Legal
Privacy Policy
Effective Date: March 5, 2026 | Last Updated: March 7, 2026
Contents
1. Introduction
2. Definitions
3. Information We Collect
4. How We Use Information
5. AI & Automated Processing
6. Cookies & Tracking Technologies
7. How We Share Personal Data
8. Data Retention
9. Data Security
10. Privacy Rights
11. California Privacy Disclosures
12. U.S. State Privacy Laws
13. International & GDPR Disclosures
14. International Data Transfers
15. Data Controller & Data Processor Roles
16. Children’s Privacy
17. Sensitive Data
18. Third-Party Websites & Services
19. Changes to This Policy
20. Contact
1. Introduction
This Privacy Policy (“Policy”) describes how SQOR Technologies Inc., together with its subsidiaries and affiliates (“SQOR,” “we,” “our,” or “us”), collects, uses, shares, retains, and protects information that relates to identified or identifiable individuals (“Personal Data”) when individuals:
- Visit our websites, including sqor.ai, that display or link to this Policy (the “Site”);
- Use our Products, as defined in the SQOR Terms and Conditions;
- Receive support, consulting, onboarding, or other professional services from us;
- Register for, attend, or participate in our events, webinars, demonstrations, or training sessions (“Events”);
- Communicate with us through email, phone, chat, social media, or other channels; or
- Interact with us in any other capacity as a prospective or existing customer, partner, vendor, or job applicant.
This Policy is incorporated by reference into the SQOR Terms and Conditions. By accessing or using the Site, Products, or related services, individuals acknowledge that they have read and understood this Policy. Individuals who do not agree with the practices described herein should discontinue use of the Site and Products immediately.
Important: This Policy does not apply to data that Customers store, process, or transmit through the Products (“Customer Data”). SQOR’s use of Customer Data is governed by the applicable agreement between SQOR and the Customer, including the Terms and Conditions. Customers determine what data they submit to the Products and are responsible for ensuring that they have the legal rights, permissions, and notices necessary for SQOR to process Customer Data on their behalf. Individuals with questions about how a Customer handles their data within the Products should contact that Customer directly.
2. Definitions
Throughout this Policy, the following terms have specific meanings:
- “Authorized User” means an individual granted access credentials by a Customer to access and use the Products.
- “Customer” means the entity that has entered into an agreement with SQOR for use of the Products or related services.
- “Customer Data” means any data submitted to or processed through the Products by or on behalf of a Customer, including data ingested from Customer’s connected third-party services and data warehouses.
- “Partner” means an entity participating in a SQOR channel sales, technology, referral, or reseller program.
- “Personal Data” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable individual.
- “Processing” means any operation performed on Personal Data, including collection, recording, organization, storage, adaptation, retrieval, use, disclosure, dissemination, restriction, erasure, or destruction.
3. Information We Collect
3.1 Information Provided Directly
SQOR collects information voluntarily provided in the following circumstances:
- Account Registration & Profiles: Full name, business email address, employer name, job title, phone number, and credentials created to access the Products.
- Transactions & Billing: Billing name and address, shipping address, and payment-related information. SQOR does not store full credit card numbers; payment processing is handled by PCI-DSS-compliant third-party processors.
- Communications: Records and contents of emails, support tickets, chat messages, phone calls (which may be recorded in accordance with applicable law), and other communications sent to SQOR.
- Events: Registration information, accessibility requests, and feedback provided at Events.
- Newsletters & Marketing: Email address and preferences shared when subscribing to communications. Individuals may unsubscribe at any time by following the instructions in any marketing email or by contacting [email protected].
- Business Relationships: Contact details, company information, and order details processed in the course of business relationships with customers, prospects, suppliers, and partners.
- Job Applications: Resume, cover letter, employment history, education, and other information submitted in connection with a job application.
- Referrals: If another individual provides a referral, SQOR will use the provided contact information solely to deliver the referral message unless the referred individual independently provides additional information.
Where SQOR collects professional or business contact information in a business-to-business context, SQOR processes that information only for legitimate business purposes such as account administration, sales, onboarding, support, security, and relationship management. SQOR collects only the Personal Data that is reasonably necessary for the purposes described in this Policy.
3.2 Information Collected Automatically
When individuals access the Site or Products, SQOR automatically collects certain technical and usage information through standard web technologies, including device and browser information, usage patterns, network information such as IP address and approximate geolocation, and operational data necessary to maintain and improve the Products.
