Privacy Policy

Privacy Policy

Personal Data Protection · GDPR Compliance

Version 1.0 · May 2026 · Q-Technology OÜ

1. Introduction

Q-Technology OÜ, an Estonian company with its registered office at Narva mnt 5, 10117 Tallinn, Estonia, is committed to protecting the confidentiality and security of the personal data you entrust to it when using the website qbiohacking.com and the store shop.qbiohacking.com.

This Privacy Policy describes how your personal data is collected, processed, used, stored and protected, in accordance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data, known as the GDPR, and the Estonian Personal Data Protection Act.

2. Data Controller

The data controller for your personal data is:

Q-Technology OÜ
Narva mnt 5, 10117 Tallinn, Estonia
Email: office@qbiohacking.com

For any questions regarding data protection or the exercise of your rights, you may contact Q-Technology OÜ at office@qbiohacking.com.

3. Personal Data Collected

Q-Technology OÜ collects the following categories of personal data:

  • Identification data: surname, first name, title.
  • Contact data: postal address, delivery and billing address, email address, telephone number.
  • Transaction data: products ordered, amounts, order dates and purchase history. Bank details are not stored by Q-Technology OÜ; they are processed directly by the payment provider integrated into the online platform.
  • Browsing data: IP address, browser type, pages visited, visit duration and cookie data.
  • Customer account data: login credentials, preferences and order history, if the customer creates an account on the Store.
  • Professional data for Certified Testers: exclusive geographic zone, licence status — Junior, Senior or Master — and declared profession.

4. Purposes of Processing and Legal Bases

Your personal data is processed for the following purposes, on the associated legal bases under Article 6 GDPR:

  • Performance of the sales contract: order processing, delivery, invoicing, management of returns and refunds, exercise of the right of withdrawal and implementation of warranties.
  • Customer relationship management: responding to enquiries, customer support and handling complaints.
  • Marketing communications: sending newsletters and promotional communications, solely with your explicit consent, which may be withdrawn at any time.
  • Legal and tax compliance: retention of invoices and accounting documents in accordance with Estonian and European legal obligations.
  • Legitimate interests: fraud prevention, site security, anonymised usage statistics and improvement of products and services.
  • Management of the Certified Tester network: licence monitoring, allocation of exclusive zones, communication of commissions and network coordination.

5. Recipients of Data

Your personal data may be shared with the following recipients, exclusively within the limits of the purposes described above:

  • Technical processors: Hostinger, for hosting and online store management; payment providers integrated with Hostinger for transaction security; carriers and logistics providers for product delivery.
  • Marketing tools: email service providers, including SwipeOne and other automation platforms, traffic analytics tools and advertising platforms, subject to the required consent.
  • Competent authorities: upon court order or in the event of a legal obligation.

Q-Technology OÜ does not sell, rent or transfer your personal data to third parties for commercial purposes without your explicit consent.

6. International Data Transfers

Some processors and partners, including Hostinger, may process your data in countries outside the European Economic Area, including Canada and the United States.

In all cases, Q-Technology OÜ ensures that such international transfers are governed by appropriate safeguards within the meaning of the GDPR, such as standard contractual clauses adopted by the European Commission, adequacy decisions or applicable certifications, including the EU–US Data Privacy Framework where the recipient is certified.

7. Retention Periods

Your personal data is retained for the period strictly necessary to fulfil the purposes for which it was collected:

  • Order and billing data: 10 years from the date of the last transaction, in accordance with Estonian and European accounting and tax obligations.
  • Customer account data: for the duration of the contractual relationship, then 3 years after the last activity, for commercial prospecting purposes in accordance with applicable regulations.
  • Prospecting and newsletter data: 3 years from the last active contact with the prospect, or until withdrawal of consent.
  • Browsing data and cookies: see the section on cookies below.
  • Certified Tester network data: for the duration of the licence, then 5 years after the licence ends for accounting and commission management purposes.

