See an agent run a real file, 30 minutes.See the platform
Qualiar

Legal

Privacy Policy

How Qualiar processes your personal data, in accordance with the General Data Protection Regulation (GDPR).

Last updated : 2026-05-26

Note: Document to be reviewed by a data protection officer or a digital-law specialist before becoming legally binding.

Article 01

Data controller

The controller of the personal data collected on qualiar.xyz and through the Qualiar services is the company operating Qualiar (“Qualiar”), whose details appear in the legal notices.

For any data protection question: privacy@qualiar.xyz.

Article 02

Purposes of processing

Qualiar collects and processes personal data for the following purposes:

  • Customer relationship management: contact requests, qualification, commercial follow-up.
  • Performance of the engagement: provisioning a private Agent, authentication, technical support, billing.
  • Security: access logging, abuse prevention, regulatory compliance.
  • Service improvement: anonymised usage analysis, excluding conversation content.
  • Transactional communication: emails related to the use of the service.

Article 03

Legal bases

Processing relies, depending on the case, on:

  • Performance of a contract or pre-contractual measures (art. 6.1.b GDPR).
  • A legal obligation (art. 6.1.c GDPR) for accounting and tax data.
  • Qualiar's legitimate interest (art. 6.1.f GDPR) for the security of the service.

Article 04

Categories of data collected

  • Identification data: first and last name, role, company.
  • Contact data: business email, optionally phone number.
  • Authentication data: login email, hashed password (never in clear text).
  • Usage data: access logs, session identifiers, preferred language.
  • Contractual data: nature of the engagement, duration, payments.

The content of conversations between the Client and their private Agent is never stored centrally by Qualiar; it resides exclusively on the Client's private volume.

Article 05

Data obtained from Google APIs

When you connect a Google account to your Agent, Qualiar accesses certain data from that account (for example Gmail, Calendar, Drive, Contacts) through the Google APIs, only with the permissions you explicitly grant during consent.

This data is used exclusively to provide the features you request from the Agent. It is neither sold, nor used for advertising, nor used to train general artificial intelligence models.

Qualiar's use of information received from Google APIs complies with the Google API Services User Data Policy, including its Limited Use requirements. You can revoke this access at any time from your Google account settings or by disconnecting the integration in your Agent.

Article 06

Recipients of the data

Data is accessible only to Qualiar staff whose role requires it, bound by a confidentiality undertaking.

Qualiar relies on technical subprocessors (article 28 GDPR), by category:

  • hosting and infrastructure (European Union by default);
  • database and authentication;
  • transactional email delivery;
  • network routing and protection;
  • language-model inference providers.

Each subprocessor is bound by a GDPR-compliant agreement. The named, up-to-date list of subprocessors is provided on request at privacy@qualiar.xyz.

Article 07

Transfers outside the EU

By default, data is hosted within the European Union.

Where a subprocessor processes data outside the EEA, the transfer is governed by the European Commission's Standard Contractual Clauses or an equivalent mechanism ensuring an adequate level of protection.

Article 08

Retention period

  • Active client data: for the duration of the contract, extended by ninety (90) days after termination to allow export.
  • Contractual and accounting data: ten (10) years, in accordance with French obligations.
  • Prospects without a signed contract: three (3) years from the last exchange (CNIL guidance).
  • Technical logs: twelve (12) months maximum.

Article 09

Your rights

In accordance with the GDPR, you have the following rights over your data:

  • Right of access, rectification and erasure
  • Right to restriction and portability
  • Right to object on legitimate grounds
  • Right to set directives regarding your data after your death

These rights are exercised by email at privacy@qualiar.xyz, with a response within one (1) month. You may lodge a complaint with the CNIL (cnil.fr).

Article 10

Cookies and trackers

The qualiar.xyz website uses a minimal number of cookies, strictly necessary for its operation (language preferences, technical session). No advertising or third-party analytics cookie is set without prior consent.

Article 11

Security

Qualiar implements appropriate technical and organisational measures:

  • Encryption of communications (TLS) and encryption of data at rest.
  • Isolation of data between clients.
  • Strict internal access policy with logging.
  • Regular backups.

For any legal inquiry: privacy@qualiar.xyz

Terms of Service·Privacy·Data Processing