Privacy Policy

1. Scope and Updates to This Privacy Policy

This Privacy Policy applies to personal information processed by QA Guardian, including on our website, our software testing and automation platform ("Platform"), and other online or offline offerings (collectively, the "Services").

Changes to Our Privacy Policy. We may revise this Privacy Policy from time to time in our sole discretion. If there are any material changes, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use our Services after the new Privacy Policy takes effect. We recommend reviewing this page periodically.

2. Personal Information We Collect

The categories of personal information we collect depend on how you interact with us, our Services, and the requirements of applicable law. We collect information you provide to us directly and information we obtain automatically.

Personal Information You Provide Directly

Account Creation. We may collect personal information when you create an account, such as your name, email address, and username.

Purchases. We may collect personal information and details associated with your purchases, including billing details. Any payments are processed by third-party payment processors. We do not directly collect or store payment card information, but we may receive associated billing information.

Communications. We may collect personal information, such as your email address or phone number, when you request information about our Services, register for our newsletter, request customer or technical support, or otherwise communicate with us. We may record and/or annotate calls you have with us.

Surveys. We may contact you to participate in surveys. If you participate, we may collect personal information in connection with the survey.

Interactive Features. We and others who use our Services may collect personal information you submit or make available through interactive features (e.g., messaging, chat features, commenting, forums, blogs, and social media pages). Information you share through public features will be considered "public" unless otherwise required by applicable law.

Events. We may collect personal information when we attend or host conferences, trade shows, webinars, and other events.

Business Development. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities and partnerships.

Job Applications. If you respond to a job opening posted on our Services, we may collect your application, CV, cover letter, and any other information you provide.

Personal Information Collected Automatically

Automatic Collection. We may automatically collect certain information when you use our Services, such as your IP address, user settings, MAC address, cookie identifiers, mobile carrier, unique identifiers, browser or device information, location information (including approximate location derived from IP address), and Internet service provider. We may also collect information about your use of our Services, such as pages visited, links clicked, types of content you interact with, frequency and duration of activities, and other usage information.

Cookies. Cookies are small text files placed in device browsers that store preferences and facilitate and enhance your experience. We use cookies for operationally necessary functions, performance monitoring, enhanced functionality, and advertising or targeting purposes.

Pixel Tags / Web Beacons. A pixel tag is a piece of code embedded in our Services that collects information about engagement. We may include web beacons in emails to understand whether messages have been opened, acted on, or forwarded.

Analytics. We may use third-party analytics tools to process analytics information on our Services. These may include Google Analytics, LinkedIn Analytics, and similar platforms. For information on how these tools use your data and how to opt out, please visit their respective privacy policies.

Personal Information Collected from Other Sources

We may obtain information about you from other sources, such as public databases, joint marketing partners, social media platforms (such as LinkedIn and Facebook), and other third parties. Examples include social media profile information and marketing leads. If we combine information from other sources with personal information we collect through our Services, we will treat the combined information as personal information in accordance with this Privacy Policy.

3. How We Use Your Personal Information

We use your personal information for a variety of business purposes, including to provide our Services, for administrative purposes, and to market our products and Services.

Provide Our Services. We use your information to fulfill our contract with you and provide our Services, including: managing your information and accounts; providing access to platform features and functionality; answering support requests; communicating with you about your account, activities on our Services, and policy changes; processing financial information and payments; processing job applications; and allowing you to register for events.

Administrative Purposes. We use your information for: direct marketing, research and development, network and information security, and fraud prevention; detecting security incidents and protecting against malicious or illegal activity; measuring interest and engagement in our Services; improving, upgrading, or enhancing our Services; developing new products and services; ensuring internal quality control and safety; authenticating and verifying individual identities; debugging to identify and repair errors; auditing relating to interactions, transactions, and compliance; sharing personal information with third parties as needed to provide the Services; and carrying out activities required to comply with legal obligations.

Marketing and Advertising. We may use personal information to tailor and provide you with content and advertisements, including through email campaigns, custom audiences advertising, interest-based advertising, and cross-device tracking, as permitted by applicable law.

AI and Platform Improvement. We may use Client Provided Materials and other data, in aggregated and/or de-identified form, to run analytics, train machine learning models, develop AI features, and improve the quality and accuracy of our Platform and Services. This use continues on a de-identified and aggregated basis after the Term of any customer agreement.

