1.المعلومات التي نجمعها

We collect information you provide directly to us when you create an account, subscribe to a plan, use our services, or communicate with us. This includes:

•Account Information: Name, email address, company name, job title, and password when you register for a Qawaid account.

•Billing Information: Payment method details, billing address, and transaction history processed securely through our payment provider (Stripe). We do not store full credit card numbers on our servers.

•Usage Data: Information about how you interact with Qawaid, including rules created, decision tables configured, API calls made, evaluation logs, and feature usage patterns.

•Technical Data: IP address, browser type and version, operating system, device identifiers, time zone, and general location data derived from your IP address.

•Communication Data: Records of correspondence when you contact our support team, submit feedback, or participate in surveys.

2.كيف نستخدم معلوماتك

We use the information we collect for the following purposes:

•Service Delivery: To provide, maintain, and improve Qawaid, including processing rule evaluations, managing your account, and delivering customer support.

•Billing and Payments: To process subscriptions, send invoices, and manage your billing relationship.

•Analytics and Improvement: To understand usage patterns, diagnose technical issues, and develop new features. Usage analytics are aggregated and anonymized wherever possible.

•Security: To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activity.

•Communication: To send transactional emails (account confirmations, billing receipts, security alerts) and, with your consent, product updates and marketing communications.

•Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

3.تخزين البيانات والأمان

Qawaid takes the security of your data seriously. We implement industry-standard measures to protect your information:

•Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

•Infrastructure: Our services are hosted on enterprise-grade cloud infrastructure with SOC 2 Type II certification. Data is stored in geographically distributed data centers with redundancy and failover capabilities.

•Access Control: We enforce strict role-based access controls within our organization. Access to customer data is limited to authorized personnel who require it for their job functions.

•Monitoring: We employ continuous security monitoring, intrusion detection systems, and conduct regular penetration testing by independent third parties.

•Incident Response: We maintain a documented incident response plan. In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by applicable law.

4.خدمات الطرف الثالث

We may share your information with trusted third-party service providers who assist us in operating our platform:

•Stripe: Payment processing and billing management.

•Keycloak / Auth Provider: Identity and access management for authentication services.

•Cloud Hosting Providers: Infrastructure hosting and content delivery.

•Analytics Tools: Anonymized usage analytics to improve product experience.

•Email Service Providers: Transactional and marketing email delivery.

All third-party providers are contractually obligated to protect your data and may only use it for the specific services they provide to us. We do not sell, rent, or trade your personal information to any third parties for their marketing purposes.

5.الاحتفاظ بالبيانات

We retain your personal data for as long as your account is active or as needed to provide you with our services. Specific retention periods include:

•Account Data: Retained for the duration of your account plus 30 days after deletion to allow for account recovery.

•Evaluation Logs: Retained for the period specified in your subscription plan (30 days for Free, 90 days for Starter, 1 year for Professional, custom for Enterprise).

•Billing Records: Retained for 7 years as required by financial and tax regulations.

•Support Communications: Retained for 3 years after the last interaction.

When data is no longer required, it is securely deleted or anonymized in accordance with our data destruction policies.

6.حقوقك (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdiction with similar data protection laws, you have the following rights:

•Right of Access: You can request a copy of the personal data we hold about you.

•Right to Rectification: You can request correction of inaccurate or incomplete personal data.

•Right to Erasure: You can request deletion of your personal data, subject to certain legal exceptions.

•Right to Restrict Processing: You can request that we limit how we use your data.

•Right to Data Portability: You can request your data in a structured, machine-readable format.

•Right to Object: You can object to processing of your data for direct marketing or based on legitimate interests.

•Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at privacy@qawaid.ai. We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority.

7.ملفات تعريف الارتباط

Qawaid uses cookies and similar tracking technologies to enhance your experience:

•Essential Cookies: Required for core functionality such as authentication, session management, and security. These cannot be disabled.

•Analytics Cookies: Help us understand how users interact with our platform so we can improve the experience. These are anonymized and can be opted out of.

•Preference Cookies: Store your settings such as language, theme, and layout preferences.

We do not use advertising or third-party tracking cookies. You can manage your cookie preferences through your browser settings or our in-app cookie consent banner. Disabling essential cookies may prevent you from using certain features of the service.

8.التغييرات على هذه السياسة

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

•We will notify you via email at least 30 days before the changes take effect.

•We will post the updated policy on this page with a revised "Last Updated" date.

•We will provide a summary of key changes at the top of the revised policy.

Your continued use of Qawaid after the effective date of the updated policy constitutes your acceptance of the changes. We encourage you to review this page periodically.

9.معلومات التواصل

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

•Email: privacy@qawaid.ai

•Data Protection Officer: dpo@qawaid.ai

•Mailing Address: Qawaid, Legal Department, Dubai, United Arab Emirates.

For urgent security concerns, please contact security@qawaid.ai.

سياسة الخصوصية

جدول المحتويات