3.3 Information from Third-Party, Public, Partner, and Referral Sources
SQOR may receive Personal Data from third-party, public, partner, and referral sources:
- Third-Party Integrations: When a Customer authenticates a third-party service to the Products, SQOR may receive metadata necessary to facilitate the integration.
- Business Data Providers: SQOR may obtain professional contact information from trusted data providers for sales and marketing purposes.
- Social Media & Public Sources: Publicly available professional information, where consistent with the applicable platform’s terms of service.
- Partners & Resellers: Contact and business information shared by Partners in connection with joint sales activities, co-selling efforts, implementation support, or customer referrals.
- Referrals & Introductions: SQOR may receive business contact information from existing users, customers, or business contacts who refer or introduce individuals to SQOR.
4. How We Use Information
SQOR processes Personal Data for the following purposes, each supported by one or more lawful bases described in Section 13:
- Providing and Operating the Products: To create and manage accounts, deliver Product functionality, process transactions, provide support, and fulfill contractual obligations.
- AI-Powered Features: To operate the AI Systems described in Section 5.
- Improvement & Development: To analyze usage patterns, diagnose technical issues, and develop new features.
- Communications: To send transactional messages and, with consent or as permitted by applicable law, marketing communications.
- Personalization: To tailor content and experience based on preferences, usage history, and role.
- Security & Fraud Prevention: To detect, investigate, and prevent unauthorized access, fraud, abuse, and security incidents.
- Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests.
- Business Transactions: To facilitate or evaluate mergers, acquisitions, divestitures, restructurings, or asset sales.
- Aggregated Analytics: To generate de-identified, aggregated, or anonymized data sets that do not reasonably identify individuals, for Product improvement and analytical purposes.
5. AI & Automated Processing
SQOR is an AI-native decision intelligence platform. Transparency about how the AI Systems process data is central to SQOR’s commitment to responsible AI use.
5.1 How the AI Systems Operate
The Products use proprietary artificial intelligence, machine learning, and automated analytical systems (collectively, “AI Systems”) to process Customer Data and deliver AI Outputs, as defined in the Terms and Conditions. The AI Systems analyze data connected to the Products by Customers and generate analytical results, alerts, and other outputs to support Customer decision-making.
5.2 Data Used by AI Systems
The AI Systems primarily process Customer Data provided through authenticated integrations. When Personal Data (such as an Authorized User’s name or email associated with a connected service) is incidentally included in Customer Data, it is processed solely for the purpose of delivering the Products to that Customer in accordance with the applicable agreement.
5.3 Automated Decision-Making
AI Outputs generated by the Products are designed to inform and assist human decision-making. SQOR does not use AI to make decisions that produce legal effects or similarly significant effects on individuals without meaningful human oversight. AI Outputs are informational tools intended to support, not replace, human judgment.
5.4 AI Model Training
SQOR may use aggregated, de-identified, or anonymized data derived from Product usage to improve the AI Systems. SQOR will not use identifiable Customer Data to train AI models without the Customer’s express, prior written consent. Where SQOR engages third-party AI service providers, SQOR requires contractual restrictions designed to prohibit those providers from using Customer Data to train their own models. Customers may opt out of permitted de-identified usage by contacting [email protected].
5.5 Rights Regarding AI Processing
Depending on jurisdiction, individuals may have the right to:
- Obtain meaningful information about the logic involved in automated processing;
- Request human review of an automated decision;
- Object to automated processing, including profiling; and
- Opt out of the use of data for AI model training.
To exercise any of these rights, please contact SQOR using the methods described in Section 20.
6.1 Types of Cookies
SQOR and authorized third-party partners use cookies, pixel tags, web beacons, local storage, and similar technologies (“Tracking Technologies”) to operate, secure, and improve the Site and Products.
6.1 Types of Cookies
SQOR uses the following categories of cookies:
- Strictly Necessary: Essential for Site operation, security, authentication, and fraud prevention. These cannot be disabled.
- Performance & Analytics: Help SQOR understand how visitors interact with the Site by collecting aggregated, anonymized usage statistics. May be managed via cookie banner or browser settings.
- Functional: Remember preferences such as language, region, and display settings. May be managed via cookie banner or browser settings.
