Our Privacy Policy

Introduction

Protecting your privacy and personal data is very important to us. We therefore only use your personal data within the scope of legal regulations, in particular the General Data Protection Regulation (GDPR). With this privacy policy, we would like to inform you about the nature, scope and purposes of the collection, use and processing of your personal data by QInsights B.V. regarding the use of our AI-Powered software application.

At the heart of our operations, QINSIGHTS, our premier AI-powered software application, is designed with an unwavering commitment to data privacy and security. Utilizing advanced large language models, our infrastructure and operational practices are meticulously crafted to align with the highest standards of data protection, particularly within the European context. This entails choosing services that fulfil the following criteria:

Security: Ensuring data is protected against unauthorized access, disclosure, and destruction.

Availability: Ensuring systems are available for operation and use as agreed upon.

Processing Integrity: Ensuring that system processing is complete, valid, accurate, timely, and authorized.

Confidentiality: Ensuring that confidential information is protected.

Privacy: Addressing the collection, use, retention, disclosure, and disposal of personal information.

Our Responsibility

At QInsights, we understand that the integrity and confidentiality of your research data are paramount. Safeguarding the privacy of your research participants and ensuring their information remains secure is a responsibility we embrace with utmost seriousness. We are dedicated to continuously advancing our security measures and refining our privacy practices to uphold and surpass the most stringent standards for data protection, specifically catering to the unique needs of researchers and research organizations

Infrastructure and Data Hosting

Our operational base in Europe signifies more than just a geographical location; it represents our dedication to upholding the stringent data privacy standards set by the European Union. QInsights is supported by a robust infrastructure, with our main application hosted at Azure. The Microsoft Azure platform adheres to some of the industry's strictest privacy standards.

Location of the data centre:  Sweden Central-Gavle

Use of LLMs

We combine various Large Language Models (LLMs) with custom-built algorithms to achieve optimal results. Currently we use the various GPT models through Microsoft Azure for the various analysis options. This might change in the future as we constantly testing what are the best solutions out there for the purpose of qualitative analysis.

Location of data centres where data is processed:

Sweden Central-Gavle & France Central-Paris

Transcription

For transcription we use Assembly AI. Assembly AI is compliant with Soc 2 Type II, ISO 27001:2022, PCI DSS and GDPR (see Trust Centre)

Our Privacy Promise

The privacy and security of your data are paramount at every stage of your interaction with QInsights. We implement advanced encryption, strict access controls, and continuous surveillance to prevent unauthorized access and potential data breaches. See also: Service Trust Portal

Our service partner Azure protects your data both at rest and in transit using various encryption methods, protocols, and algorithms, including double encryption.

  • For data at rest, all data written to the Azure storage platform is encrypted through 256-bit AES encryption and is FIPS 140-2 compliant.

  • For data in transit—data moving between user devices and Microsoft data centers or within and between the data centers themselves—Microsoft adheres to IEEE 802.1AE MAC Security Standards, and uses and enables your use of industry-standard encrypted transport protocols, such as Transport Layer Security (TLS) and Internet Protocol Security (IPsec).

  • Data is siloed from other company data in a logical order and arrangement. 

  • There are legally binding agreements in place for all third parties used by QInsights B.V. (Privacy Policy, Data Processing Addenda and NDAs).

Our service partner Azure complies with many external privacy standards, laws, and regulations, including:

the GDPR, ISO/IEC 27701, ISO/IEC 27018, EU Standard Contractual Clauses, HIPAA, HITRUST, FERPA, Japan My Number Act, Canada PIPEDA, Spain LOPD, and Argentina PDPA.

You can download our DPA here.

Your Data is Yours Alone

As users of QINSIGHTS, you may submit data to the Services ("Input") and, in turn, receive results generated from your Input ("Output"). Collectively, Input and Output constitute "Customer Content." You maintain full ownership rights over the Input and are granted exclusive ownership of the Output. Any data you provide while using our service is processed securely and never used to train or improve the underlying language models. We are committed to ensuring that your data remains confidential and is solely used to provide the services you need, not for model training or any other unintended purpose.

