Privacy Policy

1. Scope

This policy applies to individuals who register for and use the Service as researchers, students, consultants, organizations, or other first-party users (each, a “User”).

It does not apply to individuals who respond to surveys created by our Users. When a User fields a survey, the User is the controller of the personal information collected from respondents. Querra acts as a service provider (processor) on the User's behalf.

2. Information we collect about Users

Account information

When you create an account, we collect your email address and a password. We may also store an account tier identifier (e.g. free, paid) used to determine feature access.

Service usage

We use the third-party tool Pendo to collect product-usage information — pages visited within the Service, features used, click events, and standard environmental metadata (browser, operating system, viewport, approximate location based on IP). Usage information is associated with your opaque account identifier and a flag indicating whether you are on a paid or trial plan, so we can analyse how Users interact with the Service. We do not send your email address, name, or other identifying account fields to Pendo. Pendo's privacy practices are described at pendo.io/legal/privacy-policy.

Diagnostic information

We use Sentry to capture application errors and their context. Error reports may include the URL where the error occurred, your account identifier, the action that triggered the error, and a stack trace. Sentry's privacy practices are described at sentry.io/privacy.

Bot mitigation

We use Cloudflare Turnstile on signup and survey response submission to distinguish humans from automated traffic. Turnstile is privacy-preserving and does not, to our knowledge, create a persistent identifier for cross-site tracking. Cloudflare's privacy notice is available at cloudflare.com/privacypolicy.

Server logs

Our hosting infrastructure logs standard request data (IP address, request path, timestamp, response code) for security, debugging, and abuse prevention. For survey response endpoints, we additionally hash and short-term cache submission IPs to enforce per-IP rate limits.

Content you create

The Service stores content you create or upload — surveys, survey responses, uploaded files, codes, annotations, synthesis documents, project metadata. We treat this content as confidential and do not access it except as needed to operate, support, or troubleshoot the Service.

3. How we use information

We use personal information to:

• Provide, maintain, and improve the Service
• Authenticate Users and secure accounts
• Communicate about the Service (account-related notices, feature updates, security alerts)
• Detect and prevent fraud, abuse, and security incidents
• Analyse aggregated usage patterns to inform product decisions
• Comply with legal obligations

We do not use personal information for advertising and we do not sell or rent personal information.

4. Legal bases (where applicable)

For Users in jurisdictions that require an identified legal basis for processing (such as the EU, UK, or under Quebec's Law 25), we rely on the following bases:

• Performance of a contract — to deliver the Service you have signed up for
• Legitimate interests — for product analytics, error tracking, security, and abuse prevention
• Consent — where applicable law requires it (you may withdraw consent at any time, without affecting prior lawful processing)
• Legal obligation — to comply with applicable law

5. Service providers

We share personal information with the following service providers, under contracts that bind them to use the information only as needed to provide their services to us:

We do not otherwise sell, rent, or disclose personal information to third parties, except where required by law or to protect our rights, property, or safety, or that of our Users or the public.

6. Cross-border transfers

Primary data storage (User accounts, survey responses, uploaded content) is located in Canada via Supabase. Some of our service providers (notably Sentry, Pendo, Vercel, AssemblyAI, Resend, and Cloudflare) are based in the United States, and personal information may be processed there in connection with their services. Audio and video files submitted for transcription are sent to AssemblyAI only when a User explicitly opts in to transcribe a given file.

Where applicable law requires transfer safeguards, we rely on the standard contractual mechanisms offered by these providers. Personal information transferred to a foreign jurisdiction may be subject to lawful access requests by authorities in that jurisdiction.

7. Retention

We retain personal information for as long as your account is active. When you delete your account (or we terminate it):

• Active-system copies of your account information and content stored in the Service are deleted within 30 days, except as required by applicable law.
• Backup copies are typically purged within 60 days as part of regular backup-rotation cycles.
• Server logs are automatically purged within 30 days by our hosting infrastructure.
• Bot-mitigation records (hashed IP entries used for response throttling) are short-lived by design and not associated with your identity.

Aggregated or anonymised data that no longer identifies you may be retained indefinitely. Where applicable law requires us to retain certain records longer (for example, for tax or legal compliance), we will retain only the records required and only for the period required.

8. Your rights

Subject to applicable law, you may have the following rights with respect to your personal information. To exercise any of these rights, contact us at privacy@querra.ca.

• Access — obtain a copy of personal information we hold about you
• Correction — ask us to correct inaccurate or incomplete information
• Deletion — request deletion of your personal information, subject to retention obligations
• Portability — receive a machine-readable copy of personal information you provided
• Objection / restriction — object to or restrict certain processing, where applicable law provides this right
• Withdrawal of consent — withdraw consent where consent is the legal basis for processing

We will respond to verifiable rights requests within the time frame required by applicable law (typically 30 days under PIPEDA and Quebec Law 25). We may need to verify your identity before acting on a request.

If you are unsatisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada or, if you are a Quebec resident, the Commission d'accès à l'information du Québec. Users in other jurisdictions may have the right to lodge a complaint with their local supervisory authority.

9. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. No method of transmission or storage is fully secure; we cannot guarantee absolute security.

In the event of a personal information breach involving a real risk of significant harm, we will notify affected Users and the relevant supervisory authority as required by applicable law.

10. Minors

The Service is not intended for use by minors and is not designed, audited, or operated for research involving minors. Users must be 18 or older as required by our Terms of Use.

Using the Service to field surveys to minors, recruit minors as participants, or upload or store any data — including video, image, audio, transcripts, or written content — that relates to or identifies a minor is a violation of our Terms of Use. We do not knowingly collect personal information about minors and may suspend or terminate accounts that do.

If you believe personal information of a minor has been submitted to the Service, contact us at privacy@querra.ca and we will take steps to delete it.

11. Cookies and similar technologies

The Service uses cookies and similar technologies for authentication, session management, and (for survey response endpoints) duplicate-submission prevention. Pendo and Sentry may use cookies or browser storage in connection with their services as described in their respective privacy notices.

We do not use third-party advertising cookies or cross-context behavioural advertising.

12. Automated decision-making

We do not make decisions about Users that produce legal or similarly significant effects based solely on automated processing.

13. Use of content for AI / model training

We do not use Your Content (including survey responses, uploaded files, codes, annotations, or synthesis documents) to train artificial intelligence or machine learning models. Optional AI-assisted features (such as audio and video transcription via AssemblyAI) only operate on Your Content when you explicitly opt in to that feature for a specific file. AssemblyAI’s published terms confirm that customer audio is not used to train their models by default. We do not retain Your Content for model training, and any future AI features we add will follow the same opt-in, non-retention standard.

14. Changes to this policy

We may update this policy from time to time. The effective date at the top of this page reflects the date of the most recent revision. If we make material changes, we will notify Users by email or through the Service before the changes take effect.

15. Contact

For privacy questions or to exercise your rights, contact our Privacy Officer: