← Back to quaer.ai

Privacy Policy

Last Updated: July 5, 2026

quaer.ai respects your privacy. This Privacy Policy explains what data we collect, how we use it, and the choices you have.

1. Data We Collect

Account Data

DataPurposeRetention
Email addressAccount identification, notificationsUntil deletion
NamePersonalization, billingUntil deletion
Password hashAuthentication (bcrypt, 12 rounds)Until deletion
GitHub IDOAuth login (optional)Until deletion

Usage Data

DataPurposeRetention
API request logsRate limiting, abuse prevention90 days
Query contentNOT LOGGED — search queries are not stored after results are returnedN/A
Audit logsSecurity, enterprise compliance7 years
IP addressRate limiting, security90 days

BYOK Data

DataProtection
LLM API key (OpenAI/Anthropic)AES-256-GCM encrypted at rest, decrypted on-demand, never logged, never cached in plaintext

2. How We Use Data

What We Do NOT Do: We do NOT sell your data. We do NOT share query content. We do NOT use your legal queries to train AI models. We do NOT log query content after results are returned.

3. Third-Party Services

ServiceWhat They Process
StripePayment processing (card numbers, billing)
CloudflareCDN, DNS, DDoS protection, hosting
Resend / SendGridTransactional email delivery
GitHubOAuth authentication (optional)

4. Data Security

5. Your Rights

6. Cookies

We use only essential cookies for authentication (authjs.session-token). We do NOT use tracking, advertising, or analytics cookies. No Google Analytics, no Facebook Pixel.

7. International Users

EU/UK Residents: quaer.ai is not yet GDPR-compliant. EU residents should not use the Service until GDPR compliance is implemented.

8. Data Breach Notification

In the event of a data breach, we will notify affected users within 72 hours, notify state attorneys general as required, and provide remediation details.

9. Contact

Privacy inquiries: [email protected]


This document is a draft prepared for quaer.ai. It should be reviewed by a licensed attorney before publication.