Overview
At Quallie.Ai, we value your privacy and are committed to protecting your personal data. This privacy policy outlines how we collect, use, store, and share your information in compliance with the General Data Protection Regulation (GDPR).
1. Information we collect
We collect various types of personal data from you, including but not limited to:
Contact information
Name, email address, and phone number.
Account information
Username, password, profile details
Usage information
Data on how you interact with our application, including browser types, device OS, IP address, timezone and activity logs.
Communication data
Any communications you send to us, such as support requests or feedback.
2. How we use your data
We use your personal data for the following purposes:
To provide services
To create and manage your account, and to provide and personalize our services.
To improve our services
To analyze usage data to improve our application and user experience.
To communicate with you
To send you updates, notifications, and other information related to your account and our services, including marketing content.
For legal obligations
To comply with legal requirements and to protect our rights and interests.
3. Legal basis for processing
We process your personal data based on the following legal grounds:
Consent
When you have given your explicit consent for specific purposes.
Contract
When processing is necessary for the performance of a contract with you.
Legal obligation
When processing is necessary to comply with legal obligations.
Legitimate interests
When processing is necessary for our legitimate interests, provided these interests do not override your fundamental rights and freedoms.
4. Data sharing and disclosure
We do not sell or rent your personal data to third parties. We may share your data with:
Service providers
Third parties who provide services on our behalf, such as payment processing, data analysis, and customer support.
Legal requirements
When required to comply with legal obligations, such as responding to a court order or government request.
Business transfers
In connection with a merger, acquisition, or sale of all or a portion of our assets.
5. Data security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. This includes encryption, access controls, and regular security assessments.
6. Data retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Once your data is no longer needed, we will securely delete or anonymise it.
7. Your data protection rights
Under GDPR, you have the following rights regarding your personal data:
Right to access
You can request a copy of your personal data that we hold.
Right to rectification
You can request that we correct any inaccurate or incomplete data.
Right to erasure
You can request that we delete your personal data, under certain conditions.
Right to restrict processing
You can request that we limit the processing of your data, under certain conditions.
Right to data portability
You can request that we transfer your personal data to another organization or directly to you.
Right to object
You can object to the processing of your personal data, under certain conditions.
Rights related to automated decision-making
You have the right not to be subject to a decision based solely on automated processing, including profiling.
8. Changes to this privacy policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new policy on our website and updating the date at the top of this document.
9. Subprocessors
We use a small number of carefully selected third-party service providers ("subprocessors") to help us deliver, secure and improve Quallie. These companies process personal data on our behalf in order to provide the services you use (for example, hosting, file storage, AI features and transcription).
When we share personal data with subprocessors: • We only share the minimum data necessary for them to perform their services. • Each subprocessor is bound by a written data processing agreement that requires them to protect personal data to standards that are no less protective than our own. • Subprocessors may not use your personal data for their own purposes, such as selling it or using it for independent advertising. • For AI services, we do not permit customer content to be used to train general AI models for other customers. Customer data sent to our AI providers is used only to provide the Quallie features you enable.
Current subprocessors:
Bubble.io: Application hosting, main application server and database, core app functionality
Amazon Web Services (AWS): Storage of user-generated video clips
Google Cloud Run: Backend processing (e.g. vector creation, interview processing, video processing, API services)
Google Cloud Storage: Storage for vectors, transcriptions and other derived data
OpenAI: Large language model (LLM) services used to generate summaries, insights and other AI features inside Quallie
Google Gemini: AI services used to generate and refine summaries, insights and suggestions inside Quallie
AssemblyAI: Speech-to-text transcription services
Speechmatics: Speech-to-text transcription services (alternative provider)
10. Contact us
We continuously evaluate and update our security practices in response to evolving threats and technological advancements. Our commitment to security is integral to our mission, and we remain dedicated to providing a safe and secure service for all our users.
For any further information on specific queries, please contact our security team at privacy@quallie.ai