Privacy Policy

1. Introduction

This Privacy Policy explains how QAE (Quintile Analysis Engine), operated by Simon David Hobbs, collects, uses, and protects your personal information. QAE is in pre-commercial beta development stage, with commercial launch planned for 2026.

Developer: Simon David Hobbs (UK). QAE is operated from the United Kingdom.
Website: qae.system-fundamentals.com
Contact: simon@system-fundamentals.com

2. Data Protection Compliance

QAE operates in accordance with:

GDPR (General Data Protection Regulation - EU/EEA)
CAN-SPAM Act (USA federal email marketing law)
Standard international data protection principles

3. Information Collected

3.1 Account Information

Email address (for login and communication)
First name (for personalization and identification)

3.2 Automatically Collected Technical Data

For security and subscription management purposes, the WordPress platform automatically collects:

IP addresses
Login session data (timestamps, duration, device type)
Page activity monitoring (which pages accessed, time spent)
Device information (browser type, operating system)

3.3 Payment Transaction Data

When using premium services:

Transaction ID (from Stripe)
Amount paid and currency
Transaction date and time
Product/service purchased
Payment status (successful, failed, or refunded)

3.4 What Is NOT Collected

Payment card information (handled by third-party processors)
Uploaded user data (you view reports, not upload data)
Browsing history outside this website
Location tracking beyond IP address
Sensitive personal data

4. How Information Is Used

Collected data is used solely for:

Account management - providing login access to QAE dashboard and reports
Security - preventing unauthorized access, fraud detection, monitoring suspicious activity
Subscription management - tracking active users, managing access tiers, processing payments
Communication - sending service updates, beta testing notifications, system announcements
Service improvement - understanding usage patterns to improve QAE functionality
Tax compliance - maintaining transaction records for legal requirements
Dispute resolution - providing evidence for payment disputes or access issues

QAE does NOT sell, rent, or share your personal data for marketing purposes.

QAE processes your data based on:

Contractual necessity - providing the service you requested
Legitimate interests - security, fraud prevention, service improvement, tax compliance
Consent - email communications (you may unsubscribe anytime)

6. Data Storage and Location

Web hosting: Hosting.com (United States)
Email services: MailerLite (EU-based data centers, ISO 27001 certified)
Transaction records: Google Sheets on Google Cloud (secured infrastructure)
Data security: Industry-standard encryption and access controls

Your data is stored on US-based servers with EU-based email infrastructure. All data is controlled and processed under UK law.

7. Third-Party Services

7.1 Email Communications (MailerLite)

Manages subscriber lists and email delivery
GDPR compliant, EU-based data centers
Privacy Policy: Privacy Policy - MailerLite
You control email preferences and can unsubscribe anytime

7.2 Access Modes and Data Collection

QAE offers different access modes with varying data collection:

Mode 1: Website Access with Gmail Account

Login to qae.system-fundamentals.com using individual credentials
Gmail addresses must be manually pre-approved in Looker Studio sharing settings before interactive access is granted
WordPress tracks: IP address, login sessions, page activity
Access to interactive Looker Studio dashboards (requires Google account sign-in)
Google collects data when viewing Looker Studio reports (outside QAE control)
Governed by Google's Privacy Policy: https://policies.google.com/privacy
Access to downloadable PDF reports

Mode 2: Website Access with Non-Gmail Account

Login to qae.system-fundamentals.com using individual credentials
WordPress tracks: IP address, login sessions, page activity
Access to downloadable PDF reports only (Looker Studio requires Gmail)

Mode 3: Email-Only PDF Delivery

Receive PDF reports automatically via email at each daily update
MailerLite email tracking only (opens, clicks)
No website login required
No WordPress data collection
No Google/Looker Studio interaction

7.3 Dashboard Reports (Google Looker Studio)

Interactive reports embedded via iframe (Gmail users only)
Requires Google account sign-in to view
Your Gmail address is pre-approved in Looker Studio sharing settings for access control
Google's data collection and tracking practices are outside QAE control
Governed by Google's Privacy Policy: https://policies.google.com/privacy
Alternative: Download PDF version (no Google interaction)

7.4 Website Analytics (Google Analytics)

Currently installed but not actively used
Basic usage analytics may be implemented in future
If activated, will track site usage and visitor behavior
Governed by Google's Privacy Policy