- Marketing & Advertising: Used to deliver relevant communications, measure campaign effectiveness, and limit frequency. May be set by third-party partners. May be managed via cookie banner, browser settings, or industry opt-out tools.
6.2 Managing Cookie Preferences
When visiting the Site for the first time, a cookie consent banner allows acceptance or rejection of non- essential cookies. Preferences may be updated at any time through the cookie settings on the Site or through browser settings. Disabling certain cookies may impair Site functionality.
6.3 Third-Party Analytics
SQOR honors Global Privacy Control (“GPC”) signals, which are treated as a valid opt-out of the sale or sharing of Personal Data where required by applicable law. Due to the absence of a uniform industry standard for Do Not Track (“DNT”) browser signals, SQOR does not currently respond to DNT signals but continues to monitor industry developments.
7. How We Share Personal Data
SQOR does not sell Personal Data, and does not share Personal Data for cross-context behavioral advertising. SQOR may share or disclose Personal Data in the following circumstances:
- Service Providers & Processors: SQOR engages trusted third-party vendors to perform functions on its behalf. These providers are contractually bound to process Personal Data only as instructed and to maintain appropriate security measures. Where SQOR acts as a processor for Customer Data, the use of sub-processors is governed by the Terms and Conditions.
- Affiliates & Subsidiaries: SQOR may share Personal Data within the SQOR corporate family for the purposes described in this Policy. All affiliates are bound to this Policy’s protections.
- Partners & Resellers: SQOR may share limited business contact information with Partners where an individual has engaged through a Partner channel or where sharing is necessary to deliver the Products.
- Business Transfers: In connection with any merger, acquisition, sale of assets, restructuring, financing, or bankruptcy, Personal Data may be transferred to the acquiring or successor entity. SQOR will provide notice as required by applicable law.
- Legal Obligations & Protection of Rights: SQOR may disclose Personal Data when disclosure is necessary to: (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce the Terms and Conditions or other agreements; (c) detect, prevent, or address fraud, security, or technical issues; or (d) protect the rights, property, or safety of SQOR, its users, or the public.
- With Consent: SQOR may share Personal Data for any purpose with affirmative consent.
- Aggregated or De-Identified Data: SQOR may share data that has been aggregated or de- identified such that it cannot reasonably be used to identify any individual. Such data is not subject to this Policy.
Sub-Processors: SQOR’s sub-processor framework, categories of sub-processors, and related Customer protections are described in the Terms and Conditions. This Policy is intended to describe SQOR’s general privacy practices, while the Terms and Conditions govern Customer-specific processor obligations.
No Sale of Personal Data: SQOR does not sell, rent, or trade Personal Data to third parties for monetary or other valuable consideration. SQOR does not share Personal Data for cross-context behavioral advertising except as disclosed in this Policy and in compliance with applicable opt-out requirements.
8. Data Retention
SQOR retains Personal Data only for as long as reasonably necessary to fulfill the purposes for which it was collected, subject to the following guidelines:
| Data Category | Retention Period |
|---|---|
| Account & profile information | Duration of active account plus 30 days after account closure, unless longer retention is required by law. |
| Transaction & billing records | 7 years from the transaction date, as required by applicable tax and financial regulations. |
| Customer support communications | 3 years from the date of last interaction. |
| Marketing & newsletter data | Until unsubscription, plus a suppression record retained indefinitely to honor the opt-out. |
| Server logs & diagnostic data | Up to 12 months on a rolling basis. |
| Cookie and tracking data | As described in Section 6; generally no longer than 13 months. |
| Job application data | 24 months from the date of application, unless the individual consents to longer retention. |
When Personal Data is no longer needed for its original purpose and no legal retention obligation applies, SQOR will delete it, anonymize it, or securely isolate it from further processing until deletion is feasible. Aggregated and de-identified data may be retained indefinitely.
9. Data Security
SQOR implements and maintains a comprehensive information security program designed to protect the confidentiality, integrity, and availability of Personal Data. This program includes appropriate technical controls, access controls, organizational measures, and vendor management practices.
No method of transmission over the Internet or electronic storage is completely secure. SQOR cannot guarantee absolute security but is committed to promptly investigating and remediating any suspected data breach. In the event of a breach involving Personal Data, SQOR will provide notices to affected individuals, Customers, and applicable regulatory authorities as required by law and, where SQOR acts as a processor, in accordance with the applicable agreement. For more information about SQOR’s security practices, please contact [email protected].
