top of page
QUIPU LOGO.png

Privacy Policy

QUIPU AI PRIVATE LIMITED (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit or use our website and services available at  https://www.thequipu.com/ (the “Service”).

 

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Company Information

  • Legal Entity: QUIPU AI PRIVATE LIMITED

  • Operating Regions: United States, Finland, India, EU

  • Website: https://www.thequipu.com/

2. Information We Collect

2.1 Personal Data You Provide

 

We may collect personally identifiable information, including but not limited to:

  • First and last name

  • Email address

  • Phone number

  • Business or mailing address

  • Account credentials

  • Communications sent to us

 

2.2 Automatically Collected Information

 

When you use the Service, we may automatically collect:

  • IP address

  • Browser type and version

  • Device identifiers

  • Operating system

  • Pages visited and time spent

  • Referring URLs

  • Diagnostic and usage data

3. Cookies and Tracking Technologies

 

We use cookies and similar technologies to operate and improve the Service.

Types of Cookies We Use

  • Essential Cookies: Required for website functionality

  • Preference Cookies: Remember user settings

  • Analytics Cookies: Measure performance and usage (where permitted)

You may control cookies through your browser settings. Disabling cookies may affect certain features of the Service.

4. Legal Basis for Processing (GDPR)

 

For users located in the European Economic Area (EEA), we process Personal Data under the following legal bases:

  • Your consent

  • Performance of a contract

  • Compliance with legal obligations

  • Legitimate business interests, such as security, analytics, and service improvement

5. How We Use Your Information

 

We use Personal Data to:

  • Provide, operate, and maintain the Service

  • Create and manage user accounts

  • Communicate with users regarding updates, security notices, and support

  • Respond to inquiries and requests

  • Improve functionality and user experience

  • Monitor and analyze usage trends

  • Comply with legal and regulatory requirements

  • Support corporate transactions such as mergers or acquisitions

6. Sharing of Information

 

We may share your information with:

  • Legal authorities when required by law

We do not sell Personal Data.

7. Data Retention

 

We retain Personal Data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

8. Cross-Border Data Transfers

 

Personal Data will not be transferred across regions or jurisdictions without explicit prior approval by all involved parties, unless required by applicable law

9. Your Privacy Rights

9.1 GDPR Rights (EEA / UK Users)

 

You have the right to:

  • Access your Personal Data

  • Correct inaccurate information

  • Request deletion of your data

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time

  • Lodge a complaint with a supervisory authority

 

9.2 U.S. Privacy Rights (California Residents)

 

Under applicable California laws (CCPA/CPRA), you may:

  • Request disclosure of collected data categories

  • Request deletion of Personal Data

  • Opt out of future data selling or sharing (if applicable)

  • Exercise rights without discrimination

Requests can be made using the contact details below.

10. Data Security & Privacy

  • Security & Privacy by design: High data security & privacy controls are built into our architecture and deployment workflows by default.

  • Continuous delivery with guardrails: Our DevOps practices incorporate continuous development with security checks embedded into build/release processes to reduce risk to Personal Data.

  • Annual privacy impact review: We review security operations at least annually to assess whether any controls, incidents, or operational changes could impact Personal Data or privacy rights.

  • Event-driven reassessment: Additional reviews are performed after material security incidents or significant system/deployment changes affecting data processing.


We have established a cross-functional Privacy Committee (including representatives from Security, DevOps, and Engineering) that meets at least annually, and additionally as needed following material changes or incidents affecting Personal Data.

11. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites and encourage users to review their policies.

12. Secure Disposal of Personal Information

We maintain procedures for the secure disposal of Personal Data once it is no longer required for the purposes described in this Privacy Policy or to meet legal and regulatory obligations.

Such procedures include, as applicable:

  • Secure deletion or overwriting of electronic records

  • Encryption-aware destruction of storage media

  • Physical shredding or disposal of paper records

  • Access-controlled and audited disposal processes for sensitive systems
     

These procedures are periodically reviewed and enforced to ensure Personal Data is irreversibly destroyed and cannot be reconstructed or accessed by unauthorized parties.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date. Material changes may be communicated via the Service or email.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

© QUIPU All rights reserved.

bottom of page