Privacy Policy - Quantora Innovations (Continuum)

1. Summary / Quick Overview

Quantora Innovations ("Quantora", "we", "us") built Continuum - a cloud-based traceability platform for the manufacturing industry. This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, the rights of individuals, and how we protect personal data in accordance with applicable laws in India (including the Digital Personal Data Protection Act, 2023) and other applicable laws.

2. Scope

This policy applies to personal data that we collect when you:

• Register for or use Continuum (customers and end-users);
• Visit our website(s) and marketing pages;
• Interact with our support, sales, and events; or
• Apply for jobs with Quantora.

It covers data about identifiable natural persons (employees, users, customers, contractors, job applicants, website visitors). It does not apply to aggregated or anonymized data that cannot reasonably identify an individual.

3. Definitions

• Personal Data: Any information relating to an identifiable natural person.
• Data Fiduciary: Quantora Innovations, as the organization determining the purpose and means of processing personal data.
• Processing: Any operation performed on personal data (collecting, storing, using, transferring, deleting).

4. What Categories of Personal Data We Collect

We collect only the personal data required to provide our services. Typical categories:

Account and customer data

• Contact name, job title, corporate email, business phone, company name, billing address, purchase and subscription details, contract documents.

End-user / operator data

• Usernames, work email addresses, phone numbers, role/permissions, device IDs and user activity inside Continuum (audit logs to support traceability and compliance).

Technical and usage data

• IP address, browser / device type, login timestamps, cookies, telemetry required to operate and secure the service.

Support and communications

• Support tickets, call recordings (if any), chat transcripts, and any diagnostic information you provide.

Employment and candidate data

• CV, contact details, educational and employment history, references, interview notes (if you apply for a role).

Sensitive categories

• We do not intentionally collect sensitive personal data (for example: health, caste, religion) unless explicitly required and lawfully processed with additional safeguards and consent.

5. Legal Bases for Processing (Why We Process)

• Contractual necessity: To perform and deliver Continuum and related services (billing, support, user administration).
• Consent: Where required (for marketing, certain cookies, or sensitive categories).
• Legal obligation: To comply with laws, audits, tax, and regulatory requests.
• Legitimate interests: Platform security, fraud detection, and product improvement - balanced against individual rights.

6. How We Use Personal Data (Primary Purposes)

• Provide, operate, maintain and improve Continuum.
• Billing, invoicing, subscription management and collections.
• Customer support, incident management, and troubleshooting.
• Security, fraud prevention and compliance.
• Communications including service notices, administrative messages, and marketing (where consented).
• HR recruitment and employment administration.
• Legal and regulatory compliance.

7. Cookies, Tracking and Analytics

We use cookies and similar technologies to enable platform functionality, remember preferences, and analyze usage. For non-essential cookies (analytics/marketing), we obtain consent where required and provide opt-out mechanisms.

8. Data Minimization and Retention

We collect and retain only the data needed for the purposes described. Typical retention periods:

• Account and billing: during contract plus statutory period (typically 7 years for tax/audit, subject to local law).
• Support logs and communications: up to [X years] unless otherwise requested.
• Audit logs/traceability data: per customer retention settings and legal/compliance obligations.
• Job applicant data: [12-24 months] unless you request deletion sooner.

9. Data Security

We maintain administrative, technical and physical safeguards designed to protect personal data, including encryption in transit, encryption at rest where feasible, access controls, testing, patch management, logging and monitoring.

10. International Transfers

If personal data is transferred outside India, we ensure transfers are made under adequate safeguards consistent with applicable law and with contractual protections.

11. Disclosure to Third Parties

We may share personal data with:

• Service providers/sub-processors who perform services on our behalf.
• Affiliates and corporate vendors as necessary to provide services.
• Law enforcement, regulators, or courts when required by law.
• Buyers/counterparties in the event of a business sale or reorganization, with safeguards.

We do not sell personal data.

12. Data Subject Rights

Subject to law and identity verification, Quantora will honor requests to:

• Confirm whether we process your personal data and provide access.
• Rectify inaccurate or incomplete data.
• Request deletion/erasure (subject to legal obligations).
• Port data in a machine-readable format where applicable.
• Withdraw consent where consent is the legal basis.

To exercise rights, contact our Data Protection Officer at: [DPO name and email] or use the portal link: [portal URL].

13. Breach Notification

In the event of a personal data breach, we will follow applicable law and notify affected individuals and regulators where required.

14. Children's Data

Continuum is intended for business and industrial users. We do not knowingly collect personal data from children (under 18).

15. Data for Traceability and Audit Logs (Special Note)

Traceability and audit logs are core to Continuum's value proposition. Logs may include user identifiers and process data required for compliance and audits. Customers control much of this data via contractual settings.

16. Service Agreements and Customer Controls

For enterprise customers, data processing terms are governed by the Master Subscription Agreement (MSA) and Data Processing Addendum (DPA).

17. Changes to This Policy

We may update this Policy to reflect legal, technical, or business changes. For material changes, we will provide clear notice.

18. Contact and Grievance Officer

Quantora Innovations

• Address: Quantora Innovations, Kodigehalli, Bangalore, Karnataka 560097
• Email for Privacy & Grievance Matters: quantorainnovations.info@protonmail.com
• Alternate Contact: quantorainnovations.info@protonmail.com

If you have a complaint about our handling of your personal data, please contact the Grievance Officer.

19. Governing Law and Enforcement

This policy is governed by the laws of India, including the Digital Personal Data Protection Act, 2023, and other applicable statutes.