Consent. We may use personal information for other purposes that are clearly disclosed to you at the time you provide it, or with your consent.

De-identified and Aggregated Information. We may use personal information to create de-identified and/or aggregated information, such as demographic information, device analytics, or other analyses. De-identified and aggregated information is not considered personal information and is not subject to this Privacy Policy.

4. How We Disclose Your Personal Information

We disclose your personal information to third parties for a variety of business purposes, as described below.

Service Providers. We may share your personal information with third-party service providers and vendors that assist us with the provision of our Services, including IT support, hosting, payment processing, customer service, and related services. These service providers access your information solely to perform services on our behalf.

Third-Party Services You Interact With. Certain features and functionalities of our Services may link to or allow you to interact with third-party websites, services, products, and technology ("Third-Party Services"). Any information shared with or collected by a Third-Party Service may be subject to that service's own privacy policy. We are not responsible for the processing of personal information by Third-Party Services.

Business Partners. We may share your personal information with business partners to provide you with products or services you have requested, or to jointly offer products or services.

Affiliates. We may share your personal information with our corporate affiliates for administrative purposes, IT management, or to provide services to you or support the Services we provide.

Advertising Partners. We may share your personal information with third-party advertising partners who may use it to deliver personalized advertisements to you across websites and applications in their networks. This practice is commonly referred to as interest-based advertising.

Disclosures to Protect Us and Others. We may access, preserve, and disclose any information we hold about you to external parties if we believe in good faith that doing so is required or appropriate to: comply with law enforcement or legal process (such as a court order or subpoena); protect rights, property, or safety of ourselves or others; enforce our policies or contracts; collect amounts owed; or assist with the investigation or prosecution of suspected or actual illegal activity.

Merger, Sale, or Asset Transfer. If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

5. Your Privacy Choices and Rights

The privacy choices you have about your personal information are determined by applicable law and are described below.

Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of future promotional emails. Note that you will continue to receive transaction-related emails and certain non-promotional communications regarding our Services or updates to our Terms or this Privacy Policy.

Phone Calls. If you receive an unwanted phone call from us, you may opt out of receiving future calls by following the instructions on the call or by contacting us as set forth in Section 14.

"Do Not Track." Do Not Track ("DNT") is a privacy preference that users can set in certain web browsers. We do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Cookies and Personalized Advertising. You may stop or restrict the placement of cookies on your device by adjusting your browser or device preferences. However, adjusting these preferences may cause our Services not to work properly. Cookie-based opt-outs are not effective on mobile applications; please follow platform-specific instructions for Android, iOS, or other devices. You can also learn more about targeted advertising and consumer choice by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada. You must separately opt out in each browser and on each device.

Privacy Rights. In accordance with applicable law, you may have the right to:

• Access and receive a copy of your personal information;
• Request correction of inaccurate or incomplete personal information;
• Request deletion of your personal information;
• Request restriction of or object to our processing of your personal information;
• Data portability — receive your personal information in a structured, machine-readable format; and
• Withdraw your consent to our processing of your personal information (withdrawal will not affect the lawfulness of processing before withdrawal).

To exercise any of these rights, please contact us at privacy@qaguardian.com. We will process such requests in accordance with applicable laws.

6. Security of Your Information

We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy. We implement appropriate technical and organizational measures designed to protect personal information from unauthorized access, use, disclosure, alteration, or destruction.

Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized access, use, disclosure, or loss of personal information.

By using our Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security breach, we may attempt to notify you electronically by posting a notice on our Services, by mail, or by email.

7. International Data Transfers

Our Services are hosted in the United States. All information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, the United States or other countries that may have data protection laws different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws.

Where we transfer personal information originating in the European Economic Area, Switzerland, or the United Kingdom to a country that has not been found to provide an adequate level of protection under applicable data protection laws, we may use safeguards such as the European Commission's Standard Contractual Clauses. For more information about the safeguards we use for international transfers, please contact us as set forth in Section 14.

BY PROVIDING YOUR PERSONAL INFORMATION TO US OR USING OUR SERVICES FROM OUTSIDE THE UNITED STATES, YOU ACKNOWLEDGE THAT YOUR INFORMATION MAY BE TRANSFERRED TO AND PROCESSED IN THE UNITED STATES, WHERE DATA PROTECTION LAWS MAY DIFFER FROM THOSE IN YOUR COUNTRY.

