QUANTRAMA
Get API Key

Privacy Policy

Last updated: January 19, 2025

1. Introduction

QUANTRAMA ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our quantum security assessment platform.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, company name, billing information
  • Scan Targets: Domain names, IP addresses, and system information you choose to scan
  • Communications: Support requests, feedback, and correspondence with our team

2.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, scan frequency
  • Device Information: Browser type, operating system, IP address
  • Cookies: Session identifiers and preferences (see Cookie Policy below)

2.3 Scan Result Data

  • Cryptographic Inventory: TLS versions, cipher suites, certificate details
  • Vulnerability Data: Identified quantum-vulnerable cryptography
  • Compliance Scores: Framework mapping results (NIST, PCI-DSS, etc.)
  • Internal Agent Data: For Professional/Enterprise tiers, cryptographic libraries and certificates on your systems

3. How We Use Your Information

We use collected information for:

  • Service Delivery: Perform quantum vulnerability scans and generate reports
  • Account Management: Create and maintain your account, process payments
  • Communication: Send scan results, security alerts, product updates
  • Improvement: Analyze usage patterns to enhance our platform
  • Security: Detect fraud, abuse, and security incidents
  • Legal Compliance: Meet regulatory requirements and respond to legal requests

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data in the following circumstances:

4.1 With Your Consent

We share information when you explicitly authorize us to do so, such as when using Partner API white-label features.

4.2 Service Providers

We work with third-party service providers for:

  • Payment processing (Stripe)
  • Email delivery (Resend)
  • Cloud infrastructure (Vercel, Supabase)
  • Analytics (usage metrics only, no PII)

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5. Data Retention

We retain your information as follows:

  • Free Tier: Scan results retained for 90 days
  • Professional Tier: Scan results retained for 1 year
  • Enterprise Tier: Scan results retained for duration of contract + 2 years
  • Account Data: Retained until account deletion request
  • Billing Records: Retained for 7 years per tax requirements

6. Data Security

We implement industry-standard security measures:

  • Encryption: TLS 1.3 in transit, AES-256 at rest
  • Access Controls: Role-based access, multi-factor authentication
  • Infrastructure: SOC 2 compliant hosting providers
  • Monitoring: 24/7 security monitoring and incident response
  • Regular Audits: Annual penetration testing and security audits

7. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your scan results in JSON or PDF format
  • Objection: Opt out of marketing communications
  • Restriction: Request limited processing of your data

To exercise these rights, contact us at privacy@quantrama.com

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Session management, authentication (required)
  • Functional Cookies: Remember preferences and settings
  • Analytics Cookies: Understand usage patterns (anonymized)

You can control cookies through your browser settings. Disabling essential cookies may limit platform functionality.

9. International Data Transfers

Your data may be processed in Singapore and other countries where our service providers operate. We ensure adequate protections through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements (DPAs) with all vendors
  • Adherence to GDPR, CCPA, and PDPA requirements

10. Children's Privacy

QUANTRAMA is not intended for users under 18. We do not knowingly collect information from children. If we learn we have collected data from a child, we will delete it immediately.

11. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale (we do not sell personal information)
  • Right to deletion
  • Right to non-discrimination for exercising privacy rights

12. GDPR Compliance (EU/UK Users)

Our legal basis for processing your data:

  • Contract Performance: Providing scan services you requested
  • Legitimate Interest: Platform improvement, fraud prevention
  • Consent: Marketing communications (opt-in required)
  • Legal Obligation: Compliance with laws and regulations

13. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email and by posting a prominent notice on our platform. Continued use after changes indicates acceptance.

14. Contact Us

For privacy-related questions or concerns:

Email: privacy@quantrama.com
Data Protection Officer: dpo@quantrama.com
Address: QUANTRAMA Privacy Office, Singapore

← Back to Home