Privacy Policy

Last updated: April 2026

1. Introduction

QAID ("we", "our", "the platform") is committed to protecting your personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and Quebec's Act respecting the protection of personal information in the private sector (Law 25).

This policy explains what data we collect, why, how we use it, and your rights.

2. Information We Collect

  • Account information: username, email address, display name, job title, organization, and role.
  • Analysis data: files you upload, project names, descriptions, and generated reports (CSV, PDF).
  • Support data: issue reports, support chat messages.
  • Usage data: login timestamps, security events (IP addresses logged for security purposes only).

3. How We Use Your Information

  • To provide and operate the analysis platform.
  • To send you notifications about your jobs and support requests.
  • To maintain platform security (login monitoring, rate limiting).
  • To generate audit trails for compliance purposes.

We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes.

4. Cookies

We use only essential cookies required for the platform to function:

  • Session cookie: keeps you logged in (expires after 1 hour or when you close your browser).
  • CSRF cookie: protects against cross-site request forgery attacks.

We do not use analytics, tracking, or advertising cookies.

5. Data Retention

We retain your analysis data (uploaded files, job results, reports) for one (1) year from the date of submission. After this period, data is automatically and permanently deleted from our servers.

Your account information is retained as long as your account is active. You may request deletion at any time (see Section 7).

6. Data Storage & Security

Your data is stored on secured infrastructure with encryption in transit (TLS/HTTPS) and access controls. File uploads are stored in S3-compatible object storage. We implement login rate limiting, session hardening, and security logging.

7. Your Rights

Under PIPEDA and applicable Canadian privacy law, you have the right to:

  • Access your data: You can download all your personal data from your Profile page at any time.
  • Delete your account: You can permanently delete your account and all associated data from your Profile page.
  • Opt out of email notifications: You can disable email notifications in your Profile settings.
  • Withdraw consent: You may stop using the platform and delete your account at any time.

8. Email Communications

We may send you email notifications about your analysis jobs, support requests, and issue updates. You can opt out of all email notifications in your Profile settings. Disabling email does not affect in-app notifications.

9. Third Parties

We do not share your personal data with any third parties for marketing or analytics. Our infrastructure providers (hosting, storage) process data solely to operate the platform under strict data processing agreements.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via in-app notification. Continued use of the platform after changes constitutes acceptance.

11. Contact

For privacy inquiries, data requests, or complaints, contact your organization administrator or the platform administrator.