree with any part of it, please stop using the site and do not submit personal information through our channels.

We may update this Policy when our processing activities, vendors, or legal obligations change. The “current document date” at the top reflects the version in effect. For material changes, we may provide additional notice where required by law.

Nothing in this Policy converts our walking-related materials into medical advice, telehealth, or a regulated health service. We do not use the public site to diagnose, monitor, or treat medical conditions.

Data controller and representative information

The organization responsible for the processing described in this Policy is:

Quimnarrsquozrel
701 Van Ness Ave, San Francisco, CA 94102, United States
Telephone: +1 415-848-1088
Email: touch@quimnarrsquozrel.world

If we appoint an EU or UK data protection representative, we will publish their contact details in this section. Until then, residents of the European Economic Area or United Kingdom may contact the controller using the email above for privacy-related requests.

High-level summary of processing

We process personal information to operate a secure website, answer messages, fulfill orders for educational content, meet legal and tax obligations, and—only if you opt in through our cookie tools—use analytics or advertising measurement technologies that help us understand traffic and campaign performance in the aggregate.

We do not sell personal information for money as that term is commonly understood in comprehensive U.S. state privacy laws. We do not intentionally collect protected health information or special categories of data through the public contact form. If you voluntarily include health-related details in a message, we treat that content as correspondence and do not use it to build health profiles for marketing.

Categories of personal information

Depending on how you interact with us, we may process:

Identifiers and contact details: name, email address, postal address if you provide it, phone number if you provide it, and similar identifiers.
Commercial information: products considered or purchased, order identifiers, amounts, currency, and payment status as reported by payment processors (not full payment card numbers stored on our servers).
Communications: text of emails and contact form messages, including attachments you choose to send.
Internet or network activity: IP address, browser type and version, device category, operating system, referring URL, pages viewed, approximate location derived from IP at a regional level, and timestamps.
Inferences: coarse inferences from analytics (for example, which content categories drive engagement) when you enable optional analytics cookies.
Preferences: cookie consent choices stored locally in your browser.
Professional or consulting records: scheduling notes and delivery records if you purchase paid guidance, limited to what is needed to perform the service.

Sources of personal information

We collect information directly from you when you fill in forms, email us, or complete a purchase. We also collect technical data automatically when your browser loads our pages. Payment processors send us limited transaction confirmations. If you enable optional cookies, analytics or advertising partners may process data according to their policies and our instructions.

Purposes of processing

We use personal information for purposes that include:

Providing the website and displaying educational content about walking rituals.
Responding to inquiries and providing customer support.
Performing contracts for digital products or paid guidance.
Processing payments, issuing receipts, and maintaining accounting records.
Securing systems, detecting fraud, and mitigating abusive or automated traffic.
Understanding how audiences use the site in aggregate when optional analytics are enabled.
Measuring advertising effectiveness when optional marketing cookies are enabled and where permitted by platform policies.
Complying with law, regulation, tax, and lawful requests from public authorities.
Establishing, exercising, or defending legal claims.

Legal bases under the GDPR

Where the General Data Protection Regulation applies, we rely on:

Contract when processing is necessary to deliver products or services you requested.
Legitimate interests when we secure our infrastructure, prevent misuse, communicate operational updates to customers, and understand aggregate site usage—balanced against your rights and freedoms.
Consent for optional analytics or marketing technologies, or where consent is required for specific communications.
Legal obligation when retention or disclosure is required by applicable law.

Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal, to the extent technically feasible.

Cookies and similar technologies

We use cookies, local storage, and similar technologies as described in our Cookie Policy. Strictly necessary technologies support core functionality and remember your cookie preferences. Optional categories activate only after you opt in through the banner or settings panel.

You can revisit your choices at any time via “Cookie Settings” in the site banner or modal. Clearing site data in your browser will reset stored preferences and may cause the banner to appear again.

Advertising and conversion measurement

This site may participate in online advertising programs (for example, measurement tags associated with platforms such as Google Ads). When marketing cookies are off, we do not intentionally load those measurement tools for your browser session. When marketing cookies are on, partners may process pseudonymous identifiers to attribute visits or conversions to campaigns, cap ad frequency, or generate aggregated reports.

We configure tags to align with platform requirements and our Terms of Use, which prohibit misleading health claims in connection with our brand. We do not use advertising tools on this site to collect or infer clinical diagnoses or to target ads based on sensitive health categories.

Recipients and categories of recipients

We disclose personal information to service providers that process data on our behalf, such as hosting providers, email delivery services, customer support tools, analytics vendors (when enabled), advertising measurement partners (when enabled), and payment processors. We require processors to use information only as instructed and to implement appropriate security measures.

We may also disclose information to professional advisers, regulators, law enforcement, or courts when required by law or necessary to protect rights, safety, and the integrity of our services.

International transfers

Our primary operations are in the United States. If you access the site from the EEA, UK, or other regions, your information may be transferred to the U.S. or other countries that may not be deemed to provide an “adequate” level of data protection.

Where required, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, the UK International Data Transfer Addendum, or other lawful mechanisms, together with supplementary measures we assess as appropriate based on risk.

Retention periods

We retain personal information only as long as reasonably necessary for the purposes described:

Marketing and analytics logs: typically up to twenty-six months from collection, unless a shorter period is configured with vendors.
Contact and routine support email: up to twenty-four months after the last message, unless a longer period is needed for an active dispute or legal hold.
Contracts, invoices, and tax records: up to seven years from the end of the financial year unless local law requires a different period.
Security and server logs: rolling retention, commonly ninety days, extended if an incident investigation requires it.
Cookie preference records: until you clear site data or we change storage keys as part of a material update.

When retention periods end, we delete or de-identify information where feasible.

Security measures

We implement technical and organizational measures appropriate to the nature of the data and the risks involved, including HTTPS for data in transit where supported, access controls for administrative accounts, vendor diligence for material processors, and confidentiality expectations for personnel. No online transmission or storage is completely secure; we encourage you to use strong passwords and keep devices updated.

Security incidents and notification

If we become aware of a breach of security leading to accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal information under our control, we will investigate promptly, take steps to mitigate harm, and notify affected individuals and regulators where required by applicable law. Notification timelines and content depend on the jurisdiction and facts of the incident.

If you believe your interaction with us has been compromised, contact us using the details in the Contact section so we can review account activity and guidance.

Rights for individuals in the EEA and UK

Subject to applicable law, you may have the right to access, rectify, erase, restrict processing, object to processing based on legitimate interests, receive data portability for information you provided where processing is automated and based on contract or consent, and lodge a complaint with a supervisory authority. You may withdraw consent where processing is consent-based.

To exercise these rights, email us with a clear description of your request and information that allows us to verify your identity. We may need additional information to protect against fraudulent requests.

Rights for residents of certain U.S. states

Depending on your state of residence and subject to exceptions, you may have rights to know categories and specific pieces of personal information collected; to delete personal information we hold; to correct inaccuracies; to opt out of “sales” or “sharing” for cross-context behavioral advertising where those concepts apply under state law; and to limit use of sensitive personal information if we process such a category and the law requires limitation.

We do not offer financial incentives tied to the collection, retention, or sale of personal information. You may designate an authorized agent where state law permits, with documentation we reasonably require.

California residents (CPRA)

If you are a California resident, the California Privacy Rights Act may provide you with additional rights regarding personal information. This section supplements the disclosures elsewhere in this Policy.

Categories collected: In the preceding twelve months, we may have collected the categories listed under “Categories of personal information,” including identifiers, commercial information, internet activity, and inferences from analytics when enabled.

Sensitive personal information: We do not intentionally collect sensitive personal information as defined under the CPRA through the public website. If you include sensitive details in a voluntary message, we use that content only to respond and do not use it for inferring characteristics for cross-context advertising.

Sale / sharing: We do not sell personal information for monetary consideration. If we engage in “sharing” for cross-context behavioral advertising through optional tags when you opt in, you may opt out via our cookie controls and, where recognized, via the Global Privacy Control signal as described below.

Retention: We retain categories of personal information as described in the Retention section. You may request details about our retention practices for specific data types by contacting us.

Other U.S. state laws

Residents of Colorado, Connecticut, Virginia, Utah, and other states with comprehensive privacy laws may have similar rights to access, delete, correct, and opt out of certain processing. The exact scope of rights depends on your state’s statute, our role (business or controller), and statutory exceptions.

If your state provides a right to appeal our response to a privacy request, we will include appeal instructions in our response where required.

Global Privacy Control and browser signals

Some browsers and extensions broadcast opt-out preference signals such as the Global Privacy Control (GPC). Where we can reliably detect GPC and where applicable law treats such a signal as a valid request to opt out of sale or sharing for cross-context behavioral advertising, we will apply the signal consistently with our cookie and tag configuration. Because technical implementations vary, the most reliable way to control optional cookies remains our on-site Cookie Settings panel.

Many browsers offer a “Do Not Track” setting; there is no uniform legal standard for how sites must respond. We prioritize consent-based controls and recognized opt-out frameworks described in our Cookie Policy.

Children

The site is not directed to children under sixteen, and we do not knowingly sell or share personal information of minors under sixteen as defined by applicable U.S. state law. We do not knowingly collect personal information from children without appropriate parental consent. If you believe we received a child’s information inadvertently, contact us and we will take steps to delete it promptly where required.

Automated decision-making and profiling

We do not make decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects concerning you.

Changes to this Policy

We may revise this Policy to reflect new features, vendors, or legal requirements. The updated version will be posted on this page with a revised document date. Where changes are material and the law requires additional notice, we will provide that notice through the site or other appropriate channels. Continued use after the effective date may constitute acceptance of the revised Policy where permitted by law.

Contact and supervisory authorities

For privacy questions or to exercise rights, email touch@quimnarrsquozrel.world or write to Quimnarrsquozrel at the postal address in the Controller section.

EEA and UK residents may contact their local data protection authority. The European Data Protection Board maintains a directory of EU authorities; in the UK, the supervisory authority is the Information Commissioner’s Office.