Privacy & Cookie Policy

1. Data Controller

For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the data controller is:

2. Information We Collect

We may collect and process the following categories of data:

• Account Information: Name, email address, and login credentials collected via Auth0 authentication.
• User Inputs and Documents: Data you upload or enter into the Application for AI analysis and search.
• Technical Information: IP address, device type, browser version, operating system, and usage patterns.
• Derived/Analytical Data: AI-generated outputs, aggregated usage statistics, and deidentified data.

3. How We Use Your Data

We process your data for the following purposes:

• To provide access to and operate the Application.
• To authenticate and secure accounts (via Auth0).
• To improve the system and develop new features.
• To produce deidentified, aggregated statistics for research and marketing.
• To comply with legal and regulatory obligations.

We do not sell your personal data to any third party.

4. Legal Basis for Processing

• Performance of a Contract (Art. 6(1)(b)): To deliver the Application’s services.
• Legitimate Interests (Art. 6(1)(f)): To ensure security, improve functionality, and monitor usage.
• Consent (Art. 6(1)(a)): For optional analytics or cookies requiring user permission.
• Legal Obligation (Art. 6(1)(c)): To comply with applicable laws.

5. Data Sharing

We only share data with trusted providers who support our services:

• Auth0 – authentication and security.
• OpenAI (ChatGPT API) – AI search and analysis.
• Other service providers – for hosting, analytics, or support.

All providers operate under GDPR-compliant contracts.

6. Cookies and Tracking

What are cookies?

Cookies are small text files stored on your device. They help us operate the site, improve performance, and understand usage.

Types of cookies we use

• Strictly Necessary Cookies – Required for authentication and security. These cannot be disabled.
• Functional Cookies – Remember preferences and settings (e.g., keeping you logged in).
• Analytics Cookies – Help us improve the system by understanding user interactions.
• Marketing/Statistics Cookies – Used only in deidentified form to produce usage statistics for marketing.

Cookie choices

On your first visit, you will see a cookie banner. You can accept all, reject non-essential cookies, or manage your preferences.

You may also disable cookies via your browser settings.

Legal basis for cookies

• Strictly necessary: Legitimate interest.
• Functional, analytics, and marketing/statistics: Consent.

Cookie retention

• Session cookies: Deleted when you close your browser.
• Persistent cookies: Stored for up to 12 months (unless you clear them sooner).

7. Data Retention

• Account data: Kept as long as you maintain an account.
• Documents and user inputs: Stored only as long as needed to provide the service.
• Deidentified/aggregated data: May be retained indefinitely, as it cannot identify you.

8. International Data Transfers

Where data is transferred outside the EEA, we apply GDPR-approved safeguards (e.g., Standard Contractual Clauses).

9. Data Security

We use technical and organizational measures to protect your data, including:

• Encryption in transit and at rest.
• Authentication via Auth0.
• Regular monitoring and access controls.

10. Your GDPR Rights

You have the right to:

• Access your personal data.
• Request correction of inaccuracies.
• Request deletion (“right to be forgotten”).
• Restrict or object to processing.
• Request data portability.
• Withdraw consent at any time.

To exercise these rights, email privacy@acceleraqa.com.

You may also contact your local Data Protection Authority in the EU.

11. Children’s Privacy

Our Application is not intended for children under 16. We do not knowingly collect data from children.

12. Updates to this Policy

We may update this Privacy & Cookie Policy from time to time. The “Last Updated” date will always indicate the latest version.