QA Stack

Privacy Policy

Last Updated: May 2026

QA Stack ("QA Stack," "Company," "we," "our," or "us") respects the privacy and confidentiality of information processed through our platform and services.

This Privacy Policy describes how we collect, use, disclose, store, process, and protect information in connection with the QA Stack platform, websites, applications, APIs, integrations, documentation, and related enterprise services (collectively, the "Services").

By accessing or using the Services, you acknowledge and agree to the practices described in this Privacy Policy.

1. Scope of This Policy

This Privacy Policy applies to:

  • visitors to our website;
  • prospective customers;
  • enterprise customers;
  • authorized users of the platform;
  • integrations and connected systems;
  • communications with QA Stack.

This Privacy Policy does not govern:

  • third-party applications;
  • external integrations;
  • customer-controlled environments;
  • third-party infrastructure providers;
  • third-party services accessed through integrations.

2. Information We Collect

2.1 Information Provided by Customers

Depending on the nature of the Services and customer configurations, we may collect and process:

  • account information;
  • organizational information;
  • business contact information;
  • user credentials;
  • operational workflow data;
  • quality records;
  • manufacturing records;
  • compliance-related records;
  • documentation metadata;
  • audit trail information;
  • system configurations;
  • uploaded files and attachments;
  • communications submitted through the Services.

2.2 Automatically Collected Information

We may automatically collect technical and usage-related information, including:

  • IP addresses;
  • browser information;
  • operating system information;
  • device identifiers;
  • usage analytics;
  • session activity;
  • log data;
  • performance metrics;
  • diagnostic information;
  • API activity;
  • authentication events.

2.3 Cookies and Similar Technologies

QA Stack may use cookies, session technologies, analytics tools, and similar technologies to:

  • maintain sessions;
  • improve platform functionality;
  • analyze usage patterns;
  • improve performance;
  • support security measures;
  • enhance user experience.

Users may manage cookie preferences through browser settings where applicable.

3. How We Use Information

We may use information for purposes including:

  • providing and operating the Services;
  • authentication and access management;
  • maintaining platform security;
  • customer support;
  • product improvement;
  • system monitoring;
  • troubleshooting;
  • operational analytics;
  • compliance and legal obligations;
  • communications regarding the Services;
  • enforcing agreements and policies;
  • preventing fraud, abuse, or unauthorized access.

We do not sell customer data to third parties.

4. Customer Data Ownership

Customer retains ownership of customer data submitted to the Services.

QA Stack processes customer data solely:

  • to provide the Services;
  • as instructed by the Customer;
  • as required by applicable law;
  • as necessary to maintain security, integrity, and operational reliability.

Customer remains solely responsible for:

  • the legality of submitted data;
  • obtaining required consents;
  • regulatory compliance obligations;
  • accuracy of customer-provided information.

5. Data Sharing and Disclosure

QA Stack may disclose information:

  • to authorized service providers and subprocessors;
  • to infrastructure and cloud hosting providers;
  • to analytics and security vendors;
  • where required by law or legal process;
  • to protect rights, safety, systems, or operations;
  • in connection with mergers, acquisitions, restructurings, or asset transfers.

All disclosures are subject to reasonable contractual, operational, or legal safeguards where applicable.

6. Data Security

QA Stack implements commercially reasonable administrative, technical, and organizational safeguards intended to protect information against unauthorized access, disclosure, alteration, or destruction.

Security measures may include:

  • encryption in transit;
  • access controls;
  • authentication procedures;
  • audit logging;
  • infrastructure monitoring;
  • role-based permissions;
  • secure cloud environments;
  • internal security procedures.

However, no system, network, infrastructure, transmission method, or storage environment can be guaranteed to be completely secure.

Accordingly, QA Stack does not guarantee absolute security of information.

7. Data Retention

QA Stack retains information for periods reasonably necessary to:

  • provide the Services;
  • fulfill contractual obligations;
  • comply with legal requirements;
  • resolve disputes;
  • enforce agreements;
  • maintain operational records.

Retention periods may vary depending on:

  • customer configurations;
  • regulatory obligations;
  • operational requirements;
  • backup procedures;
  • system architecture.

Customers remain responsible for maintaining independent backups where appropriate.

8. International Data Transfers

Information may be processed, transferred, stored, or accessed in jurisdictions different from the user’s or customer’s location.

By using the Services, Customer acknowledges and consents to such transfers where permitted by applicable law.

QA Stack may implement reasonable contractual or technical safeguards intended to support lawful international data transfers.

9. Third-Party Services and Integrations

The Services may integrate with or rely upon third-party systems, APIs, cloud providers, analytics platforms, databases, ERP systems, manufacturing systems, or external applications.

QA Stack is not responsible for the privacy, security, or operational practices of third-party providers.

Use of third-party integrations may be subject to separate third-party terms and privacy policies.

10. Customer Responsibilities

Customer is solely responsible for:

  • configuring access permissions;
  • managing user credentials;
  • maintaining internal security controls;
  • reviewing data access rights;
  • validating regulatory obligations;
  • implementing organizational policies;
  • ensuring lawful use of the Services.

Customer acknowledges that improper configuration or credential management may impact security.

11. User Rights

Depending on applicable law and jurisdiction, users may have rights relating to:

  • access to personal information;
  • correction of inaccurate information;
  • deletion requests;
  • restriction of processing;
  • objection to processing;
  • portability requests.

Requests may be submitted to: privacy@qastack.xyz

QA Stack reserves the right to verify identity before responding to requests.

12. Confidentiality

QA Stack recognizes that customer operational, manufacturing, quality, compliance, and documentation information may contain confidential business information.

QA Stack will use commercially reasonable measures intended to maintain confidentiality of customer data processed through the Services.

Confidentiality obligations may additionally be governed by separate agreements, including enterprise master service agreements, DPAs, or NDAs where applicable.

13. Children’s Privacy

The Services are intended exclusively for business and enterprise use and are not directed toward individuals under the age of 18.

QA Stack does not knowingly collect personal information from children.

14. Changes to This Privacy Policy

QA Stack may modify or update this Privacy Policy periodically.

Updated versions will become effective upon posting unless otherwise stated.

Continued use of the Services following updates constitutes acknowledgment of the revised Privacy Policy.

15. Limitation of Liability

To the maximum extent permitted by applicable law, QA Stack shall not be liable for:

  • unauthorized access caused by customer actions;
  • third-party cybersecurity incidents;
  • infrastructure failures;
  • internet disruptions;
  • integration vulnerabilities;
  • force majeure events;
  • customer misconfigurations;
  • actions of third-party providers.

Customers remain responsible for maintaining appropriate operational, cybersecurity, compliance, and organizational safeguards.

16. Contact Information

For questions regarding this Privacy Policy or data handling practices, contact:

QA Stack
123 Innovation Drive, Suite 400
privacy@qastack.xyz
www.qastack.xyz