QuerySignal (“QuerySignal”, “we”, “us”) provides a website and web application (together, the “Services”). This Privacy Policy explains what personal data we collect, how we use it, and the choices you have. “Personal data” means any information relating to an identified or identifiable natural person, for example your name or email address.

If you use our Services, you acknowledge that we will process your personal data as described in this Privacy Policy.

1. Provider, Controller

The provider of the Services and the controller under the GDPR is:

QuerySIgnal - Sella Consultancy FZ LLC.
BIZ00196, Compass Building Al Shohada
Road, AL Hamra Industrial Zone-FZ Ras Al
Khaimah, UAE
Email: contact@querysignal.ai

2. Data Processing to Enable Use of the Services

When you access our Services, your device transmits technical connection data to our servers. This may include:

IP address
Date and time of the request
Referring URL
Device and browser information (device type, identifiers, operating system)
Browser type and version

We process this information to deliver the Services, ensure stability and security, troubleshoot issues, and prevent misuse. We do not use this connection data to directly identify you without additional information.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests in operating a secure and functional service), and where applicable Art. 6(1)(b) GDPR (performance of a contract).

3. Data Processing When You Provide Data to Us

Using our public website is generally possible without actively providing personal data. However, certain features, such as creating an account or subscribing to communications, require personal data.

3.1 Registration, Account, and Login

If you register for the web app, join a waitlist, request access, or log in, we may collect:

Email address, for account creation, authentication, and communication
Name (optional), if you provide it
Organization name and workspace details, to create and administer your organization workspace
Role and permissions information (if applicable), to manage access within your organization

Purpose: account creation, authentication, workspace administration, security, fraud prevention, and support.

Legal basis: Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (legitimate interests in secure operations and abuse prevention).

3.2 Customer Communications and Support

If you contact us (for example by email or through in-app support), we process:

Contact details (name, email)
Message content and attachments
Metadata about communications (timestamps, support ticket identifiers)

Purpose: responding to inquiries, providing support, and maintaining service operations.

Legal basis: Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (legitimate interests in customer support and service quality).

3.3 Newsletter and Marketing Updates

If you subscribe to our newsletter or opt in to product updates, we process:

Email address
Name (optional)

Purpose: sending newsletters and marketing communications.

Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw consent at any time, for example via the unsubscribe link in emails.

4. Data Processing for Service Optimization

We use cookies and similar technologies to provide essential functions, improve user experience, analyze usage, and, where applicable, measure marketing performance.

Some cookies are essential to operate the Services. Others (analytics, marketing) are used only where legally permitted, and in many jurisdictions only with your consent.

Legal basis:
Essential cookies, Art. 6(1)(b) GDPR (contract), and Art. 6(1)(f) GDPR (legitimate interests in secure functionality)
Non-essential cookies, Art. 6(1)(a) GDPR (consent), where required

You can control cookies through your browser settings. If you block essential cookies, parts of the Services may not function.

4.1 Analytics

We may use analytics tools to understand how users interact with our website and web app, for example:

Pages visited and feature usage
Session duration
Referrers and campaign parameters
General location derived from IP address (approximate)

Where required by law, analytics are used only after you consent via our cookie banner. You can withdraw consent at any time through our cookie settings mechanism.

4.2 Hosting and Infrastructure

Our Services are hosted using industry-standard cloud infrastructure and content delivery services. When you visit the Services, your browser loads content and resources from our hosting and infrastructure providers. Those providers may receive your IP address and certain device/browser information as needed to deliver the content and protect the Services from abuse.

Purpose: reliable delivery, performance, and security.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests in secure and efficient delivery), and where applicable Art. 6(1)(b) GDPR (contract performance).

5. Cookies and Similar Technologies

5.1 Categories and Purposes

We use the following categories:

Strictly necessary (essential)
Required for core functionality, for example:
Login, session management, and authentication tokens
Security controls and load balancing
Fraud prevention and abuse detection
SSO session handling (if enabled by your organization)

Functional
Used to remember preferences and improve usability, for example:
Language or region preferences
UI preferences

Analytics
Used to measure and improve the Services, for example:
Page views, feature usage, conversion events

Marketing and attribution
Used to measure campaign performance and partner attribution, for example:
Tracking registrations originating from specific campaigns or referral links

5.2 SSO and Authentication Cookies

If your organization enables single sign-on (SSO) via an identity provider (for example Google or Microsoft), the identity provider may set cookies necessary to authenticate you and maintain your session.

We also set essential session tokens to authorize access to your organization’s workspace and protect the integrity of the Services.

Legal basis: Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (secure access control).

5.3 Consent Management and Cookie Settings

Where required by law, we present a cookie banner on first visit. You can:

Accept non-essential cookies
Reject non-essential cookies
Adjust preferences (if supported)

You can change or withdraw your consent at any time through “Cookie Settings” on our website (if provided) or by clearing cookies and adjusting your browser settings.

6. Data Transfers

We may transfer personal data to service providers that process data on our behalf. Some recipients may be located outside the EU/EEA, including in the United States.

Where personal data is transferred outside the EU/EEA, we implement appropriate safeguards, such as:

European Commission Standard Contractual Clauses (SCCs)
Additional technical and organizational safeguards where appropriate
Reliance on adequacy decisions where applicable

Legal basis for transfers: Art. 46 GDPR (SCCs), and where applicable Art. 49 GDPR (derogations).

7. Storage Duration

We retain personal data only as long as necessary for the purposes described in this Privacy Policy, including:

To provide the Services
To comply with legal obligations
To resolve disputes and enforce agreements
To maintain security logs for a limited period to prevent abuse

Retention periods depend on data type, contractual needs, and legal requirements.

8. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, loss, or misuse. However, no method of transmission or storage is completely secure.

9. Your Rights

If you are in the EU/EEA or the UK, you may have the right to:

Access your personal data
Rectify inaccurate personal data
Request deletion
Restrict processing
Object to processing
Data portability
Withdraw consent at any time (where processing is based on consent)
Lodge a complaint with a supervisory authority

You can exercise your rights by contacting us at contact@querysignal.ai. We may request reasonable information to verify your identity.

10. Right to Object

Where we process your data based on legitimate interests (Art. 6(1)(f) GDPR), you may object at any time. If you object, we will stop processing unless we have compelling legitimate grounds or the processing is required for legal claims.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website, and the “Last Updated” date will reflect the effective date.

12. Contact

If you have questions or requests regarding this Privacy Policy, contact:

QuerySIgnal - Sella Consultancy FZ LLC.
BIZ00196, Compass Building Al Shohada
Road, AL Hamra Industrial Zone-FZ Ras Al
Khaimah, UAE
Email: contact@querysignal.ai