Skip to main content

Home / Privacy Policy

Privacy Policy

Last Updated: March 18, 2026

1. Introduction & Controller Identity

This Privacy Policy explains how mireqvton ("we", "us", or "our") collects, uses, and protects personal data when you visit this website and when you register interest in, or access to, our boutique retail education course. The site is intended for educational purposes only and does not use official brand logos.

Data Controller: mireqvton, 7 Johnston Road, Woodford Green, IG8 0XA, United Kingdom. You can contact us about privacy matters at [email protected].

Effective Date: March 18, 2026.

2. Personal Data We Collect

We collect the minimum information needed to operate the website, respond to requests, and manage course registration. Depending on how you use the site, we may collect:

  • Identity and contact data: your name and email address when you submit the registration form.
  • Account access data: a password you create during registration (stored using appropriate security measures such as hashing; we do not store passwords in plain text).
  • Form content: the information you provide in form fields, and any communications you send us by email.
  • Technical data: IP address, browser type, device type, operating system, language, and approximate location inferred from IP (e.g., country or region).
  • Usage data: pages visited, time spent on pages, referral source, and click paths, where you have consented to analytics cookies.
  • Cookies and identifiers: identifiers stored in cookies and similar technologies as described in Section 4 and in our Cookie Policy.
  • Conversion events: events like successful form submission, where you have consented to marketing cookies.

We do not intentionally collect special-category personal data (such as health information, religious beliefs, or political opinions), financial account details, or government identification numbers through this website.

3. Why We Process Personal Data & Legal Basis

Where the GDPR or UK GDPR applies, we process personal data only when we have a lawful basis. Our main purposes and legal bases include:

  • Course registration and communications: to create and manage your registration record, send registration-related messages, and provide support. Legal basis: Article 6(1)(b) (contract steps) and Article 6(1)(a) (consent) where you explicitly consent via form checkbox.
  • Website security and fraud prevention: to protect the site, prevent abuse, and diagnose technical issues. Legal basis: Article 6(1)(f) (legitimate interests).
  • Analytics: to understand how visitors use the site and to improve content and usability. Legal basis: Article 6(1)(a) (consent) when analytics cookies are enabled.
  • Marketing and measurement: to measure advertising performance, build remarketing audiences, and attribute conversions. Legal basis: Article 6(1)(a) (consent) when marketing cookies are enabled.
  • Legal obligations: to comply with applicable laws, requests from authorities, or to establish, exercise, or defend legal claims. Legal basis: Article 6(1)(c) (legal obligation) and Article 6(1)(f) (legitimate interests), as appropriate.

Automated Decision-Making (Article 22): We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

4. Cookies & Tracking Technologies

We use cookies and similar technologies to make the site work, understand performance, and (where you consent) measure marketing campaigns. Cookies can be first-party (set by this site) or third-party (set by providers). We group cookies into the following categories, which match our Cookie Policy:

Essential cookies (always active)

Essential cookies are required for core site functionality, including saving your cookie choices and maintaining basic session continuity. These cookies do not require consent. Examples include _site_session and cookie_consent. Typical retention ranges from session-only to 12 months.

Analytics cookies (consent required)

If you enable analytics cookies, we may use Google Analytics 4 to understand aggregated site usage (for example, which pages are read most, and how visitors move through the site). IP anonymization may be applied depending on configuration. Example cookies include _ga and _ga_XXXXXXXXXX. Analytics data retention is typically set to 14 months.

Marketing cookies (consent required)

If you enable marketing cookies, we may use advertising and conversion measurement tools such as Google Ads conversion linker (_gcl_au) and Meta Pixel identifiers (_fbp, _fbc). These technologies help us measure advertising performance and, where applicable, build remarketing audiences.

In addition to cookies, tracking may involve pixel tags and server-side measurement. When used, server-side measurement typically shares limited event data (such as a page view or registration confirmation) with providers and may include hashed identifiers. Where required, it is activated only after consent.

5. Consent (EEA and UK)

Users in the EEA and UK receive a consent notice under GDPR/UK GDPR. Analytics and marketing cookies activate only after explicit, informed, freely given consent (Article 6(1)(a)). Your choice is recorded in the cookie_consent browser cookie and is stored for up to 12 months.

You may withdraw or change your consent at any time using the “Manage cookie preferences” link in the website footer (where available) or by clearing cookies in your browser settings. Withdrawal does not affect the lawfulness of processing based on consent before it was withdrawn.