8. Your Rights Regarding Your Personal Data

In accordance with Articles 15 to 22 of the GDPR, you have the following rights with respect to your personal data:

  • Right of access: to obtain confirmation as to whether your data is being processed and, where applicable, to receive a copy of it.
  • Right to rectification: to request the correction of inaccurate or incomplete data.
  • Right to erasure, also known as the right to be forgotten: to request the deletion of your data, under the conditions provided for by the GDPR.
  • Right to restriction of processing: to request the temporary suspension of the processing of your data.
  • Right to data portability: to receive your data in a structured, commonly used, machine-readable format, and to transmit it to another data controller.
  • Right to object: to object, at any time, to the processing of your data based on legitimate interest or for commercial prospecting purposes.
  • Right to withdraw consent: at any time, without affecting the lawfulness of prior processing.
  • Right to set post-mortem instructions regarding the storage, deletion and communication of your data after your death.

To exercise your rights, contact Q-Technology OÜ at office@qbiohacking.com, specifying your request and enclosing a copy of your identity document to prevent identity theft.

Q-Technology OÜ will respond to your request within one month, which may be extended by two months in the case of a complex request.

9. Cookies and Similar Technologies

The website qbiohacking.com and the store shop.qbiohacking.com use cookies and similar technologies. A cookie is a small text file placed on your device when you visit the website.

Categories of cookies used:

  • Strictly necessary cookies: essential for the functioning of the site, including shopping cart management, authentication and security. These do not require your consent.
  • Audience measurement cookies: anonymised traffic statistics, including pages viewed and visit duration. These are subject to your consent.
  • Personalisation cookies: storing your preferences, such as language, region and currency. These are subject to your consent.
  • Advertising and third-party cookies: Facebook/Meta pixels, Google Ads and other networks. These are subject to your explicit consent.

On your first visit, a cookie management banner allows you to choose which categories you accept. You may update your preferences at any time from the footer of the site.

Cookie retention period: maximum 13 months in accordance with European recommendations.

10. Data Security

Q-Technology OÜ implements appropriate technical and organisational measures to ensure the security of your personal data, including:

  • Encryption of data in transit via the SSL/TLS protocol.
  • Segregation of data access according to internal user profiles.
  • Regular backups and business continuity procedures.
  • Periodic security audits of the Hostinger platform and partner service providers.

In the event of a personal data breach likely to result in a high risk to your rights and freedoms, Q-Technology OÜ undertakes to notify you as soon as possible and to report the incident to the competent supervisory authority in accordance with Article 33 of the GDPR.

11. Complaint to the Supervisory Authority

If you consider that the processing of your personal data constitutes a breach of the GDPR, you have the right to lodge a complaint with the competent supervisory authority.

The competent supervisory authority for Q-Technology OÜ is:

Andmekaitse Inspektsioon — AKI
Tatari 39, 10134 Tallinn, Estonia
Email: info@aki.ee
Website: https://www.aki.ee

You may also contact the data protection authority of your EU Member State of habitual residence, place of work or the place of the alleged breach.

12. Amendments to this Policy

Q-Technology OÜ reserves the right to amend this Privacy Policy at any time, in particular to reflect legislative, regulatory or technical developments.

The applicable version is the one available online at the time of data collection. Any material changes will be notified to you by email or via a banner on the site.

Q-Technology OÜ
Narva mnt 5, 10117 Tallinn, Estonia
office@qbiohacking.com
qbiohacking.com

Q-Technology: passive · non-invasive · battery-free · electrode-free

Pre Order
Discount

Limited offer: Pre-order O GO Insoles or Chips now and enjoy 10% off the total price.
I am interested
Take a step in feeling better

Here's Your 5%
Coupon

Enter the code below at checkout to get 5% off your first order.
You may also like...
Continue Shoppiong
Home
Account
Shop
0
Wishlist
0
Cart

Search Our Site

Trending Search
Popular Products

Edit Option

Shopping Cart
Your cart is currently empty!.

You may check out all the available products and buy some in the shop.

Continue Shopping
Add Order Note
Estimate Shipping
English
English