7.5 Payment Processing (Stripe)

All payments processed by Stripe, Inc.
Stripe handles and stores all payment card information
QAE never has access to your payment card details
Stripe Privacy Policy: Privacy Policy
Stripe Terms: Legal

7.6 WordPress Security and Session Management

WordPress security and session management plugins collect login and activity data for security purposes
Data includes: session information, login attempts, active user monitoring, device tracking

7.7 Payment Transaction Data

Stripe Payment Processing: Payment transactions are processed by Stripe, Inc. Stripe stores all payment card information. QAE never has access to your payment card details. Stripe's data practices are governed by their Privacy Policy: Privacy Policy

Transaction Records QAE Maintains: For tax compliance and dispute resolution, QAE stores the following transaction information:

Transaction ID (from Stripe)
Customer email address
Amount paid and currency
Transaction date and time
Product/service purchased
Payment status (successful, failed, or refunded)
Refund records (if applicable, with reason and date)

Data Storage Location: Transaction records are stored in Google Sheets on Google Cloud infrastructure with industry-standard security measures.

Data Retention:

Active transaction records: Retained for 6 years from transaction date (UK tax compliance requirement)
Refund records: Retained for 6 years regardless of customer status
Failed payment attempts: Retained for 90 days then deleted
After retention period: Records are archived or securely deleted

Your Rights: You may request your complete transaction history at any time by contacting simon@system-fundamentals.com. Records will be provided within 7 days.

MailerLite Integration: Stripe integrates directly with MailerLite for subscription management. Payment confirmation data (email, subscription tier) is shared between Stripe and MailerLite to manage your access level. Both services process this data in accordance with their respective privacy policies.

8. Cookies and Tracking Technologies

Essential cookies are used for login functionality. By using QAE, you accept these necessary cookies.

9. Your Privacy Rights

9.1 Access and Correction

You may request access to your personal data or request corrections by contacting simon@system-fundamentals.com.

9.2 Data Deletion

You may request deletion of your account and associated data. QAE will permanently delete your information within 30 days, except where retention is required by law (transaction records retained for 6 years for tax compliance).

9.3 Email Opt-Out

You may unsubscribe from emails at any time using the unsubscribe link in any email or by contacting directly.

9.4 Regional Privacy Rights

USA Residents (CAN-SPAM Act):

Right to opt-out of email communications

EU/EEA Residents (GDPR):

Right to access personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing
Right to lodge complaints with supervisory authorities

9.5 Transaction History Access

You may request your complete transaction history at any time. Records will be provided within 7 days of request.

10. Data Retention

QAE retains your data only as long as necessary:

Active accounts: Data retained while account is active
Inactive accounts: Data may be deleted after extended inactivity
Transaction records: Retained for 6 years from transaction date (UK tax compliance)
Deletion requests: Email preferences and account info deleted within 30 days; transaction records retained per legal requirements
Legal requirements: Some data may be retained longer if required by law

11. Security Measures

QAE implements security measures including:

Encrypted data transmission (HTTPS)
Secure login systems with session management
Regular security monitoring via Wordfence
Limited data retention
Access controls and authentication

However, no internet transmission is 100% secure. You use QAE at your own risk.

12. International Data Transfers

By using QAE, you acknowledge that your data may be transferred, stored, and processed in the United States and other locations, with appropriate safeguards in place.

13. Changes to Privacy Policy

QAE may update this Privacy Policy. Changes will be posted on this page with updated "Last Updated" date. Continued use after changes constitutes acceptance.

By using QAE, you consent to this Privacy Policy and data practices described herein.

15. Contact

For privacy questions, data requests, or concerns:
Email: simon@system-fundamentals.com
Developer: Simon David Hobbs

For data protection inquiries related to third-party services:

MailerLite: Privacy Policy - MailerLite
Google Services: https://policies.google.com/privacy
Stripe: Privacy Policy

**This Privacy Policy is effective as of [INSERT DATE] and governs your use of qae.system-fundamentals.com.

QAE Documentation

Quintile Analysis Engine

Support Documentation

Contact Simon David Hobbs (UK)

simon@system-fundamentals.com