// privacy.policy
Last updated: October 2024
Introduction
Quilon ("we", "us", "our", or "Company") operates the Quilon application and website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.
We are committed to protecting your privacy. If you have questions about this Privacy Policy, please contact us at privacy@quilon.dev.
What Information We Collect
Account Information
When you create a Quilon account, we collect your email address and account password. This information is used to authenticate your identity and deliver our service.
Clipboard Data
Quilon syncs clipboard content across your devices. This data is encrypted end-to-end (AES-256) and never stored on our servers. It flows through our servers in transit but is never persisted.
Device Information
We collect device type, OS version, and app version for analytics and debugging purposes. This helps us improve stability and identify issues.
Usage Analytics
We collect anonymized usage data: number of syncs, features used, and error logs. This data is never linked to individual users and helps us understand how Quilon is used.
Payment Information
Payment information (credit card details) is handled by our payment processor, Stripe. We never see or store your credit card information. Only Stripe processes and stores this data.
How We Use Your Information
- Authenticate your account and provide clipboard sync services
- Process payments and manage your subscription
- Send transactional emails (password resets, receipts, etc.)
- Improve our service through anonymized analytics
- Debug and resolve technical issues
- Comply with legal obligations
- Prevent fraud and abuse
Zero-Knowledge Architecture
Quilon is built with privacy as the core principle. Your clipboard data is encrypted on your device before leaving it. Here's how it works:
- Your clipboard data is encrypted with AES-256 on your device
- Only the encrypted data is sent to Quilon servers
- Our servers cannot decrypt this data—only your devices have the keys
- Encrypted data is relayed in real-time to your other devices
- Data is never stored on our servers (relay-only architecture)
Important: Even if Quilon's servers were compromised, no plaintext data could be accessed because we never have the encryption keys.
Data Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties.
Third-Party Services
We use the following third parties to deliver our service:
- Stripe: Payment processing. See Stripe Privacy Policy
- Firebase: Analytics and crash reporting (anonymized). See Firebase Privacy Policy
- Auth0: Authentication (optional). See Auth0 Privacy Policy
Legal Requests
We may disclose your information if required by law, court order, or government request. We will attempt to notify you before disclosing your information, unless legally prohibited.
Data Retention
- Account data: Retained until you delete your account
- Clipboard data: Not stored. Real-time sync only. Deleted immediately after delivery.
- Payment information: Retained by Stripe per their policy (7 years for compliance)
- Analytics data: Retained for 90 days, then anonymized
- Logs: Retained for 30 days, then deleted
Your Rights
Depending on your location, you may have the following rights:
GDPR (Europe)
- Right to access your personal data
- Right to rectification (correct inaccurate data)
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
CCPA (California)
- Right to know what personal data is collected
- Right to delete personal data
- Right to opt-out of sale of personal data
- Right to non-discrimination for exercising CCPA rights
To exercise these rights, email us at privacy@quilon.dev.
Security
We implement industry-standard security measures to protect your data, including end-to-end encryption, secure password hashing, and TLS for data in transit. However, no method of transmission over the Internet is 100% secure.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date above. Your continued use of Quilon signifies your acceptance of the updated Privacy Policy.
Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us at:
Email: privacy@quilon.dev
Website: quilon.dev