Privacy Policy

Last updated: 4/6/2026

1. Information We Collect

We collect the following categories of information:

  • Account information: Name, email address, password (hashed), and company details when you create an account or book a demo.
  • Usage data: Assessment activity, API usage, feature interactions, and performance metrics to provide and improve our services.
  • Payment information: When you subscribe or make a purchase, we collect billing details (name, email, billing address). Payment card details are processed by our secure payment provider(s) and never stored on our servers. Our payment provider(s) may collect card numbers, expiry dates, security codes, and device/behavioral data for fraud prevention.
  • Technical data: IP address, browser type, device information, and cookies to operate and secure our platform.

2. How We Use Your Information

  • To provide, operate, and improve our assessment infrastructure, APIs, and dashboards.
  • To process payments and subscriptions through our payment provider(s).
  • To send transactional emails and, with your consent, marketing communications.
  • To prevent fraud, enforce our terms, and comply with legal obligations.
  • To analyze usage patterns and develop new features.

3. Parties to Whom We Disclose Information

We share information with:

  • Payment processors — We share billing name, email, billing address, and transaction details with our payment provider(s), who act as data processors on our behalf. Card details and device/behavioral data may be collected directly by the processor for fraud prevention. Their privacy policies apply to their processing.
  • Cloud and hosting providers — To host our applications and store data securely.
  • Analytics and support tools — To improve our product and assist with support.
  • Legal and regulatory authorities — When required by law.

4. Method of Disclosure

We disclose information through secure, encrypted channels. Data shared with payment processors is transmitted via HTTPS/TLS. We use industry-standard APIs and do not sell your personal information.

5. Security Practices

  • Encryption in transit (TLS 1.2+) and at rest (AES-256 where applicable).
  • Access controls and role-based permissions.
  • Payment card data handled exclusively by our payment processor(s), which are PCI DSS compliant; we do not store card numbers.
  • Regular security assessments and monitoring.
  • Data Processing Agreements with our payment and other processors for GDPR compliance.

6. Data Retention

We retain account data while your account is active. Payment records are retained 7–10 years for tax compliance. You may request deletion where legally permitted.

7. Your Rights

You may have rights to access, correct, delete, or port your data. Contact us below. For payment-provider-related data, you may also contact the relevant payment processor directly.

8. Cookies

We use cookies and similar technologies for session management, security, and analytics. Essential cookies are required for the platform to function. You can control optional cookies via your browser settings.

9. International Transfers

Data may be transferred to the United States and other countries. We use Standard Contractual Clauses or equivalent safeguards where required.

10. Contact

XAIQUOTE LTD

For privacy inquiries: privacy@xaiquote.com

Terms of ServiceRefund PolicyBack to Home