Privacy Policy

The data controller responsible for the processing of your personal data is the Operator of this Site, hereafter referred to as “Queen Daralis”. Requests related to this Policy can be sent through the Contact page.

This Privacy Policy applies to personal data collected through this website and the services offered on it. It is drafted in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and applicable national legislation.

• Booking & contact data: name, email address, optional Telegram handle, message content, chosen time slot.
• Custom-request data: the information you voluntarily provide in the custom-request form (request type, budget, deadline, description).
• Payment data: transaction identifiers and billing information processed directly by Stripe. We do not store or have access to your full card details.
• Technical data: IP address, browser type, device type, timestamps, and basic interaction data, used for security, anti-spam, and service reliability.

• Provision of services (booking sessions, processing custom requests, delivering content) — performance of a contract, Art. 6(1)(b) GDPR.
• Payment processing and accounting — legal obligation, Art. 6(1)(c) GDPR.
• Security, fraud prevention, anti-spam (including honeypot, time-based checks, and rate limiting) — legitimate interest, Art. 6(1)(f) GDPR.
• Communication and customer care — performance of a contract or legitimate interest, Art. 6(1)(b) or (f) GDPR.

To operate the Site and deliver its services, we rely on the following third-party providers. Each provider processes the data indicated below in accordance with its own privacy policy and terms:

• Stripe Payments Europe, Ltd. — processes payment information (transaction identifiers and billing details) when you make a purchase. Stripe is PCI-DSS Level 1 certified. We do not store or have access to your full card details. For more information, see Stripe’s privacy policy.
• Calendly LLC — processes your name, email address, and chosen time slot when you book a session through the embedded scheduling interface or a Calendly link. For more information, see Calendly’s privacy policy.
• Telegram, Fansly, OnlyFans — subscription content distribution; any data you share on these platforms is governed by their respective privacy policies.
• Vercel Inc. — the Site is hosted on Vercel’s secure infrastructure. Vercel may process technical data (such as IP addresses and request logs) strictly for the purpose of hosting and delivering the Site.

Where data is transferred outside the European Economic Area, the transfer is covered by Standard Contractual Clauses or another lawful safeguard under Chapter V of the GDPR.

• Booking and custom-request data: retained for the duration of the service relationship and up to 24 months thereafter for customer-care and dispute-resolution purposes.
• Accounting and payment records: retained for the period required by applicable tax and commercial law (typically 10 years in the EU).
• Anti-spam and security logs: retained for a maximum of 12 months.

You have the right, under the conditions set out in the GDPR, to:

• access your personal data (Art. 15);
• obtain rectification of inaccurate data (Art. 16);
• request erasure (“right to be forgotten”, Art. 17);
• obtain restriction of processing (Art. 18);
• data portability (Art. 20);
• object to processing based on legitimate interest (Art. 21);
• withdraw consent at any time, where processing is based on consent (Art. 7);
• lodge a complaint with your local supervisory authority (Art. 77).

To exercise any of these rights, please use the Contact page. We respond within thirty (30) days.

The Site itself uses only strictly necessary cookies and similar technologies required for navigation, security, and core functionality. We do not currently deploy advertising, analytics, or cross-site tracking cookies.

When you interact with embedded third-party services such as Calendly or Stripe Checkout, those providers may place their own cookies or use similar technologies on your device. These cookies are governed by the respective provider’s privacy and cookie policies, not by this Policy. We do not control the specific cookies set by these services.

Should we introduce additional cookies in the future (for example, analytics or marketing tools), we will update this Policy and, where required by law, provide a consent mechanism before any non-essential cookies are placed.

We implement technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. Payment data is handled exclusively by Stripe over encrypted channels (TLS).

The Site and all services are strictly reserved for adults aged 18 or older. We do not knowingly collect personal data from minors. Any data inadvertently collected from a minor will be deleted upon notification.

This Policy may be updated to reflect changes in our practices or legal obligations. The “Last updated” date at the top of this page reflects the latest revision.