Queyn

Privacy Policy

Last Updated: October 15, 2025

📋 Your Privacy Matters

Queyn is committed to protecting your privacy and being transparent about how we collect, use, and protect your personal data. This Privacy Policy explains your rights under the General Data Protection Regulation (GDPR) and other applicable privacy laws.

1. Data Controller

The data controller responsible for your personal data is:

2. What Data We Collect

2.1 Account Information

When you register for an account, we collect:

2.2 Google OAuth Data

If you sign in with Google, we receive:

We do NOT receive your Google password or access to your Google account beyond the information listed above.

2.3 Usage Data

We automatically collect information about how you use the Platform:

2.4 Technical Data

We collect technical information for platform functionality and security:

2.5 Cookies and Similar Technologies

We use cookies and similar technologies:

🍪 Cookie Notice

Our authentication cookies are httpOnly and secure, meaning they cannot be accessed by JavaScript and are only transmitted over encrypted connections. This protects against XSS attacks and session hijacking.

3. How We Use Your Data

3.1 Essential Platform Services

Legal basis: Contract performance (GDPR Article 6(1)(b))

3.2 Communication

Legal basis: Contract performance and legitimate interests (GDPR Article 6(1)(b)(f))

3.3 Platform Improvement

Legal basis: Legitimate interests (GDPR Article 6(1)(f))

3.4 Security and Fraud Prevention

Legal basis: Legitimate interests (GDPR Article 6(1)(f))

3.5 Legal Compliance

Legal basis: Legal obligation (GDPR Article 6(1)(c))

4. Data Sharing and Disclosure

4.1 We Do NOT Sell Your Data

Queyn does not sell, rent, or trade your personal data to third parties for marketing purposes.

4.2 Service Providers

We share data with trusted service providers who help us operate the Platform:

Service Provider Purpose Data Shared
Supabase Database hosting and user authentication Account data, scenarios, strategy configurations
Render Backend server hosting All data processed through the platform
Netlify Frontend application hosting Connection logs, IP addresses
Google OAuth Optional authentication service Google user ID, email, profile name
Resend Transactional emails and account verification Email address, username, verification tokens
Stripe Pro subscription payments Email address, payment information

All service providers are required to protect your data and use it only for the specified purposes.

4.3 Legal Requirements

We may disclose your data if required by law or in response to:

4.4 Business Transfers

If ARVO P.C. is acquired, merged, or restructured, your data may be transferred to the new entity. You will be notified of any such change.

5. International Data Transfers

ARVO P.C. is based in Greece (European Union). Your data is primarily stored and processed within the EU/EEA.

If we transfer data outside the EU/EEA, we ensure adequate protection through:

6. Data Retention

6.1 Active Accounts

We retain your data for as long as your account is active and you continue to use the Platform.

6.2 Inactive Accounts

If you do not log in for 12 consecutive months, your account may be considered inactive. We will send you a notification before deleting your data.

6.3 Deleted Accounts

When you delete your account (or we delete it after inactivity):

6.4 Legal Retention

We may retain certain data longer if required by law (e.g., tax records, legal disputes).

7. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

7.1 Right of Access (Article 15)

You can request a copy of all personal data we hold about you. We will provide this within 30 days.

7.2 Right to Rectification (Article 16)

You can update or correct inaccurate data through your account settings or by contacting us.

7.3 Right to Erasure / "Right to be Forgotten" (Article 17)

You can request deletion of your account and personal data at any time. We will comply within 30 days unless we have legal obligations to retain certain data.

7.4 Right to Restriction of Processing (Article 18)

You can request that we limit how we process your data in certain circumstances (e.g., while disputing data accuracy).

7.5 Right to Data Portability (Article 20)

You can request your data in a machine-readable format (JSON or CSV) to transfer to another service.

7.6 Right to Object (Article 21)

You can object to processing of your data based on legitimate interests. We will stop processing unless we have compelling legal grounds.

7.7 Right to Withdraw Consent

Where we process data based on your consent, you can withdraw consent at any time.

7.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority:

📧 Exercising Your Rights

To exercise any of these rights, contact us at info@queyn.com with your request. We will respond within 30 days.

8. Data Security

We implement industry-standard security measures to protect your data:

8.1 Technical Measures

8.2 Organizational Measures

8.3 Data Breach Notification

In the event of a data breach affecting your personal data, we will:

9. Children's Privacy

ARVO P.C.'s Queyn platform is not intended for users under the age of 18 years. We do not knowingly collect personal data from children.

If we discover that we have collected data from a child under 18:

If you believe a child has created an account, please contact us at info@queyn.com.

10. Third-Party Links

The Platform may contain links to external websites or services (e.g., documentation, educational resources). This Privacy Policy does not apply to third-party sites.

We are not responsible for the privacy practices of external sites. Please review their privacy policies before providing any personal data.

11. Do Not Track (DNT)

Some browsers support "Do Not Track" (DNT) signals. We do not currently respond to DNT signals because there is no industry standard for how to interpret them.

12. Changes to This Privacy Policy

13. Your Choices and Controls

13.1 Account Settings

You can manage your data through your account settings:

13.2 Email Preferences

You can opt out of non-essential emails by:

Note: You cannot opt out of essential service emails (e.g., account verification, security alerts).

13.3 Cookie Management

You can control cookies through your browser settings:

13.4 Data Export

You can export your data at any time:

13.5 Account Deletion

To delete your account:

  1. Log in to your account
  2. Go to Settings → Account Settings
  3. Click "Delete Account"
  4. Confirm deletion

Alternatively, email us at info@queyn.com with your deletion request.

⚠️ Account Deletion is Permanent

Once you delete your account, all your data (scenarios, settings, API keys) will be permanently deleted and cannot be recovered. Make sure to export any data you want to keep before deletion.

14. Contact Information

14.1 Data Protection Inquiries

For questions about this Privacy Policy or your data:

14.2 Response Time

We aim to respond to all privacy inquiries within:

Contact Us

For privacy-related questions or to exercise your rights:

Email: info@queyn.com

Website: https://queyn.com

📝 Summary

This Privacy Policy explains how Queyn collects, uses, and protects your personal data in compliance with GDPR and other privacy laws. You have full control over your data and can exercise your rights at any time by contacting us.

Key Points: We don't sell your data. We use minimal data necessary for platform functionality. You can delete your account anytime. We protect your data with industry-standard security.