Privacy Policy

Name: Quartalis
Address: GB
Price range: ££

Last updated: 31 March 2026

1. Who We Are

Darren Betney trading as Quartalis

Email: [email protected]

ICO Registration Number: ZC106784

2. What Data We Collect

When you purchase a product

Name and email address — to fulfil your order and send download links
Billing address — processed by Stripe, not stored by us
Payment card details — processed exclusively by Stripe (PCI DSS Level 1 compliant). We never see or store your card number.
Purchase history — what you bought and when, for tax records and re-download access

When you subscribe to the newsletter

Email address — to send you product updates and engineering insights
You can unsubscribe at any time via the link in every email

When you use the contact form

Name, email, and message — to respond to your enquiry

When you use the chat widget

Messages are processed in real-time and not stored permanently
Rate-limited to 10 messages per hour per IP address

Automatically collected

Anonymous page view data — via self-hosted Umami analytics (cookieless, no personal data, no cross-site tracking)
IP address — temporarily processed by our hosting provider for security and fraud prevention

3. How We Use Your Data

Purpose	Lawful Basis
Fulfil your order and deliver products	Contract performance
Send order confirmations and download links	Contract performance
Respond to enquiries	Legitimate interest
Send newsletter (if subscribed)	Consent
Maintain purchase records for tax/accounting	Legal obligation
Prevent fraud and abuse	Legitimate interest
Improve website and products	Legitimate interest

4. Who We Share Data With

Stripe — payment processing. Stripe's privacy policy applies to payment data.
Brevo — email delivery for newsletters and transactional emails
We do not sell, rent, or trade your data to any other third parties
We do not use advertising trackers, Meta Pixel, Google Analytics, or similar services

5. Cookies

This website uses no tracking cookies. Our analytics (Umami) are self-hosted and cookieless by design. Stripe may set strictly necessary cookies during the checkout process — these are required for payment security and do not require consent.

6. Data Storage and Security

Purchase records and contact data are stored on self-hosted infrastructure in the UK
Payment data is processed and stored exclusively by Stripe (EU/US infrastructure, PCI DSS Level 1)
Newsletter subscriber data is processed by Brevo (EU infrastructure)
All connections to this website are encrypted via HTTPS (Cloudflare SSL)

7. Data Retention

Purchase records: 7 years (HMRC requirement for tax records)
Contact form submissions: 12 months, then deleted
Newsletter subscriptions: until you unsubscribe
Chat messages: not stored permanently
Analytics data: aggregated, no personal data retained

8. Your Rights (UK GDPR)

Under the UK General Data Protection Regulation, you have the right to:

Access — request a copy of the personal data we hold about you
Rectification — ask us to correct inaccurate data
Erasure — ask us to delete your data (subject to legal obligations)
Restriction — ask us to limit how we use your data
Data portability — request your data in a structured, machine-readable format
Object — object to processing based on legitimate interest
Withdraw consent — for newsletter subscriptions, at any time

To exercise any of these rights, email [email protected]. We will respond within 30 days.

9. Free Tools

Free tools on this website (JSON formatter, regex tester, etc.) run entirely in your browser. No data you enter into these tools is sent to our servers or stored anywhere. Your data stays on your device.

10. Complaints

If you believe we have mishandled your data, contact us first at [email protected].

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk/make-a-complaint

11. Changes

We may update this policy from time to time. The "Last updated" date will change. Significant changes will be communicated via email to affected users.