KweryAI: Privacy Policy

Introduction
Who we are
What data we collect
How we use your data
Legal basis for processing (GDPR Article 6)
Data storage and security
Data retention
Your rights (GDPR)
Cookies
Third party processors
International transfers
Changes to this policy
Contact

1. Introduction

KweryAI Ltd ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store and protect information when you use our platform and website.

2. Who we are

Data Controller: KweryAI Ltd Registered in England and Wales
Contact: privacy@kwery.ai

3. What data we collect

Account data: name, email, role, organisation
HR data: leave records, payroll, performance, attendance (processed on behalf of your organisation)
Usage data: login times, feature usage, IP address
Contact form data: name, email, company, message

4. How we use your data

To provide and improve the KweryAI platform
To process HR transactions on behalf of your organisation
To respond to enquiries and demo requests
To send product updates (with consent)
To maintain security and prevent fraud

5. Legal basis for processing (GDPR Article 6)

Contract: to deliver the service you signed up for
Legitimate interests: security, fraud prevention, product improvement
Consent: marketing communications
Legal obligation: compliance with UK employment law

6. Data storage and security

Data stored in EU/UK data centres
Encrypted at rest (AES-256) and in transit (TLS 1.3)
Access controlled by role-based permissions
Regular security audits and penetration testing

7. Data retention

Account data: retained for the duration of the contract plus 6 years (UK legal requirement)
HR records: as directed by your organisation
Contact form data: 2 years
Usage logs: 90 days

8. Your rights (GDPR)

You have the right to:

Access your personal data
Correct inaccurate data
Request deletion ("right to be forgotten")
Restrict processing
Data portability
Object to processing
Withdraw consent at any time

Contact privacy@kwery.ai to exercise any of these rights. You also have the right to lodge a complaint with the ICO (ico.org.uk).

9. Cookies

We use essential cookies for authentication and session management. No third-party tracking or advertising cookies. See our Cookie Policy for details.

10. Third party processors

We use the following sub-processors:

Railway (infrastructure hosting)
Netlify (website hosting)
Redis (session caching)

All processors are contractually bound to GDPR standards.

11. International transfers

Data is processed within the UK and EU. No transfers to third countries without adequate protection measures.

12. Changes to this policy

We will notify you of material changes via email or in-app notification. Continued use constitutes acceptance.

13. Contact

privacy@kwery.ai
KweryAI Ltd, London, United Kingdom

Privacy Policy

Contents