Privacy Policy
⚠️ DRAFT — ATTORNEY REVIEW REQUIRED BEFORE USE. This is a comprehensive starting draft prepared to be transparent while allocating responsibility appropriately (notably, the customer firm is the "controller" of its own clients' data and bears the related obligations). It is not legal advice and must be reviewed and finalized by a licensed attorney, and localized for your jurisdiction and the laws that apply to your users (e.g. U.S. state privacy laws, and GDPR/UK GDPR if you serve those regions), before it is published or relied upon. Bracketed items — e.g. [Company Legal Name], [State], [privacy email] — must be completed.
Effective date: [DATE] · Version: v1 (draft)
This Privacy Policy explains how [Company Legal Name] ("Company," "we," "us") collects, uses, shares, and protects information in connection with the Quality Platform software and services (the "Service"). It is incorporated into and part of our [Terms of Service](TERMS_AND_CONDITIONS.md). Terms not defined here have the meaning given in the Terms of Service.
1. Our Role: Controller vs. Processor
- For information about the customer's own account and users (for example, the firm's staff who log
in), and for operating the Service, we act as a controller.
- For Customer Data that a customer uploads or generates about its own Clients (for example, a
bookkeeping firm's client financial records), the customer is the controller and we act as a processor that processes that data on the customer's behalf and under its instructions. The customer is responsible for having a lawful basis to collect and submit that data, for providing required privacy notices to its Clients, and for obtaining any required consents. Where required, a separate Data Processing Addendum ("DPA") governs our processing of such data.
2. Information We Collect
a. Information you provide
- Account and profile information — name, email, display name, role, and password (stored only as a
secure hash).
- Customer Data — the financial records, transactions, documents, tax information, and other content
you or your Users submit to or generate in the Service, which may include personal information about you, your Users, and your Clients (for example, names, contact details, and — where you choose to store them — taxpayer identification numbers or bank account numbers).
- Communications — messages, support requests, and information you provide when you contact us.
b. Information from your integrations (only when you connect them)
- Banking data via our banking-data aggregator (e.g. Plaid) — account and transaction information you
authorize.
- Email and files via Microsoft 365 / other providers — messages, attachments, and files you authorize
the Service to access.
- Payment information — processed by our payment processor; we do not store full card numbers.
c. Information collected automatically
- Usage and device data — log data, IP address, browser/user-agent, timestamps, pages/actions, and
similar technical information, used to operate, secure, and improve the Service.
- Cookies / local storage — a session cookie to keep you signed in and support security features. We do
not use third-party advertising cookies.
3. How We Use Information
We use information to:
- provide, operate, maintain, and secure the Service;
- authenticate users, prevent fraud and abuse, and detect and respond to security incidents;
- provide AI-assisted features (see Section 4);
- process transactions and billing;
- provide support and respond to your requests;
- monitor, analyze, and improve the Service and develop new features;
- comply with legal obligations and enforce our Terms.
We do not sell personal information, and we do not use Customer Data to serve third-party advertising.
4. Artificial Intelligence (AI) Features
When you use AI Features, relevant inputs (which may include Customer Data you direct the Service to process) may be sent to third-party AI providers (for example, Anthropic) to generate Output. We seek to minimize the personal information included in AI inputs and to use providers that do not train their models on our customers' data by default; the specific provider terms apply. AI Output may be inaccurate and must be independently reviewed and verified by you before use, as described in the Terms of Service. AI Features are subject to controls, including a per-client ability to disable AI, and are off by default where indicated. See our subprocessor list in Section 6.
5. How We Share Information
We share information only as follows:
- Service providers / subprocessors — vendors that help us operate the Service (Section 6), bound by
contractual confidentiality and data-protection obligations, and permitted to use the information only to provide services to us.
- At your direction — with integrations and recipients you connect or send to (for example, e-signature
recipients, or a bank/aggregator you authorize).
- Legal and safety — when we believe disclosure is required by law, regulation, legal process, or
governmental request, or is necessary to protect the rights, property, or safety of the Company, our users, or others.
- Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject
to this Policy.
We do not sell or rent personal information.
6. Subprocessors
We use the following categories of subprocessors to provide the Service. (Finalize the exact list and keep it current for your DPA.)
| Subprocessor | Purpose | |---|---| | Microsoft (Microsoft 365 / Graph) | Email and file (OneDrive/SharePoint) integration | | Plaid | Banking-data aggregation | | Anthropic | AI features (optional; off by default) | | Twilio | SMS one-time codes (planned) | | Persona / IDology | E-signature identity verification (planned, optional) | | Payment processor [name] | Billing and payments | | Hosting / infrastructure provider [name] | Application hosting, TLS |
7. Data Retention
We retain account and Customer Data for as long as your account is active and as needed to provide the Service, and thereafter as required to comply with legal, tax, accounting, and audit obligations, resolve disputes, and enforce agreements. Certain records (for example, audit logs and acceptance records) are retained for integrity and compliance purposes. After termination, we may make Customer Data available for export for a limited period and then delete or de-identify it in the ordinary course, subject to backups and legal-hold requirements. As a controller of your Clients' data, you are responsible for your own retention obligations.
8. Security
We implement administrative, technical, and organizational measures designed to protect information, including encryption of sensitive fields at rest, encryption in transit, access controls and role-based permissions, multi-factor authentication, tenant isolation, audit logging, monitoring, and backups. See our Security Overview for detail. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for safeguarding your credentials and for your Users' access.
9. Your Choices and Rights
Depending on your location and applicable law, you (or the individuals whose data is processed) may have rights to access, correct, delete, or port personal information, to object to or restrict certain processing, and to withdraw consent. For Customer Data where we act as a processor on a customer's behalf, we will refer requests to the relevant customer (controller) and assist them as required; individuals should direct such requests to the customer. For information we control, contact us at [privacy email]. We do not sell personal information or use it for cross-context behavioral advertising; where applicable, this means there is nothing to opt out of for "sale/share" under U.S. state laws. We will not discriminate against you for exercising your rights.
10. Cookies and Tracking
We use a strictly necessary session cookie to keep you signed in and to support security (for example, CSRF protection). We do not use advertising or cross-site tracking cookies, and we honor applicable "Do Not Track"/opt-out signals to the extent required by law.
11. Data Location and International Transfers
The Service is operated in [country/region]. If you access the Service from, or submit data from, other regions, you consent to the transfer and processing of information as described in this Policy. Where required, appropriate transfer mechanisms will be used.
12. Children's Privacy
The Service is a business tool not directed to children, and we do not knowingly collect personal information from children under 13 (or the age defined by applicable law). If you believe a child has provided us information, contact us and we will delete it.
13. Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will provide notice (for example, in-app or by email) and update the effective date. Your continued use of the Service after the changes take effect constitutes acceptance.
14. Contact
Questions or privacy requests: [Company Legal Name], [address], [privacy email].
_This Policy describes our practices for the Service as built. It must be finalized by counsel and kept current as the Service, subprocessors, and applicable laws change._