8. Retention of Personal Information

We store the personal information we collect as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

When we have no ongoing legitimate business need to process your personal information, we will delete or anonymize it, or, if deletion is not possible (for example, because information is stored in backup archives), we will securely store your personal information and isolate it from further processing until deletion is possible.

9. Supplemental Notice for California Residents

This Supplemental Notice for California Residents applies to our processing of personal information subject to the California Consumer Privacy Act of 2018, as amended ("CCPA"). The CCPA provides California residents with the right to know what categories of personal information QA Guardian has collected about them and whether QA Guardian disclosed that personal information for a business purpose in the preceding twelve months.

Categories of Personal Information We Collect and Disclose for Business Purposes:

• Identifiers (name, email, IP address) — disclosed to service providers, advertising partners
• California Customer Records categories (Cal. Civ. Code § 1798.80(e)) — disclosed to service providers
• Commercial information (purchases, transactions) — disclosed to service providers
• Internet or other electronic network activity — disclosed to service providers, advertising partners
• Professional or employment-related information — disclosed to service providers
• Inferences drawn from other personal information — disclosed to service providers, advertising partners

"Sales" of Personal Information. QA Guardian does not "sell" personal information as that term is defined under the CCPA, nor do we have actual knowledge of any sale of personal information of minors under 16 years of age.

Non-Discrimination. California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.

Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To authorize an agent, provide written authorization signed by you and your designated agent and contact us as set forth in Section 14.

Verification. To protect your privacy, we will take steps to reasonably verify your identity before fulfilling your request, which may include asking you to provide sufficient information to confirm you are the person about whom we collected personal information, or to answer questions regarding your account and use of our Services.

De-Identified Information. If we create or receive de-identified information, we will not attempt to re-identify such information, except to comply with applicable law.

To exercise your rights under the CCPA, please contact us as set forth in Section 14. We will process such requests in accordance with applicable laws.

10. Supplemental Notice for Nevada Residents

If you are a resident of Nevada, you have the right to opt out of the sale of certain personal information to third parties who intend to license or sell that personal information. Please note that QA Guardian does not currently sell your personal information as sales are defined in Nevada Revised Statutes Chapter 603A. If you have any questions, please contact us as set forth in Section 14.

11. Supplemental Notice for Virginia Residents

Under Virginia's Consumer Data Protection Act ("CDPA"), Virginia residents have certain rights regarding QA Guardian's collection, use, and sharing of their personal data. If you are a resident of Virginia, you have the right to: (1) know what personal data has been collected about you and access that information; (2) request correction of inaccuracies in your personal data; (3) request deletion of your personal data (subject to exceptions under the CDPA); (4) obtain a copy of your personal data; and (5) opt out of targeted advertising. To exercise any of these rights or to appeal a denial of a request, please contact us at privacy@qaguardian.com.

12. Children's Information

The Services are not directed to children under 16 (or other age as required by local law), and we do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided personal information on our platform without your consent, you may contact us as described in Section 14. If we become aware that a child has provided us with personal information in violation of applicable law, we will delete any personal information we have collected, unless we have a legal obligation to retain it, and will terminate the child's account.

13. Other Provisions

Third-Party Websites and Applications. Our Services may contain links to third-party websites and applications. These third-party services are not controlled by us. We encourage users to read the privacy policies of each website and application with which they interact. We do not endorse, screen, or approve, and are not responsible for, the privacy practices or content of third-party websites or applications. Providing personal information to third-party websites or applications is at your own risk.

Supervisory Authority. If your personal information is subject to the applicable data protection laws of the European Economic Area, Switzerland, or the United Kingdom, you have the right to lodge a complaint with the competent supervisory authority if you believe our processing of your personal information violates applicable law:

• EEA Data Protection Authorities (DPAs)
• Swiss Federal Data Protection and Information Commissioner (FDPIC)
• UK Information Commissioner's Office (ICO)

Session Replay and Interaction Monitoring. We may use technology to monitor how you interact with our Services. This may include which links you click, information you type into online forms, and information about your device or browser. We may utilize session replay technology to monitor and record mouse clicks and movements, keystrokes, and pages viewed. Please discontinue use of the Services if you do not consent to our collection of such information.

14. Contact Us

QA Guardian, Inc. is the controller of the personal information we process under this Privacy Policy.

If you have any questions about our privacy practices or this Privacy Policy, or to exercise your rights as detailed in this Privacy Policy, please contact us at: