Thank you for choosing Quibitt Solutions Inc. (“Quibitt”, “Qubit App,” “we,” “our,” or “us”). These Terms of Use (“Terms”) govern your use of our services, including our website, platform, mobile applications, and related services (collectively, the “Services”). By accessing or using the Services, you agree to these Terms in their entirety. If you do not agree to these Terms, you must not use our Services.

This Privacy Policy is designed to ensure transparency and compliance with privacy laws applicable to our operations, including: Canada: Personal Information Protection and Electronic Documents Act (PIPEDA); United Kingdom: UK GDPR and Data Protection Act 2018; European Union: GDPR (where applicable). By using our Services, you consent to the practices described in this Privacy Policy. If you do not agree with any part of this Privacy Policy, you must discontinue use of our Services.

Information You Provide

Account Information: details such as your name, email address, phone number, password, and other information provided during registration. Payment Information: billing address, payment method details, and transaction history. Support Requests: information submitted through support channels. Feedback and Surveys: responses to surveys, feedback forms, or reviews.

Automatically Collected Information

Device Information: data about your device (IP address, operating system, browser type, and version). Usage Data: information regarding pages viewed, features accessed, clicks, and other interactions. Location Data: approximate location based on your IP address (where permitted by law).

Information from Third Parties

Building Managers: details such as apartment/unit numbers and lease-related information. Third-Party Services: data from integrations (e.g., Stripe) to process payments or verify your identity.

We use your information to provide, personalize, and improve our Services; process payments and manage subscriptions; communicate with you about updates, features, and promotions; ensure platform security and detect fraudulent activity; and comply with legal and regulatory obligations.

For UK and EU Users: processing is based on contractual necessity, legitimate interests, legal obligations, and explicit consent where applicable.

Service Providers

We may share your data with third-party vendors that assist us in delivering the Services, such as payment processors, cloud storage providers, and customer support tools.

Legal and Regulatory Authorities

We may share data to comply with legal obligations, enforce our policies, or protect the rights and safety of users and others.

Building Managers

Details necessary to support building operations (e.g., maintenance requests or resident communications) may be shared.

Quibitt operates globally, and your data may be transferred and processed in countries outside your jurisdiction, including Canada, the United States, and the EEA. These transfers are conducted in compliance with applicable data protection laws and are safeguarded by mechanisms such as Standard Contractual Clauses (SCCs), adequacy decisions, or Binding Corporate Rules (BCRs).

User Consent

By using Quibitt's Services, users consent to the transfer, storage, and processing of their data in locations outside their country of residence.

We retain your information as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal and regulatory requirements, and resolve disputes. When retention is no longer necessary, data is securely deleted or anonymized.

Security Measures

Data transmitted to and from our platform is encrypted using SSL/TLS; access controls, regular audits, and secure storage measures are in place.

User Responsibilities

We encourage users to use strong, unique passwords, avoid sharing login credentials, and notify us immediately of any suspected unauthorized access.

Data Breach Protocol

In the event of a data breach, we will investigate promptly, notify affected users within 72 hours if required, and take steps to mitigate risks and prevent future breaches.

Depending on your location, you may have the right to access, rectify, erase, restrict processing, and obtain portable copies of your data. UK and EU users have rights under GDPR/UK GDPR, while Canadian users have rights under PIPEDA. To exercise these rights, please contact us at privacy@quibittapp.com.

What Are Cookies?

Cookies are small text files stored on your device that help enhance your experience and the functionality of our platform.

Types of Cookies We Use

We use essential, performance, functional, and advertising cookies (the latter only with user consent).

Managing Cookies

You can manage your cookie preferences through your browser settings or our cookie management tool, but note that disabling certain cookies may affect functionality.

Third-Party Cookies

Trusted third-party providers (e.g., Google Analytics) may set cookies to analyze usage and improve our services, subject to their own privacy policies.

Our Services may include links to third-party websites or integrations with external tools (e.g., Stripe). Although we select partners carefully, we are not responsible for their privacy practices. Please review their privacy policies before sharing your information.

Quibitt does not knowingly collect or process data from individuals under the age of 18. If a minor's personal information is identified, we will delete the account and, where applicable, notify a parent or guardian.

If you have any questions regarding this Privacy Policy or wish to exercise your privacy rights, please contact us at privacy@quibittapp.com or via mail at Quibitt Solutions Inc., 6087 Eaglewood Dr, Niagara Falls, Ontario, Canada. (For UK users: hello.uk@quibittapp.com)

Data Portability

Users may request a copy of their personal data in a structured, machine-readable format by emailing privacy@quibittapp.com. Requests will be fulfilled within 30 days unless unusually complex.

Data Retention Policy

We retain user data only as long as necessary to fulfill the purposes outlined in this Privacy Policy and comply with legal requirements. Data will be deleted upon account termination or specific deletion requests within 30 days, unless legally mandated otherwise.

Data Processing Basis

Under GDPR and UK GDPR, we process your data based on consent, contractual necessity, legal obligations, and legitimate interests.

Data Transfers Outside the UK and EEA

For UK and EU users, we ensure that cross-border data transfers are safeguarded through mechanisms such as Standard Contractual Clauses (SCCs).

Right to Lodge a Complaint

UK users may contact the Information Commissioner's Office (ICO) at www.ico.org.uk, and EU users should refer to their local Data Protection Authority for lodging complaints.

Automated Decision-Making

Quibitt may use automated processes to analyze user activity for billing or recommendations. Users have the right to request human intervention or challenge decisions solely based on automated processing.

Categories of Data Shared

We share personal data only with trusted third parties that provide essential services (e.g., payment processors, cloud storage, analytics).

Safeguards with Third Parties

Data shared with third parties is subject to strict data protection agreements and is limited to what is necessary for their specific functions.

Third-Party Marketing

We do not share user data with third parties for marketing purposes unless explicit consent is obtained.

Right to Update

We reserve the right to update this Privacy Policy to reflect changes in data processing practices or legal requirements.

Notification of Changes

Significant updates will be communicated via email, in-app notifications, or prominent website notices.

Continued Use

Continued use of our Services after the effective date of updates constitutes acceptance of the revised policy.

Collection of Biometric Data

Quibitt does not actively collect biometric data. If future features require biometric data, explicit user consent will be obtained and data will be used solely for the stated purpose.

Collection of Location Data

Certain features may use GPS data, IP-based location data, or manually entered addresses to provide specific services and enhance platform security.

Compliance for Businesses

Businesses using Quibitt must ensure compliance with data protection laws, which may include entering into a Data Processing Agreement (DPA) and enforcing adequate security standards.

Reporting Data Breaches

Businesses are required to report any suspected data breaches involving Quibitt's Services within 72 hours as per applicable regulations.

PIPEDA Compliance (Canada)

Quibitt adheres to PIPEDA by ensuring accountability, obtaining user consent, and providing access to personal data upon request.

GDPR/UK GDPR

For users in the EU and UK, Quibitt complies with GDPR requirements including data subject rights and data protection impact assessments.

UK and EU Representatives

Designated representatives are available for GDPR/UK GDPR inquiries; contact details are provided upon request.

Right to Access

You have the right to request confirmation of whether your personal data is processed and to obtain a copy of your data.

Right to Rectification

If your data is inaccurate or incomplete, you may request corrections.

Right to Erasure

You may request deletion of your data when it is no longer necessary, upon withdrawal of consent, or if it has been unlawfully processed.

Right to Restrict Processing

You can request restricted processing if your data is contested but required for verification purposes.

Right to Data Portability

You have the right to receive your data in a structured, machine-readable format.

Right to Object

You may object to processing for direct marketing purposes or on the basis of legitimate interests.

For further information or to exercise your rights, please contact us at privacy@quibittapp.com or mail us at Quibitt Solutions Inc., 6087 Eaglewood Dr, Niagara Falls, Ontario, Canada.

Collection and Use of Beta User Data

Beta features may involve collecting additional data (e.g., user interactions, feedback, diagnostic metrics) used exclusively to improve beta functionality and overall platform performance.

Limited Retention of Beta Data

Data generated during beta testing is retained only for the duration of the beta program, may be anonymized for long-term analysis, and can be deleted upon user request.

No Guarantee of Data Continuity

Beta features are provided on an 'as-is' basis, and data continuity or migration into production features is not guaranteed.

Consent for Beta Participation

Beta users must explicitly opt-in and consent to the collection and processing of additional data required for beta testing.

Role as a Data Processor

In certain cases, Quibitt acts as a Data Processor on behalf of its customers (Data Controllers), such as building managers and businesses.

Responsibilities as a Data Processor

We process data only as instructed by the Data Controller and implement technical and organizational measures to safeguard it.

Data Processing Agreements (DPA)

A Data Processing Agreement outlining the roles, responsibilities, and data protection measures is available upon request.

Subprocessors

We may engage third-party subprocessors under strict contractual obligations to adhere to the same data protection standards.

Quibitt's Commitment

In the event of a data breach, Quibitt is committed to identifying, containing, and assessing the breach promptly.

Notification Procedure

Affected users will be notified via email or in-platform notifications, and breaches will be reported to regulatory authorities within the required timeframe.

Right to Update

Quibitt reserves the right to update this Privacy Policy to reflect changes in our services or legal requirements.

Notification of Changes

Users will be notified of significant changes via email, in-platform notifications, or updates on our website.

Continued Use

Your continued use of our Services after any updates constitutes acceptance of the new policy.

Integration with Third-Party Services

When using third-party integrations (e.g., Stripe, Google Maps), data is shared only to the extent necessary and under strict agreements.

User Responsibility

Users should review third-party privacy policies, as disabling integrations may affect certain features.

Liability for Third-Party Actions

Quibitt is not liable for third-party privacy practices; users are advised to exercise caution when sharing data.

Purpose of Data Anonymization

We may anonymize personal data for internal analysis, reporting, and research purposes, ensuring no individual is identifiable.

Anonymization Process

Personal identifiers are removed or replaced with pseudonyms, and anonymized data is rigorously checked to prevent re-identification.

Limitations

Once anonymized, data cannot be associated with individual users and is not subject to deletion requests.

Enhancing Building Management

Data from maintenance requests and key management are used to support building operations.

Personalized Resident Services

Notifications and feedback processes are used to enhance resident services.

Operational Reporting for Managers

Analytics dashboards and billing management based on user data help inform operational decisions.

Security and Fraud Prevention

Monitoring login activity and device information helps prevent unauthorized access and fraud.

Marketing and Product Improvements

Aggregated data is analyzed to target marketing efforts and to drive product enhancements.

Different types of data are retained for varying periods: Maintenance Logs (up to 5 years), Billing Records (up to 7 years), Resident Details (while active and for up to 12 months after deactivation), and Anonymized Data (retained indefinitely).

Contractual Necessity

Data is processed to fulfill contractual obligations such as delivering building management services.

Consent

Explicit consent is obtained for activities like marketing communications or tracking cookies.

Legitimate Interests

We process data to improve service delivery, enhance security, and prevent fraud. Users may object if processing adversely affects their rights.

Legal Obligations

Certain data processing activities are performed to comply with legal requirements, such as tax reporting.