6. Sharing With Advertising & Service Partners

We use carefully selected providers to run the website and (if you consent) to analyze and market it. Depending on your cookie choices and how you interact with us, we may share limited data with:

  • Google LLC: for Google Analytics 4, Google Ads, Tag Manager, and remarketing. Data may include cookie identifiers, usage data, and conversion events. Privacy: https://policies.google.com/privacy
  • Meta Platforms, Inc.: for pixel-based measurement, custom/lookalike audiences, and conversion attribution. Data may include page views, conversions, audience membership, and hashed identifiers when applicable. Privacy: https://www.facebook.com/privacy/policy
  • Cloudflare: for content delivery and security controls (e.g., protection against abuse and malicious traffic). Privacy: https://www.cloudflare.com/privacypolicy/

We do not sell personal data. These providers act as service providers/processors for us and are not permitted to use site data for their own independent commercial purposes.

7. International Transfers

Some providers may process data outside the United Kingdom or the European Economic Area, including in the United States. Where transfers occur, we rely on appropriate safeguards, which may include:

  • The EU-U.S. Data Privacy Framework (and the UK Extension, where applicable),
  • The Swiss-U.S. Data Privacy Framework (where applicable),
  • Standard Contractual Clauses (EU 2021/914) as a fallback,
  • UK International Data Transfer Agreement (IDTA) as a fallback.

8. Data Retention

We keep personal data only for as long as needed for the purposes described in this policy, unless a longer period is required by law. Typical retention periods include:

  • Registration submissions: up to 2 years from the last interaction, unless you request deletion earlier and no legal obligation requires retention.
  • Email correspondence: for the duration of the support relationship, plus up to 1 additional year for continuity and audit.
  • Server security logs: typically up to 90 days, unless needed longer to investigate abuse or incidents.
  • Analytics data: typically 14 months (where enabled by consent).
  • Marketing cookies: retained according to the cookie lifetime listed in our Cookie Policy (e.g., 90 days).
  • Consent records: cookie preference records may be retained for up to 3 years for audit purposes.

9. Your Rights (GDPR & UK GDPR)

If you are in the EEA or the UK, you may have the right to request:

  • Access to your personal data (Article 15)
  • Rectification of inaccurate data (Article 16)
  • Erasure of your data (Article 17)
  • Restriction of processing (Article 18)
  • Data portability (Article 20)
  • Objection to processing (Article 21)
  • Withdrawal of consent at any time (Article 7(3))
  • Lodging a complaint with a supervisory authority (Article 77)

To exercise these rights, email [email protected]. We usually respond within 30 days, though this may be extended by up to 60 additional days for complex requests.

Supervisory authority resources: EU guidance is available at https://edpb.europa.eu. UK guidance is available at https://ico.org.uk.

10. Children

This website is not directed at individuals under 16. We do not knowingly collect personal data from minors. If we learn that we have collected personal data from a child under 16 without appropriate consent, we will delete it promptly.

11. Do Not Track

This website does not respond to “Do Not Track” (DNT) browser signals. Some third-party providers may offer their own DNT handling; you should review their documentation for details.

12. Data Deletion Requests

You can request deletion of your personal data by emailing [email protected] with the subject line “Data Deletion Request”. To protect users, we may ask for reasonable verification (for example, confirming you control the email address used during registration). If deletion is granted, we aim to complete it within 30 days, unless legal obligations require limited retention.

13. Business Transfers

If we undergo a merger, acquisition, financing, reorganization, or sale of assets, personal data may be transferred to a successor entity. If such a transfer materially changes how personal data is used, we will provide notice on the website.

14. California (CCPA / CPRA)

If you are a California resident, the CCPA/CPRA may provide additional rights related to personal information. Over the past 12 months, we may have collected categories such as identifiers (name, email address, IP address, cookie identifiers), internet/network activity (pages visited, interactions), and inferences (interests or preferences derived from site usage, where permitted).

We do not sell personal information as defined by CCPA. We may share information for cross-context behavioral advertising if you enable marketing cookies, and you may opt out using our cookie preferences tools.

Rights may include the right to know, delete, correct, and opt out of sale/sharing, and the right to non-discrimination. To submit a request, email [email protected] with the subject “California Privacy Request”. We may need to verify your identity. Authorized agents must provide proof of authorization.

15. Virginia (VCDPA)

If you are a Virginia resident, you may have rights to access, correct, delete, and obtain a copy of personal data, and to opt out of targeted advertising. We do not sell personal data and we do not engage in profiling that produces legal or similarly significant effects.

To submit a request, email [email protected] with the subject “Virginia Privacy Request”. If a request is denied, you may appeal by emailing with the subject “Appeal of Refusal — Privacy Request”. We will respond to appeals within 60 days. If the appeal is denied, you may contact the Virginia Attorney General.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing [email protected] with the subject “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Policy

We may update this Privacy Policy to reflect changes in practices, technology, or legal requirements. Material changes will be announced via a website notice at least 14 days before they take effect. The “Last Updated” date at the top of this page will change whenever this policy is revised.

18. Contact

If you have questions about privacy, your personal data, or this policy, contact:

mireqvton
7 Johnston Road
Woodford Green, IG8 0XA, United Kingdom
Email: [email protected]