10. Privacy Rights
Depending on jurisdiction, individuals may have some or all of the following rights with respect to their Personal Data:
- Right to Access: Request confirmation of whether SQOR processes Personal Data and obtain a copy.
- Right to Correction: Request correction of inaccurate or incomplete Personal Data.
- Right to Deletion: Request deletion of Personal Data, subject to certain legal exceptions.
- Right to Data Portability: Receive Personal Data in a structured, commonly used, machine- readable format.
- Right to Restrict Processing: Request restriction of processing in certain circumstances.
- Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
- Right to Withdraw Consent: Where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of prior processing.
- Right to Opt Out of Sale/Sharing: Where applicable, opt out of the sale or sharing of Personal Data for cross-context behavioral advertising.
- Right Regarding Automated Decision-Making: Object to decisions based solely on automated processing that produce legal or similarly significant effects.
- Right to Non-Discrimination: Exercise privacy rights without receiving discriminatory treatment.
How to Submit a Request Privacy rights requests may be submitted through the following methods:
Email: [email protected]
Mail: SQOR Technologies Inc., c/o Veterans Future Lab, 370 Jay St 7th floor, Brooklyn, NY 11201, United States
SQOR will acknowledge receipt of a request within 10 business days and provide a substantive response within 45 days (or 30 days for GDPR requests). If additional time is required, SQOR will notify the individual of the reason and extension period. SQOR may request identity verification before fulfilling a request.
Authorized Agents: Individuals may designate an authorized agent to submit requests on their behalf. Authorized agents must provide written proof of authorization. SQOR may require direct identity verification before processing an agent’s request.
11. California Privacy Disclosures
This section provides additional disclosures required under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”).
Categories of Personal Information Collected, Used, and Disclosed
In the preceding 12 months, SQOR has collected, used, and disclosed for business purposes the following categories of Personal Information as defined by the CCPA:
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email, IP address, account ID | Yes |
| Commercial information | Transaction records, Product usage history | Yes |
| Internet/electronic activity | Browsing history, interaction with Site/Products | Yes |
| Professional/employment information | Job title, employer, business contact details | Yes |
| Geolocation data | Approximate location derived from IP address | Yes |
| Inferences | Preferences, behavior patterns | Yes |
Sale and Sharing: SQOR does not sell Personal Information as defined by the CCPA. SQOR does not share Personal Information for cross-context behavioral advertising.
Sensitive Personal Information: SQOR does not collect or process sensitive Personal Information as defined by the CCPA for purposes of inferring characteristics about consumers.
Non-Discrimination: SQOR will not discriminate against individuals for exercising CCPA rights.
Financial Incentives: SQOR does not offer financial incentives or price or service differences in exchange for the retention or sale of Personal Information.
12. U.S. State Privacy Laws
In addition to the CCPA, residents of other U.S. states with comprehensive privacy legislation (including but not limited to Virginia, Colorado, Connecticut, Texas, Oregon, Montana, Utah, Iowa, Tennessee, Indiana, Delaware, Nebraska, New Hampshire, New Jersey, Maryland, and Minnesota) may exercise rights substantially similar to those described in Section 10, subject to the specific provisions of their state law.
These rights generally include: the right to know what Personal Data is processed, the right to access and obtain a copy, the right to correct inaccuracies, the right to delete, the right to data portability, and the right to opt out of targeted advertising, sale, or profiling that produces legal or similarly significant effects.
If SQOR denies a request, the individual may have the right to appeal. To appeal a denial, please contact [email protected] with the subject line “Privacy Rights Appeal.” SQOR will respond within the timeframe required by the applicable state law.
13. International & GDPR Disclosures
If an individual is located in the European Economic Area (“EEA”), the United Kingdom (“UK”), or Switzerland, this section provides additional information required under the General Data Protection Regulation (“GDPR”) and equivalent local laws.
13.1 Data Controller
For Personal Data processed in connection with the Site, marketing, Events, and sales activities, the data controller is:
SQOR Technologies Inc.
c/o Veterans Future Lab
370 Jay St 7th floor
Brooklyn, NY 11201, United States
Email: [email protected]
13.2 Lawful Bases for Processing
SQOR relies on the following lawful bases for processing Personal Data:
- Performance of a Contract: Processing necessary to perform an agreement, including providing the Products, managing accounts, and processing transactions.
