← Back to QENEX

Privacy Policy

Last updated: December 2025

1. Introduction

QENEX LTD (Company No. 16523814), registered in England and Wales, is committed to protecting your privacy. This policy explains how we collect, use, and protect your personal data across all QENEX products and services.

2. Data Controller

QENEX LTD is the data controller for personal data processed through our services. We are registered with the UK Information Commissioner's Office (ICO) under registration number C1837621.

3. Data We Collect

• Account Information: Name, email address, company name, and contact details when you register or contact us
• Usage Data: API calls, service interactions, feature usage, and access timestamps
• Payment Data: Processed securely by Stripe; we do not store payment card details
• Technical Data: IP addresses, browser type, device information for security and service optimization
• Communication Data: Records of correspondence when you contact our support team

4. How We Use Your Data

• To provide, maintain, and improve our services (GPTFinancial, AutoFlow, ComplianceMonitor, etc.)
• To process payments and manage subscriptions
• To send service-related communications and important updates
• To respond to support requests and inquiries
• To ensure security and prevent fraud
• To comply with legal obligations

5. Legal Basis for Processing

We process your data based on:

• Contract Performance: To fulfill our service agreements with you
• Legitimate Interests: For service improvement, security, and fraud prevention
• Legal Compliance: To meet regulatory and legal requirements
• Consent: For marketing communications (where applicable)

6. Data Sharing

We do not sell your personal data. We may share data with:

• Stripe: For secure payment processing
• Cloud Infrastructure Providers: For hosting and service delivery
• Professional Advisors: Legal and accounting services as required
• Legal Authorities: When required by law or to protect our rights

7. International Transfers

Your data may be transferred to and processed in countries outside the UK. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where required.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account closure, we retain data for 7 years for legal and regulatory compliance. You may request earlier deletion subject to legal requirements.

9. Your Rights (UK GDPR)

You have the right to:

• Access your personal data
• Correct inaccurate or incomplete data
• Request deletion of your data (right to be forgotten)
• Object to processing
• Restrict processing
• Data portability
• Withdraw consent at any time

10. Cookies

We use essential cookies for service functionality and optional analytics cookies to improve our services. You can manage cookie preferences through our cookie consent banner.

11. Security

We implement industry-standard security measures including:

• 256-bit SSL/TLS encryption for data in transit
• Encrypted storage for data at rest
• Regular security audits and penetration testing
• Access controls and authentication measures

12. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes via email or through our services.

13. Contact Us

For privacy-related inquiries or to exercise your rights:

• Email: privacy@qenex.ai
• General inquiries: hello@qenex.ai

QENEX LTD
United Kingdom
Company No. 16523814 | ICO: C1837621