🔒 Security & Privacy

Your data security is our top priority. Learn how we protect your information.

🛡️ Data Security

Encryption at Rest: All customer data is encrypted using AES-256 encryption. Your questionnaires, documents, and generated answers are protected in our secure database.

Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.3. This ensures your information cannot be intercepted.

Database Security: Our database is hosted on Supabase with enterprise-grade security, automatic backups, and redundant storage across multiple geographic locations.

📋 Privacy Policy

Information We Collect

  • Account information (name, email, company)
  • Uploaded documents (security policies, compliance documents)
  • Generated questionnaires and answers
  • Audit logs and usage data

How We Use Your Data

  • To provide GetQuest services
  • To improve our AI models and algorithms
  • To ensure compliance with regulations
  • To prevent fraud and abuse

Data Retention

We retain your data for as long as your account is active. You can request deletion of your data at any time, and we will permanently delete all your information within 30 days.

Third-Party Access

We do NOT share your data with third parties. Your documents and questionnaires are private and belong only to you. We use only essential service providers (cloud hosting, analytics) under strict data processing agreements.

✅ Compliance & Certifications

🔐 GDPR Compliant

We comply with GDPR regulations for handling personal data of EU residents.

📊 SOC 2 Ready

Working towards SOC2 Type II certification for enterprise customers.

🔒 ISO 27001

Information security management in compliance with ISO standards.

🛡️ Data Processing

Data Processing Agreements available for enterprise clients.

🔑 Access Control

Authentication: All users must authenticate with a secure password. We enforce strong password requirements and support two-factor authentication (2FA).

Authorization: Users can only access their own questionnaires and documents. Team members can be invited with specific permission levels.

Audit Logging: All actions (file uploads, answer generation, edits) are logged with timestamps and user information for compliance and security auditing.

🚨 Incident Response

Detection: We monitor security events in real-time using automated threat detection.

Response: In case of a security incident, we will notify affected users within 24 hours and take immediate remedial action.

Notification: For GDPR-relevant breaches, we will notify users and regulatory authorities within 72 hours as required by law.

📞 Questions?

If you have any questions about our security practices or privacy policy, please contact us:

Email: security@getquest.cloud

Security Issues: security@getquest.cloud

Last updated: December 2024

Version: 1.0