Login

Cart

Your cart is empty

Privacy policy

Effective date: August 13, 2025

1) Who we are

Quantis Tool Works LLC (“Quantis”, “we”, “us”, “our”) operates this website and store.
Business location: Boston metro, Massachusetts, USA.
Contact: support@quantistoolworks.com
(If a legal entity name and mailing address differ, add them here.)

Controller: For visitors in the EEA/UK, Quantis is the data controller of personal data collected through this site. (If you appoint an EU/UK representative, list them here.)

2) Scope

This policy covers personal data collected through quantistoolworks.com and our online store (WooCommerce/Elementor), including checkout, account pages, contact forms, and newsletter sign‑ups. It also covers analytics tags we deploy via Google Tag Manager.

3) What we collect & why

We collect data to fulfill orders, provide support, run our site securely, and understand performance. Below is a concise map of categories, purposes, and legal bases.

Category

Examples

Purpose

Legal basis (GDPR)

Typical retention

Identifiers

Name, email, phone, billing/shipping address

Order processing, support, account access

Contract (Art. 6(1)(b)); Legitimate interests (6(1)(f))

7 years for transaction records (tax/audit); accounts until deletion

Payment data

Tokenized payment IDs, last4, auth results (handled by WooPayments)

Take payment

Contract; Legitimate interests

Per processor policy; we don’t store full card numbers

Commercial data

Order history, cart contents, wishlist

Fulfillment, customer service, returns/warranty

Contract; Legitimate interests

7 years for orders; wishlist until removed

Device/usage

IP, device/browser, pages viewed, events (via GA4)

Site reliability, analytics

Consent where required; Legitimate interests

26 months (typical GA setting) or per your GA retention

Marketing

Email, signup status, campaign activity (Mailchimp)

Send updates with your consent; unsubscribe anytime

Consent; Legitimate interests (transactional)

Until you unsubscribe or request deletion

Support content

Messages, attachments (e.g., photos for warranty)

Diagnose and resolve issues

Legitimate interests

3 years from last interaction, or per legal holds

Sensitive data: We do not intentionally collect sensitive categories (e.g., health, precise geolocation). Do not send sensitive data in free‑text fields.

4) Cookies & similar tech

We use cookies/pixels for core site functions and analytics. You can manage preferences any time via [Cookie Settings] (link to your consent tool).

  • Strictly necessary (always on): cart, checkout, security, consent storage.

  • Functional (optional): remembering preferences.

  • Analytics (optional): GA4 events (page views, add‑to‑cart, checkout steps).

  • Advertising (optional; only if enabled): ad pixels for prospecting/retargeting.

Do Not Track / GPC: Where supported, we honor Global Privacy Control (GPC) as an opt‑out signal for “sale/share” (see §9).

5) How we use data

  • Fulfill & support: process orders, ship via UPS/Easyship, handle returns/warranty, communicate about your purchase.

  • Operate the site: fraud prevention, debugging, security, performance.

  • Improve: aggregate analytics and A/B tests to understand what’s working.

  • Marketing (opt‑in): send newsletter updates; you can unsubscribe any time.

  • Legal compliance: tax, bookkeeping, and required disclosures.

We don’t conduct automated decision‑making that produces legal or similarly significant effects about you.

6) Sources of data

  • Direct: you (checkout, forms, account, email).

  • Automated: cookies and analytics tags on our site.

  • Third parties: payment processors, shipping partners, and the newsletter service when you opt in.

7) Sharing & disclosure

We share data with service providers who help us run the business—only what’s necessary for their services, under contract.

Key processors/sub‑processors (illustrative):

  • WooPayments (payments); Stripe may process on WooPayments’ behalf

  • WooCommerce/WordPress/Elementor (store/CMS)

  • SiteGround or your hosting provider (infrastructure)

  • Easyship and UPS (rates, labels, tracking)

  • Google Analytics 4 & Tag Manager (analytics/measurement)

  • Mailchimp (newsletter)

We may disclose information to comply with law, enforce our terms, or protect rights, property, and safety.

We do not sell your personal information for money. Some jurisdictions define “sell” or “share” more broadly (e.g., for cross‑context behavioral advertising). See §9 for your choices.

8) International transfers

We are US‑based. If we transfer data out of your region (e.g., EEA/UK), we rely on Standard Contractual Clauses (SCCs) or other lawful mechanisms with our processors. You can request a copy of relevant safeguards by contacting us.

9) Your choices & rights

Your rights depend on where you live, but we aim to honor reasonable requests from all users.

GDPR/UK GDPR (EEA/UK) rights: access, correction, deletion, restriction, portability, and objection to processing (including legitimate‑interests processing and direct marketing).
US state privacy laws (e.g., CA/VA/CO/CT): right to know, correct, delete; opt‑out of sale/share and targeted advertising; limit use/disclosure of sensitive data.

How to exercise: Email support@quantistoolworks.com with your request. We will verify identity and respond within the applicable timeframe.

Opt‑out of sale/share & targeted ads (CPRA): Use our “Do Not Sell/Share My Personal Information” link (footer) or the [Cookie Settings] tool. We honor Global Privacy Control signals where detected.

Appeals (CO/CT/VA etc.): If you disagree with our response, you may appeal by replying to our decision email. We’ll review and respond within the required period.

No discrimination: We won’t deny goods/services or charge different prices because you exercised your privacy rights.

10) Data retention

We keep personal data only as long as necessary for the purposes above and to meet legal obligations. Typical periods are listed in §3. We may keep minimal records to prevent fraud or honor suppression/opt‑out requests.

11) Security

We use reasonable administrative, technical, and physical safeguards (TLS, access controls, least‑privilege, backups). No method is 100% secure; please use unique passwords and keep them confidential.

12) Children

Our site is not directed to children under 13 (or the age of digital consent in your region). We don’t knowingly collect data from children. If you believe a child provided data, contact us to delete it.

13) Third‑party links

Our site may link to third‑party sites (e.g., Kickstarter). Their privacy practices are not covered by this policy. Review their policies before providing data.

14) Changes to this policy

We may update this policy periodically. When we post changes, we’ll revise the Effective date and, where required, notify you. Material changes will be highlighted.

15) Contact us

Questions or requests?
support@quantistoolworks.com

Jurisdiction‑specific notices

California (CCPA/CPRA)

  • We do not sell personal information for money. If we use ad pixels, that may constitute “sharing” under CPRA; you can opt out via the Do Not Sell/Share link and through [Cookie Settings] or GPC signals.

  • Categories collected (past 12 months): identifiers; commercial information; internet activity; approximate geolocation; inferences (limited).

  • Categories disclosed for business purposes: to processors listed in §7 (e.g., payments, shipping, analytics).

  • Right to know/correct/delete; right to opt out of sale/share; right to limit use of sensitive data (we do not use sensitive data for inferring characteristics).

EEA/UK

  • Legal bases: contract, consent, legitimate interests, legal obligations (see §3).

  • Transfers outside EEA/UK use SCCs or equivalent safeguards.

  • You can lodge a complaint with your local authority (e.g., ICO in the UK, or your EEA Data Protection Authority).

Nevada

  • We do not sell covered information as defined by Nevada law. You can still submit a sale opt‑out request to support@quantistoolworks.com.