Effective Date: [Insert Date]
At Qlarr, we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your data, and how we ensure compliance with the General Data Protection Regulation (GDPR).

1. Information We Collect
We may collect the following types of information when you use Qlarr:
a) Personal Information
Name, email address, and other contact details provided during registration or communication with us.
Billing information, if applicable.
b) Survey Data
Data you collect through surveys created on our platform, including responses and metadata.
You remain the data controller for this information, and Qlarr processes it on your behalf as a data processor.
c) Device & Usage Information
IP address, browser type, operating system, device model, and usage patterns.
Error logs and crash reports to diagnose and improve platform performance.
d) Cookies & Tracking Technologies
Cookies and similar technologies are used to analyze traffic, remember preferences, and enhance the user experience.

2. Legal Basis for Processing
We process your personal data based on one or more of the following lawful bases:
Consent: When you explicitly agree (e.g., for marketing or cookies).
Contractual Necessity: To provide you with the services you’ve requested.
Legitimate Interests: To improve and maintain our platform and ensure its security.
Legal Obligations: To comply with legal or regulatory requirements.

3. How We Use Your Information
We use your data to:
Provide and improve our services.
Communicate with you about updates, offers, and support.
Monitor platform performance and resolve technical issues.
Ensure compliance with legal and regulatory requirements.

4. Data Ownership
Survey Data: You retain full ownership of your survey data. Qlarr does not access or share your data unless explicitly authorized by you.
Open-Source Platform: If you use our self-hosted option, all data remains fully within your control.

5. Data Subprocessors
To deliver our services, we may work with trusted third-party subprocessors. These subprocessors assist with hosting, analytics, and other operational needs. Each subprocessor is carefully vetted to ensure GDPR compliance.

Subprocessors List:
[Subprocessor Name]: Hosting services, [Data Location].
[Subprocessor Name]: Analytics services, [Data Location].
[Subprocessor Name]: Customer support tools, [Data Location].

6. Data Retention
We retain your personal data only as long as necessary to:
Provide our services.
Comply with legal obligations.
Resolve disputes.
Specific Retention Periods:
Survey Data: Retained for [Insert Time Period] unless deleted by you or upon your request.
Account Information: Retained while your account is active or as required by law.
Usage Data: Retained for [Insert Time Period] for analytics and troubleshooting purposes.

7. Your Rights
Under GDPR, you have the following rights:
Access: Request a copy of your personal data.
Correction: Correct inaccurate or incomplete data.
Deletion: Request deletion of your data where applicable.
Restriction: Restrict processing of your data in certain cases.
Data Portability: Receive your data in a structured, machine-readable format.
Objection: Object to data processing, such as for direct marketing.
Withdraw Consent: If data is processed based on consent, you can withdraw it at any time.
As the data controller of survey data, you are also responsible for ensuring GDPR compliance for the data you collect.
To exercise these rights, contact us at [Insert Contact Email].

8. Data Security
We implement industry-standard measures, including encryption and secure servers, to protect your personal data. While we work hard to safeguard your information, no system is entirely secure, so please use our platform responsibly.

9. International Data Transfers
Qlarr ensures that any data transfers outside the European Economic Area (EEA) comply with GDPR.
Data Storage Locations: Data is stored in [Insert Data Storage Locations].
Safeguards: We use Standard Contractual Clauses (SCCs) and other safeguards to protect data during international transfers.

10. Data Breach Notification
In the event of a data breach affecting your personal information, we will:
Notify the relevant supervisory authority within 72 hours, as required by GDPR.
Inform affected users promptly with details of the breach and steps taken to mitigate it.

11. Cookies Policy
Qlarr uses cookies to:
Analyze usage patterns and optimize platform performance.
Remember user preferences for a personalized experience.
Track anonymous data for troubleshooting and analytics.
Cookie Consent Banner: Upon visiting our platform, you will see a cookie consent banner that allows you to:
Accept all cookies.
Manage specific cookie preferences.
Withdraw consent at any time through your browser settings or our cookie management tool.

12. Updates to this Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Any updates will be posted here, and the “Effective Date” will be revised.

13. Contact Us
If you have any questions, concerns, or requests about this Privacy Policy, please contact us at:
Email: [Insert Contact Email]
Address: [Insert Company Address]