Privacy Policy

Dear User,
below you will find all the information required by Article 13 of the European Data Protection Regulation (EU Reg. 2016/679 – GDPR) on the processing of personal data carried out through this Friendboost website. Through reading this document you will be able to know what data is collected, how it is used, transferred, communicated and stored by the site, how long it is kept and what rights you can exercise.


In order to better understand all the information that is contained in this document and that every User has the right to know in a clear and transparent manner, we are going to provide you here with a simple but detailed explanation of what is meant by personal data. With reference to a natural person, personal data means that information by means of which that person is or can be identified, such as his or her habits, lifestyle, personal relationships, state of health, economic situation, etc.
This identification may take place in two ways
– directly: e.g. personal data (first name and surname) and images:
– indirectly: – indirectly: for example, telephone number, tax code, IP address, e-mail address, license plate number, credit card details, etc.
These just listed are called ‘common’ personal data.
There are also so-called ‘special’ or ‘sensitive’ data, which are genetic data, biometric data, data relating to health, life or sexual orientation, data revealing racial or ethnic origin, religious or philosophical beliefs, political opinions and trade union membership.
There are also the so-called ‘judicial’ data, i.e. those revealing criminal convictions, security measures or the status of accused or suspected person, Finally, very significant personal data are those relating to electronic communications (Internet or telephone) and those allowing geolocation, providing information on places frequented and movements.


– The Data Controller.
The GDPR indicates in the so-called. Data Controller (which can be a natural or legal person) the main interlocutor in matters of personal data, the one who has full and total responsibility for these data, as he is the person who decides ‘why’ and ‘how’ the data must be processed, without receiving instructions from others. The Data Controller has, in particular, the duty to facilitate the user in the exercise of his/her rights, granting his/her requests, when legitimate, and providing negative feedback, when deemed unfounded.
The Data Controller of this site is the company QDIVISION LTD, with registered office at Suite 4.01 Ormond Building 31-36 Ormond Quay Upper Arran Quay Dublin 7 D07 F6DC, which can be contacted at the following email address:
The Data Controller may entrust others (individuals or companies) with certain processing of personal data, but such parties must be specifically designated as Data Processors (Art. 28 GDPR) and receive clear and precise instructions on how to process the data, guaranteeing, in turn, adequate standards of security and lawfulness in the processing/treatment entrusted to them.


The rights you can exercise to protect your personal data are contained in Articles 15 et seq. of the GDPR.
In particular, you have the right to:
– access to Your personal data, to request their rectification, updating and deletion or restriction, if incomplete, incorrect or collected in violation of the law;
– oppose the processing for legitimate reasons or obtain the portability of your data;
– obtain confirmation as to whether or not personal data concerning you exist, even if not yet recorded, and communication of such data in intelligible form.
You also have the right to obtain
a) the indication
– the origin of the personal data
– of the purposes and methods of the processing
– of the logic applied in the event of processing carried out with the aid of electronic instruments;
– the identification details of the Data Controller, of the Data Processor(s) (internal/external) and of the entities or categories of entity to whom or which the personal data may be communicated or who or which may get to know said data in their capacity as Authorized Parties
b) the updating, rectification or integration of their data within the limits of their relevance to the activity carried out by the Controller
c) the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose storage is not necessary in relation to the purposes of processing
d) certification to the effect that the operations as per letters b) and c) have been notified to the entities to whom or which the data were communicated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
You also have the right to object, in whole or in part
e) on legitimate grounds, to the processing of personal data concerning you, even though they are relevant to the purpose of the collection;
f) to the processing of personal data concerning you for the purpose of sending the newsletter for promotional purposes.

– How you can exercise your rights.
You may send your request to the Data Controller at the following e-mail address: You do not have to comply with any particular formality for this request, which you may also send via a person appointed by you and which you may renew for justified reasons. The Data Controller shall provide its acknowledgement as soon as possible, and in any event, no later than one month from receipt of the request (this period may be extended by two months, depending on the complexity and number of requests).
Should you fail to receive such response or should you not agree with it, you have the right to lodge a complaint with the Autorithy of Data Protection.


In order to make our Friendboost site accessible and fully functional in its various services, we use the following common personal data
first name, last name, email address, Shopify store link.
Some of this data is provided to us directly by Users, while other data is derived from Users’ navigation, cookies and navigation tracking systems. All the information on how we use such systems and cookies, in particular, is available in another document, which is called Cookie Policy (INSERT LINK), a document in which you will also find indications on how to refuse certain types of cookies and, in general, the list with explanations of the types of cookies used by us and by third party companies.
The categories of persons to whom this data belongs and with whom we interact for our services are:
– Those who, by browsing our Friendboost site, decide to become Partners.
– Those who browse our site or request information via the help desk on our site.
– Those who would like to request a demo of the Friendboost app.

