Privacy Policy for quinta.world

Last updated: 12.05.2026

This Privacy Policy describes how Quinta Essentia: Fabula Prima Sp. z o.o. (“Company”, “we”, “us”, or “our”) collects, uses, stores, processes, and protects personal data when users access or use the website https://quinta.world (“Website”).

The Company acts as the data controller within the meaning of Regulation (EU) 2016/679 (“GDPR”).

By using the Website, contacting us, placing orders, creating an account, subscribing to communications, or otherwise interacting with the Website, you acknowledge that your personal data may be processed in accordance with this Privacy Policy.

1. Data Controller

Data Controller:

Quinta Essentia: Fabula Prima Sp. z o.o.
Republic of Poland

Contact email: hq@quinta.world

2. Applicable Law

This Privacy Policy is governed by:

  • Regulation (EU) 2016/679 (GDPR)
  • Directive 2002/58/EC (ePrivacy Directive)
  • applicable laws of the Republic of Poland
  • consumer and electronic communications regulations applicable within the European Union

3. Categories of Personal Data We Collect

We may collect and process the following categories of personal data:

Information provided directly by the User

  • full name
  • billing and shipping address
  • email address
  • telephone number
  • company information
  • payment-related information
  • account credentials
  • communications submitted through forms or email

Technical and Usage Data

  • IP address
  • browser type and version
  • operating system
  • device identifiers
  • language settings
  • pages visited
  • time spent on pages
  • referring URLs
  • interaction data
  • cookie identifiers

Transaction Data

  • order history
  • payment status
  • invoices
  • delivery information
  • refund information

Marketing and Communication Preferences

  • newsletter subscriptions
  • consent preferences
  • communication history

4. Legal Basis for Processing

We process personal data only where permitted under Article 6 GDPR.

Processing may be based on:

Contractual necessity

Processing necessary for:

  • order fulfillment
  • customer support
  • account administration
  • delivery coordination
  • payment processing

Legal obligations

Processing required for:

  • accounting obligations
  • tax compliance
  • fraud prevention
  • regulatory obligations

Legitimate interests

Processing necessary for:

  • Website security
  • prevention of abuse
  • analytics
  • service improvement
  • business administration
  • direct marketing where legally permitted

Consent

Processing based on explicit consent, including:

  • email marketing
  • cookies and tracking technologies where required
  • SMS communications
  • optional marketing preferences

Consent may be withdrawn at any time.

5. Purpose of Data Processing

Personal data may be processed for the following purposes:

  • processing orders
  • providing customer support
  • delivering products
  • processing payments
  • managing accounts
  • fraud prevention
  • improving Website performance
  • analytics and statistics
  • compliance with legal obligations
  • responding to inquiries
  • marketing communications where consent exists
  • protection of legal claims and rights

6. Cookies and Tracking Technologies

The Website may use:

  • essential cookies
  • analytics cookies
  • performance cookies
  • functionality cookies
  • marketing cookies

Cookies may be placed by:

  • the Company
  • analytics providers
  • advertising partners
  • payment processors
  • embedded third-party services

Where required under applicable law, non-essential cookies are used only after obtaining valid user consent.

Users may:

  • manage cookie preferences
  • withdraw consent
  • disable cookies through browser settings

Disabling certain cookies may affect Website functionality.

7. Third-Party Service Providers

We may share personal data with trusted third parties where necessary for Website operation and business purposes.

These may include:

  • payment processors
  • logistics providers
  • hosting providers
  • analytics providers
  • CRM providers
  • email communication providers
  • IT and security providers
  • legal and accounting advisors

Third parties process personal data only under appropriate contractual safeguards and only to the extent necessary.

8. International Data Transfers

Personal data may be transferred outside the European Economic Area (EEA) where necessary.

Where such transfers occur, appropriate safeguards are implemented, including:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • legally recognized transfer mechanisms under GDPR

9. Data Retention

Personal data is retained only for as long as necessary for the purposes for which it was collected, including:

  • contractual obligations
  • legal obligations
  • dispute resolution
  • tax and accounting requirements
  • fraud prevention
  • protection of legal rights

Retention periods may vary depending on the nature of the data and applicable legal requirements.

10. User Rights under GDPR

Users located in the European Union may exercise the following rights:

  • right of access
  • right to rectification
  • right to erasure
  • right to restriction of processing
  • right to data portability
  • right to object
  • right to withdraw consent
  • right not to be subject solely to automated decision-making where applicable

Requests may be submitted via:
hq@quinta.world

Users also have the right to lodge a complaint with a competent supervisory authority.

11. Data Security

We implement appropriate technical and organizational measures designed to protect personal data against:

  • unauthorized access
  • accidental loss
  • destruction
  • misuse
  • disclosure
  • alteration

However, no method of electronic transmission or storage can guarantee absolute security.

12. Children’s Privacy

The Website is not intended for individuals under the age of 18.

We do not knowingly collect personal data from minors.

If we become aware that personal data of a minor has been collected unlawfully, such data may be deleted.

13. Marketing Communications

Users may receive marketing communications only where permitted under applicable law or where valid consent has been obtained.

Users may unsubscribe at any time by:

  • clicking the unsubscribe link
  • contacting us directly

Withdrawal of consent does not affect the lawfulness of processing performed before withdrawal.

14. Automated Decision-Making

The Company does not perform automated decision-making producing legal effects within the meaning of Article 22 GDPR unless explicitly stated otherwise.

15. Third-Party Websites

The Website may contain links to third-party websites or services.

We are not responsible for:

  • privacy practices
  • policies
  • content
  • security standards

of third-party resources.

Users should review third-party privacy policies independently.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

Updated versions become effective upon publication on the Website.

Continued use of the Website after publication constitutes acknowledgment of the updated version.

17. Contact

For all privacy-related matters, data requests, or GDPR inquiries, please contact:

hq@quinta.world