Privacy Policy

Welcome to Qsinc Limited ("Qsinc", "we", "us", or "our"). Qsinc is committed to protecting and respecting your privacy. This Privacy Policy ("Policy") explains how we collect, store, use, share, and protect your personal data when you visit our website, utilize our platform, or interact with our digital services. All personal data provided to us or collected by us is protected and kept confidential in strict compliance with Rwanda's Law Nº 058/2021 of 13/10/2021 relating to the Protection of Personal Data and Privacy (the "Data Protection Law"), regulated by the National Cyber Security Authority (NCSA). Throughout this website, your interaction with us is governed by this Policy. If you do not agree with the terms outlined herein, please discontinue your use of our website and platform immediately.

By accessing our website, creating an account, or using Qsinc's services, you explicitly accept this Privacy Policy and give your informed consent to the collection and processing of your data as described. In accordance with Article 5 of the Rwandan Data Protection Law, we process your data based on the following lawful grounds: • Your explicit consent: Given voluntarily when registering or submitting data. • Performance of a contract: Necessary to deliver our services to you or your organization. • Compliance with a legal obligation: To fulfill regulatory requirements mandated by Rwandan authorities. • Legitimate interests: To optimize our website performance, prevent fraud, and secure our systems. You have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

We collect both Personal Data (which can identify you) and Non-Personal Data (analytical info) to ensure efficient service delivery. Information You Provide Directly to Us: • Account Creation Details: Name, email address, phone number, professional title, corporate organization name, and system credentials. • Verification & Compliance Documents: Where applicable, corporate incorporation details, regulatory identification, or credentials required to verify your business authority. • Communications: Any information shared when contacting our support teams, filling out web forms, or requesting demos. Information Collected Automatically: • Your Internet Protocol (IP) address. • Browser type, operating system, and device identifiers. • Time spent on specific web pages, links clicked, and search queries within our site. Cookies and Tracking Technologies: We use cookies and similar tracking tools to remember your preferences, keep you logged into secure areas, and monitor aggregate traffic patterns. You can manage or disable cookies via your browser settings, though doing so may limit your access to some platform functionalities.

In line with the data minimization principles outlined by the NCSA, Qsinc only processes your information for clear, specific, and legitimate purposes: • Service Provision: To configure, manage, and maintain your account, and to execute the core operations of the Qsinc platform. • Identity Verification: To verify your identity and prevent unauthorized access or illicit activity on our systems. • Platform Improvement: To analyze usage behavior, monitor system stability, and diagnose technical issues. • Customer Support: To respond to queries, process feedback, and provide critical technical notices or updates. • Legal and Regulatory Compliance: To satisfy requirements from judicial or regulatory bodies within the Republic of Rwanda.

In accordance with Article 30 of Rwanda's Data Protection Law, Qsinc will only store your personal data for as long as necessary to achieve the specific purposes for which it was collected, or as required to meet legal, accounting, or statutory reporting obligations. Once the data is no longer required, it will be securely erased from our active databases or completely anonymized so that it can no longer be linked to any individual.

The security of your information is paramount to us. Qsinc implements comprehensive technical and organizational safeguards designed to prevent unauthorized access, alteration, accidental loss, or destruction of personal data: • Encryption: We use standard Secure Sockets Layer (SSL/TLS) encryption mechanisms during the transmission of data to and from our website. Sensitive data is securely encrypted both in transit and at rest. • Access Control: Personnel access to personal data is restricted to authorized employees and contractors who require the information to perform their duties. All such individuals are bound by strict confidentiality obligations. • Vulnerability Management: Our digital infrastructure is subjected to regular vulnerability scans, firewalls, and active threat detection to safeguard our data environments. While we take every reasonable measure to protect your data, security also depends on you. You are responsible for maintaining the strict confidentiality of your account credentials and passwords.

Qsinc will not sell, rent, or trade your personally identifiable information to third parties. We only share data under the following transparent conditions: • Trusted Service Providers: We may share information with audited vendors, cloud infrastructure partners, and professional advisors who act on our behalf under strict Data Processing Agreements. • Legal Obligations: We may disclose your information if required to do so by Rwandan law, or in response to valid requests by public authorities (e.g., the NCSA, the National Bank of Rwanda, or law enforcement). • Business Transfers: In the event of a merger, acquisition, or sale of company assets, user data may be transferred as a business asset, subject to the recipient maintaining equivalent privacy protection standards.

As a technology platform, Qsinc may occasionally store or process data using cloud infrastructure located outside the borders of Rwanda. In strict adherence to Article 48 and Article 49 of the Rwandan Data Protection Law, any cross-border transfer of personal data will only occur if the recipient jurisdiction ensures an adequate level of protection, or under contractual frameworks (such as Standard Contractual Clauses) approved by the NCSA that guarantee the security of your rights.

While Qsinc takes every precaution, if a security incident occurs that results in a harmful breach of personal data, we are committed to accountability. In accordance with Article 41 of the Data Protection Law, Qsinc will notify the National Cyber Security Authority (NCSA) within 48 hours of becoming aware of the breach, and will notify affected users directly if the breach presents a high risk to their rights and freedoms.

Under Rwanda's Data Protection and Privacy Law, you possess distinct legal rights regarding how companies handle your information. You may exercise these rights at any time: • Right to be Informed: The right to clear, transparent information about how we collect and use your data (as outlined in this policy). • Right of Access: The right to request copies of the personal data we hold about you. • Right to Rectification: The right to demand that we correct inaccurate or incomplete data. • Right to Erasure (Right to be Forgotten): The right to request that we permanently delete your data from our systems when it is no longer legally required. • Right to Restriction of Processing: The right to request that we temporarily halt or limit the processing of your data under specific conditions. • Right to Data Portability: The right to request that your data be provided in a structured, commonly used, and machine-readable format for transfer to another provider. • Right to Object: The right to object to processing based on our legitimate interests or direct marketing campaigns. To exercise any of these rights, please contact our team at the email address provided below. We will respond to your request within the legally mandated timeframes.

If you have questions regarding this Privacy Policy, wish to update your details, or want to file a request regarding your data subject rights, please reach out to us at: Email: support@getqsinc.com Address: Kigali, Rwanda