a) To get more information about the Friendboost App, or request to become a Friendboost partner
Through the “Contact Us” section of the website, or through the “Become a Partner” field, the User can contact the Company by filling in the form therein. By doing so, you consent to the processing of the data that you provide, as well as any other data that you intend to provide in order to make direct contact with the Company and request further information about the services offered.
The legal basis for the processing of personal data for this purpose is set out in Article 6(1)(b) of the GDPR (performance of a contract or pre-contractual measures), as the processing is necessary for the provision of services or to meet the requests of the data subject and does not require his or her consent.
Personal data may be freely provided by the User.
If the User refuses to provide them, it may be impossible to provide the service. In cases where certain data are indicated as optional, Users are free to refrain from communicating such data, without this having any consequence on the availability of the service or its operation.
Users in doubt as to which data are mandatory are encouraged to contact the Controller.
b) To request a demo of the Friendboost App
c) To comply with obligations under applicable laws, regulations or EU legislation, or to comply with requests from the Authorities.
The legal basis for the processing of personal data for this purpose is set out in Article 6(1)(c) of the GDPR (“processing is necessary for compliance with a legal obligation to which the controller is subject”).
(d) For legal defence.
The User’s Personal Data may be used by QDivision, in court or in the preparatory stages of its possible establishment for the defence against abuse by the same User, in the use of the website or related services.
e) For purposes of statistical research/analysis aimed at measuring the functioning of the Site, measuring traffic and assessing usability and interest. These researches and analyses concern aggregated or anonymous data, for which it is not possible to identify the User. This type of processing can, therefore, be freely carried out by the Data Controller because it is not based on personal data.
The provision of Personal Data for the purposes listed above is optional, but failure to provide it may make it impossible for the Company to fulfil a request or comply with a legal obligation to which it may be subject.

For the purposes of the processing described in this notice, we may share your personal data with:
– persons authorized (art. 29 of the GDPR) by the Data Controller to process personal data to carry out activities strictly related to the provision of the services of this site, who are directly employed by the Data Controller, and who have committed themselves to confidentiality or are otherwise subject by law to an obligation of confidentiality;
– the so-called Data Processors/sub-Processors (art. 28 GDPR), i.e. subjects, individuals and companies, who cooperate with the Data Controller for the pursuit of the various processing purposes, including those who work on the Friendboost App, manage it, those who are delegated to carry out technical maintenance activities on the IT networks, to manage and/or carry out activities of necessary support to the services provided;
– subjects, entities or authorities to whom it is mandatory to communicate personal data under provisions of law or orders of the Authorities.
The Persons in charge/sub-responsible for the processing of personal data, as well as the Authorized Persons, are all appointed by formal deed and indicated in a specific list. If you wish to have further information on these subjects, do not hesitate to write to the Controller at the following e-mail address:


Data are processed and stored for the time required by the purposes for which they were collected. The Personal Data provided for the provision of the services offered by this website will be kept for the period of time required for the provision of such services, within the timeframe provided for and allowed by the European legislation to protect its interests.
Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied.
In general, all data processed on the basis of your consent will be retained until such consent is revoked by you. The Controller may, however, be obliged to retain personal data for a longer period in compliance with a legal obligation or by order of an Authority.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised.
Further information on the data retention period and the criteria used to determine this period may be requested by you from the Data Controller at the following e-mail address:

Personal data collected through this site are processed at the Data Controller’s premises and in any other place where the persons involved in the processing, whether authorized or responsible/sub-processors, are located. The transfer of your personal data and that of Users outside the EU, where necessary for the provision of the services/products of this site, takes place exclusively to non-EU countries that ensure levels of protection appropriate to the privacy regulations in force. For further information, please contact the Data Controller.
QDivision does not transmit personal data to non-EU countries or international organizations. For the storage of the data collected, the Company uses servers located on European territory.

The data are collected in compliance with the principle of minimization of the data processed (only the data strictly necessary to provide the services requested or achieve the other purposes specified herein are acquired). The processing of personal data by the Company is carried out by means of manual, computerized and telematics tools with logic strictly related to the aforementioned purposes. Processing operations are carried out in such a way as to guarantee the security of data and systems. Adequate security measures are adopted in order to reduce to a minimum the risks of destruction or loss, even accidental, of the data themselves, of unauthorized access, of processing that is not permitted or does not conform to the purposes indicated in this information notice. The security measures adopted, however, do not make it possible to absolutely exclude the risks of interception or compromise of personal data transmitted by telematic means. We therefore invite you to check that your device (PC, smartphone, tablet, etc.) is equipped with software systems suitable for the protection of telematic data transmission, both incoming and outgoing (such as, for example, up-to-date antivirus systems, firewalls and anti-spam filters).

QDivision reserves the right to make changes or update the content of this policy, including as a result of possible changes in applicable legislation. You will be informed of these changes when they are introduced and they will have binding effect at the time of their publication on the Site. Therefore, in order to be aware of the most updated version of the Privacy Policy, we invite you to regularly visit this section of the Site so that you will be constantly informed on the use and types of data collected by the Controller.

Privacy Policy updated to 15 November 2023