Controller: QUIKDIN LIMITED
Company No: 16713619
Registered office: 128 City Road, London, EC1V 2NX, United Kingdom
Contact (privacy): legal@qdinfy.com
General support: support@qdinfy.com
Territory: We serve customers globally.

Qdinfy.com (“Qdinfy”, “we”, “us”, “our”) respects your privacy. This notice explains what we collect, why we collect it, how we use and share it, and your rights under the UK GDPR and related laws.

We never sell personal data. We only collect what we need for our services, security, legal compliance, analytics, and optional advertising/marketing (with your consent where required).

1) What we do

Qdinfy is a business unit of QUIKDIN LIMITED. We provide downloadable digital products (Quikdin-made themes/plugins/templates with licence) and online courses. Orders require an account; delivery is digital and immediate after payment.

2) Personal data we collect

We collect the minimum data needed for the purposes below:

• Account & identity: name, email, password (hashed), country/region, company (optional).
• Orders & billing: product details, price/taxes, currency, invoice/receipt info, VAT number (if provided), billing address (where needed for tax/compliance).
• Licences & delivery: download history, licence keys/activations, course enrolment/access logs (to prove delivery, prevent abuse, and provide support).
• Payments: confirmation/metadata from payment or Merchant-of-Record (MoR) partners (e.g., FastSpring, Paddle, Lemon Squeezy). We do not store card PAN/CVV.
• Support: messages, attachments, troubleshooting diagnostics.
• Technical: IP address, device/browser info, basic event logs (login, checkout), fraud-prevention signals.
• Cookies & similar tech: strictly necessary cookies (security, login, checkout) and—only with consent—analytics and advertising cookies/pixels (see Section 7).

Special category data is not sought or required.

3) Why we use your data (purposes & legal bases)

We process data only where we have a lawful basis:

• Provide services & fulfil contracts (Art. 6(1)(b)): account creation, checkout, invoicing, digital delivery, licence management, course access, support.
• Security & fraud prevention (legitimate interests, Art. 6(1)(f)): account protection, abuse prevention, licence key misuse prevention, incident response.
• Analytics & service improvement (legitimate interests or consent): understanding product performance and errors to improve services.
• Marketing & advertising (consent, and legitimate interests where permitted by law): email updates (opt-in/soft opt-in), ad measurement and personalised ads via partners (only if you consent to non-essential cookies/pixels).
• Legal & compliance (legal obligation, Art. 6(1)(c)): tax/VAT records, accounting, responding to lawful requests, sanction/export controls.

Where we rely on consent, you can withdraw it any time (Section 10). Where we rely on legitimate interests, you can object (Section 10).

4) How we share data

We do not sell personal data. We share only with:

• Payment/MoR partners (e.g., FastSpring, Paddle, Lemon Squeezy) for secure payments, invoicing, tax/VAT compliance, refunds/chargebacks.
• Advertising & measurement partners (only if you consent to advertising cookies/pixels): Meta (Facebook/Instagram), Google (Ads/Analytics), TikTok, Microsoft Advertising (Bing), and similar. Data may include online identifiers (cookies, IP, ad IDs), page events, purchase metadata (e.g., value/currency), and hashed email for customer-match where permitted.
• Operational vendors (processors): hosting/CDN, email and ticketing, error logging, CRM, anti-fraud, analytics, and security tooling.
• Professional advisers & authorities: accountants, auditors, legal counsel, courts/regulators—only as required.
• Corporate events: if we merge, acquire, or sell assets, data may transfer under appropriate safeguards.

All processors are bound by contracts requiring confidentiality, security, and use only on our instructions.

5) International transfers

We operate globally. When transferring personal data outside the UK/EEA, we use appropriate safeguards—for example:

• UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU SCCs; and
• Transfer risk assessments and additional technical/organisational measures where appropriate.
  You can contact legal@qdinfy.com for copy/summary of safeguards applicable to your transfers.

6) Data retention

We keep data only as long as needed for the purposes above, typically:

• Account & orders: for the life of the account + up to 6 years (tax/audit).
• Licences & delivery logs: for licence term + reasonable audit window.
• Support tickets: typically 2–3 years after closure, unless needed longer for disputes.
• Technical logs: typically 12–18 months (shorter where feasible).
• Marketing consents/suppression: retained as required to honour your preferences.

We securely delete/anonymise when no longer needed.

7) Cookies, analytics, and advertising

7.1 Types

• Strictly necessary (always on): security, login, checkout, consent logging.
• Functional/analytics (consent-based): performance, usage, crash/error diagnostics.
• Advertising/retargeting (consent-based): ad delivery, frequency capping, measurement, and personalised ads across partners (Meta, Google, TikTok, Microsoft/Bing, and others).

7.2 Consent & control

• On your first visit we show a cookie banner. You can Accept, Reject, or Manage non-essential cookies at any time via the Cookie Preferences link in the footer.
• If you reject non-essential cookies, we will not set analytics/advertising cookies or fire pixels that require consent.
• You can also adjust platform-level ad settings with each provider and your browser/device settings.

7.3 Analytics & ads data

With consent, we may collect online identifiers (cookies, IP, ad IDs), device/browser info, page views, and purchase events to measure performance and—where permitted—support interest-based advertising. You may opt out at any time via our Cookie Preferences.

8) Payments and security

• Payments are processed by PCI-compliant providers/MoR partners. Qdinfy does not store card PAN/CVV.
• We apply organisational and technical measures appropriate to risk (encryption in transit, access controls, logging, regular reviews). No internet system is 100% secure, but we work to protect your data.

9) Children

Qdinfy is intended for adults (18+). We do not knowingly collect children’s data. If you believe a child has provided data, contact legal@qdinfy.com to request deletion.

10) Your rights (UK GDPR)

You have the right to access, rectify, erase, restrict, port, and object to certain processing (including objecting to direct marketing and processing based on legitimate interests). Where we rely on consent, you can withdraw it at any time in Cookie Preferences or by contacting us.

To exercise your rights: email legal@qdinfy.com (we may need to verify your identity). We will respond within statutory timeframes.

11) Email marketing

• We may send emails about your account, purchases, and service updates (these are service communications, not marketing).
• Marketing emails are opt-in (or soft opt-in where legally permitted). You can unsubscribe at any time via the link in the email or by contacting support@qdinfy.com.

12) Automated decisions

We do not make decisions with legal or similarly significant effects based solely on automated processing. We may use automated fraud screening; you can contest a decision by contacting support@qdinfy.com.

13) Third-party links

Our site may link to third-party sites. Their privacy practices are their own; please review their notices.

14) Changes to this notice

We may update this Privacy Policy from time to time. The “Effective date” shows the latest version. Material changes will be highlighted on this page and, where appropriate, notified to you.

15) Contact us

Questions, requests, or complaints about privacy: legal@qdinfy.com
General support: support@qdinfy.com
Postal: QUIKDIN LIMITED, 128 City Road, London, EC1V 2NX, UK