Privacy Policy

1. Data controller and contact details

The data controller responsible for personal data processed in connection with this website and related sales is:

Business name: Quozranxghod
Product: GreenViora
Registered address / principal place of business: Shop G143 Australia Fair Shopping Centre, Scarborough St, Southport QLD 4215, Australia
Website: https://quozranxghod.world/
Email: community@quozranxghod.world
Telephone: +61 7 5591 6480

For privacy enquiries, data subject requests, and complaints, contact us using the email address above. We may ask for reasonable identity verification before disclosing or changing records.

If you are in the European Economic Area and we appoint a representative under Article 27 GDPR, their details will be published here. Where no representative is required, you may still contact the controller at the Australian address and email above.

2. Scope and relationship to other laws

This Policy applies to visitors of the website, account holders where available, purchasers of GreenViora, and individuals who contact us by form, email, or telephone. It is designed to align with the Australian Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and the EU and UK General Data Protection Regulation (GDPR) where those laws apply to our processing.

Where provisions differ between jurisdictions, we apply the higher standard where practicable, or the standard required by the law that governs your relationship with us. Nothing in this Policy limits any non-waivable right you have under consumer or privacy legislation.

3. Categories of personal data we collect

Depending on how you interact with us, we may process the following categories of personal data:

3.1 Identity and contact data

Full name, delivery and billing addresses, email address, telephone number, and similar identifiers you provide when ordering, creating an account, or contacting support.

3.2 Transaction data

Order identifiers, items purchased, price, currency, payment status, shipping method, tracking references, and correspondence about your order.

3.3 Payment data

Payments are typically processed by payment service providers. We may receive limited payment metadata such as partial card brand, expiry where shown by the provider, transaction IDs, and fraud signals. We do not store full card numbers on our servers when a compliant processor tokenises card data.

3.4 Communication content

Messages you send through forms, email, chat widgets if enabled, and call notes created by staff when you phone us.

3.5 Technical and usage data

Internet protocol address, approximate location derived from IP, browser type and version, device type, operating system, referral URL, pages viewed, time and date of access, and cookie identifiers where permitted.

3.6 Marketing preferences

Newsletter subscriptions, consent logs, and suppression lists where you opt out.

3.7 Compliance and security data

Records relating to fraud checks, export or age screening where required, dispute files, and audit logs.

4. Sources of personal data

We obtain personal data directly from you when you place an order, complete a form, subscribe to updates, or communicate with us. We may receive data from payment processors, delivery partners, fraud prevention services, and analytics providers where you have consented or another lawful basis applies. We may enrich address data using postal validation tools to reduce failed deliveries.

5. Purposes and lawful bases for processing

Under the GDPR, we rely on one or more of the following lawful bases: performance of a contract, legitimate interests, consent, and legal obligation. Under the Australian Privacy Act, we collect personal information only where it is reasonably necessary for our functions and handle it fairly and lawfully.

5.1 Contractual performance

Processing orders, taking payment, arranging shipment, providing customer support, and managing returns or chargebacks.

5.2 Legitimate interests

Website security, debugging, aggregated analytics that do not require intrusive tracking, internal reporting, and improving product information, where balanced against your rights.

5.3 Consent

Non-essential cookies, marketing emails where not covered by soft opt-in rules, and certain cross-border transfers where required.

5.4 Legal obligation

Tax, accounting, and consumer records, responding to lawful requests from regulators and courts, and product safety reporting where applicable.

6. Automated decision-making and profiling

We do not use automated decision-making that produces legal or similarly significant effects solely by automated means. Payment providers may apply automated fraud scoring; where a decision affects you, you may contact the provider or us for human review where available.

7. Cookies and similar technologies

We use cookies and local storage for essential site operation, session management, security, and, where you consent, analytics and marketing measurement. Detailed descriptions, retention, and your choices are set out in our Cookie Policy. You can change preferences through the cookie banner and browser settings.

8. Sharing and categories of recipients

We share personal data with service providers under written terms that require confidentiality and appropriate security measures. Categories of recipients include:

• Hosting, infrastructure, and email delivery providers
• Payment processors and banking partners
• Logistics and customs brokers for international parcels
• Customer support and ticketing platforms
• Professional advisers such as lawyers and accountants where required
• Regulators, law enforcement, or courts when legally compelled

We do not sell personal information as defined under the California Consumer Privacy Act. We do not share personal data for money; any future monetisation of data would require a separate notice and, where required, consent.

9. International transfers

Our operations may involve processing in Australia, the European Economic Area, the United Kingdom, and the United States, depending on hosting and supplier locations. When we transfer personal data from the EEA or UK to countries without an adequacy decision, we use appropriate safeguards such as Standard Contractual Clauses and supplementary measures where required. You may request a copy of relevant safeguards by emailing us.

10. Retention periods

We retain personal data only as long as necessary for the purposes described, unless a longer period is required by law.

• Order and tax records: typically seven years from the end of the financial year in which the transaction occurred, or as required by applicable tax law.
• Customer enquiries: up to three years after the last interaction unless linked to a dispute or order, in which case retention follows the order record timeline.
• Marketing consents and suppression: until withdrawal of consent plus a short period to process the request, or indefinitely for suppression identifiers to honour opt-outs.
• Security logs: rolling retention, commonly between 30 and 180 days, unless needed for an investigation.
• Cookie identifiers: as stated in the Cookie Policy, generally not longer than 24 months for optional cookies.

When retention ends, we delete or irreversibly anonymise data where feasible.

11. Security measures

We implement administrative, technical, and organisational measures appropriate to the risk, including:

• TLS encryption for data in transit on the website
• Access controls and authentication for internal systems
• Least-privilege access for staff and contractors
• Backups and business continuity planning
• Vendor security reviews for material processors
• Logging and monitoring for suspicious activity

No online transmission is completely secure. You should protect your devices and use strong passwords where accounts exist.

12. Your rights under the GDPR and UK GDPR

Where applicable, you may have the right to access, rectify, erase, restrict processing, object to processing based on legitimate interests or direct marketing, data portability, and to withdraw consent at any time without affecting prior lawful processing. You may lodge a complaint with a supervisory authority in your country of residence. You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if Australian law applies.

13. Your rights under the Australian Privacy Act

You may request access to personal information we hold about you and ask for correction if it is inaccurate, out of date, incomplete, irrelevant, or misleading. If we refuse a request, we will explain the reasons allowed by law. You may complain to the OAIC if you are not satisfied with our response.

14. Children

Our website and GreenViora marketing are directed to adults. We do not knowingly collect personal information from children under 16 without parental authority. If you believe a child has provided data, contact us and we will delete it where required by law.

15. Third-party websites

Our website may contain links to third parties. Their privacy practices are governed by their own policies. Review those documents before submitting personal data.

16. Changes to this Policy

We may update this Policy to reflect legal, technical, or business changes. The updated version will be posted on this page with a revised date. Where changes are material and consent-based processing is affected, we will seek fresh consent where required.

17. Regulatory contacts

Office of the Australian Information Commissioner: www.oaic.gov.au
European Data Protection Board (for EU authorities): edpb.europa.eu