Your Obligations for Customer Content

You are in charge of all the information you provide (Input) and must ensure you have the necessary rights, licenses, and permissions to share this Input with our services. You alone are accountable for how you use the results (Outputs) the services give you. It's up to you to check if these outputs are accurate and suitable for your needs, which might include getting them reviewed by a person when needed.

Data Security While Connecting to Our Website

Your connections to our website and our apps are protected with encryption techniques in line with the current state of the art. The level of protection also depends on which encryption your Internet browser and/or mobile device supports. You can tell whether an individual page of our website is transmitted in encrypted form by looking at the closed key or lock symbol in the status bar of your browser. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Automatic Collection of Data via Website Access

Regardless of whether you use our paid or free service, your device automatically transmits certain data for technical reasons when you access our website qinsights.ai The following data that you may send us will be stored:

  • Date and time of access

  • Browser type and version

  • Operating system

  • Volume of data transmitted

  • Requested domain

  • Notification of successful data retrieval

  • Search term when using a web browser

  • Abbreviated/anonymized IP

  • Full IP address

  • Diagnostic information in the event of error

Processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is stored for purely technical reasons. Website access data is used for error analysis, ensuring system security, logging access to a QINSIGHTS subscription or trial version. Based on your IP address, we also use geolocation to determine the region from which you are visiting our website. We use this information to check whether we can offer you the QINSIGHTS subscription service in your region, which corresponds to our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR. The storage of the full IP address for the users of the QINSIGHTS free version for a maximum period of 14 days is also justified by our legitimate interest in achieving the listed purposes, Art. 6 para. 1 sentence 1 lit. f) GDPR. The storage of IP addresses of users of the paid QINSIGHTS subscription for the duration of the contract is justified by Art. 6 para. 1 sentence 1 lit. b) GDPR.

QInsights Newsletter

If you have signed up for our newsletter, you will receive information of the latest trends, techniques, and best practices when using AI in qualitative research about once a month. At times, we will also include information and tips on how to get the most out of our app QINSIGHTS. If you have subscribed but no longer wish to receive the newsletter, each of our emails contain an unsubscribe link at the end.

When you sign up for a free trial, purchase a license, or register for one of our webinars, we may add your email address to our newsletter to provide you with product updates, research insights, and relevant marketing communications. We do this based on our legitimate interest in keeping our users informed about the services they have engaged with.

You can opt out of receiving marketing communications at any time by clicking the 'unsubscribe' link at the bottom of any email or by contacting us at partnership@qinsights.ai

Your Rights

The following rights are granted by European Union directives and regulations. If you wish to exercise any of the rights listed below, please contact us at the above address.

  • Right to confirmation and right of access - We will gladly confirm whether we are processing any of your personal data, which data we are processing, and for what purpose we are processing it

  • Right to rectification - If any of the data we have stored is incorrect, we would certainly be happy to correct it.

  • Right to erasure - Should you wish your personal data to be deleted, we will comply with your request as far as legally possible.

  • Right to restriction of processing - Should you wish to restrict use, we will comply with your request as far as legally possible.

  • Right to withdraw your consent - Should you wish to revoke any previously granted consent, we will comply with your request. Revocation does not affect the permissibility of the processing of your data up to now

In addition, you can object to the further processing of your data if we process your data based on our legitimate interest (Art. 6 para. 1 sentence 1 lit. f), Art. 21 GDPR). If we process your data for the purpose of direct advertising, you have a general right to object. If we do not process your data for advertising purposes, the objection must be based on your particular situation.You also have the right to lodge a complaint regarding the processing of your personal data with a supervisory authority at the Dutch Data Protection Authority.

QInsights B.V., October 23, 2024