Privacy Policy

Your privacy is important to us. This policy explains how QI Labs collects, uses, and protects your personal information, in full compliance with GDPR and other privacy regulations.

1. Introduction & Who We Are

QI Labs is an independent, AI-native boutique advisory firm specializing in data and AI emergency response. We take your privacy seriously and are committed to protecting your personal data.

Data Controller: QI Labs
Contact: privacy@qilabs.ai

2. What Data We Collect

We collect personal data only when necessary and through legitimate means:

  • Contact Form Data: Name, email address, company, phone number, and message content when you submit an inquiry
  • IP Address & Device Information: Automatically collected through standard web server logs for security and analytics
  • Cookies: We use only essential cookies required for site functionality
  • Engagement Data: If you become a client, we collect relevant information necessary to provide our services

3. How We Use Your Data

We use your personal data only for the following purposes:

  • Responding to your inquiries and service requests
  • Providing our advisory and incident response services
  • Improving our website functionality and user experience
  • Complying with legal and regulatory obligations
  • Preventing fraud and ensuring website security

We do not use your data for marketing purposes without your explicit consent. We will never sell your personal information to third parties.

4. Data Sharing

We do not sell, trade, or share your personal data with third parties for their own marketing purposes. However, we may share data only when necessary with:

  • Data Processors: Service providers (hosting, email, analytics) under strict data processing agreements
  • Legal Requirements: Law enforcement or regulatory authorities when legally required
  • Professional Partners: Third-party specialists engaged to assist with your case (under NDA)

5. Data Retention

We retain your personal data only for as long as necessary:

  • Contact Inquiries: 2 years from last contact (for legal liability purposes)
  • Client Engagement Data: 7 years after engagement ends (for legal compliance)
  • Website Logs: 90 days for security monitoring

After this period, data is securely deleted unless we're legally required to retain it.

6. Your Privacy Rights (GDPR)

Under GDPR and similar privacy laws, you have the following rights. To exercise any of these, please contact privacy@qilabs.ai:

  • Right to Access: Receive a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal obligations)
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Opt-out of certain processing activities
  • Right to Withdraw Consent: Withdraw consent at any time (doesn't affect prior processing)

We will respond to all requests within 30 days as required by law. If you're unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.

7. Cookies Policy

Our website uses minimal cookies focused solely on functionality:

  • Essential Cookies: Required for site operation and security
  • No Tracking: We do not use analytics, advertising, or third-party tracking cookies

Most browsers allow you to refuse cookies or alert you when a cookie is being set. If you disable cookies, some features may not function properly.

8. Security Measures

We implement comprehensive security measures to protect your personal data:

  • SSL/TLS encryption for all data in transit
  • Secure authentication and access controls
  • Regular security audits and vulnerability assessments
  • Employee training on data protection
  • Secure data deletion procedures

While we employ industry-standard security practices, no system is completely secure. If you believe your data has been compromised, please contact us immediately.

9. International Data Transfers

If we transfer your data internationally, we do so using lawful mechanisms such as Standard Contractual Clauses (SCCs) as required by GDPR. Your data is protected to the same standard regardless of location.

10. Contact for Privacy Matters

If you have questions about this policy or how we handle your personal data, please contact us:

Email: privacy@qilabs.ai
Web: qilabs.ai

11. Updates to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of any material changes via email or prominent notice on our website. Your continued use of our services indicates acceptance of the updated policy.

Last Updated: February 2026