- Legitimate Interests: Processing necessary for legitimate business interests (such as improving the Products, marketing to existing customers, ensuring security, and preventing fraud), where such interests are not overridden by individual rights and freedoms.
- Consent: Where clear, affirmative consent has been given for a specific processing purpose, such as receiving marketing communications or the use of non-essential cookies. Consent may be withdrawn at any time.
- Legal Obligation: Processing necessary to comply with a legal obligation to which SQOR is subject.
13.3 Rights Under GDPR
In addition to the rights listed in Section 10, EEA, UK, and Swiss residents have the right to lodge a complaint with a supervisory authority in the member state of their habitual residence, place of work, or place of the alleged infringement.
13.4 Data Protection Contact
For questions or concerns about processing of Personal Data under the GDPR, please contact [email protected].
14. International Data Transfers
SQOR is headquartered in the United States. Personal Data collected may be transferred to, stored, and processed in the United States or other countries where SQOR or its service providers operate. These countries may not provide the same level of data protection as the individual’s home jurisdiction.
Where SQOR transfers Personal Data from the EEA, UK, or Switzerland to a country that has not been deemed to provide an adequate level of data protection, SQOR implements appropriate safeguards, including Standard Contractual Clauses, reliance on the EU-U.S. Data Privacy Framework (and UK and Swiss extensions), and supplementary technical and organizational measures where required.
For further information about transfer mechanisms, please contact [email protected] or review the Terms and Conditions.
15. Data Controller & Data Processor Roles
- SQOR as Controller: SQOR acts as a data controller when it collects and processes Personal Data for its own purposes, including operating the Site, conducting marketing, managing Events, processing job applications, and administering sales and customer relationships.
- SQOR as Processor: When a Customer uses the Products and SQOR processes Customer Data on behalf of and under the instructions of that Customer, SQOR acts as a data processor (or “service provider” under the CCPA). In this capacity, SQOR processes Customer Data solely in accordance with the Customer’s instructions as set forth in the applicable agreement and the Terms and Conditions.
When SQOR acts as a processor, the applicable data-processing terms are addressed in the Terms and Conditions. The Customer remains responsible for its own compliance obligations, including providing required notices, obtaining necessary consents, and responding to individual requests unless otherwise required by law.
16. Children’s Privacy
The Site and Products are not directed to children under the age of 16 (or the applicable age of digital consent in the relevant jurisdiction). SQOR does not knowingly collect Personal Data from children without appropriate parental or guardian consent.
If there is reason to believe that SQOR may have inadvertently collected Personal Data from a child without proper consent, please contact [email protected] immediately. Upon verification, SQOR will take prompt steps to delete the information.
17. Sensitive Data
SQOR generally does not collect sensitive or special category Personal Data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning sex life or sexual orientation).
If, in limited circumstances, SQOR needs to process sensitive Personal Data (for example, accessibility needs for Events), SQOR will only do so with explicit consent or as otherwise permitted by applicable law. SQOR will never use sensitive Personal Data for the purpose of inferring characteristics about individuals or for automated profiling.
18. Third-Party Websites & Services
The Site and Products may contain links to third-party websites, applications, and services not owned or controlled by SQOR. This Policy does not apply to such third-party services. SQOR is not responsible for the privacy practices, content, or security of third-party services.
If a Customer links its SQOR account to third-party accounts (including SaaS tools), Customer acknowledges that SQOR may receive information from those services as described in their terms. Customers may manage these connections through their account settings.
19. Changes to This Policy
SQOR may update this Policy from time to time to reflect changes in practices, technology, legal requirements, or business operations.
When SQOR makes material changes, SQOR will:
- Update the “Effective Date” and “Last Updated” dates at the top of this page;
- Post the revised Policy on the Site; and
- Notify affected individuals at least 30 days in advance of material changes via email or through a prominent notice on the Site or within the Products.
Continued use of the Site or Products after the updated Policy becomes effective constitutes acknowledgment of the changes.
20. Contact
For questions, comments, or requests regarding this Policy or SQOR’s privacy practices, please contact:
Email: [email protected]
Mail:
SQOR Technologies Inc.
c/o Veterans Future Lab
370 Jay St 7th floor
Brooklyn, NY 11201
United States
SQOR will acknowledge inquiries within 10 business days and endeavor to respond substantively within 30 days.
© 2026 SQOR Technologies Inc. All rights reserved.
Terms and Conditions