Privacy Policy

Effective date: January 1, 2026 · Last updated: April 29, 2026

QinoGlobal (“QinoGlobal”, “we”, “us”, or “our”) operates the multi-tenant SaaS platform available at qinoglobal.com and its sub-domains. This Privacy Policy explains what personal data we process, why we process it, and the rights you have over that data.

We take privacy seriously. Where this policy refers to data we process on behalf of an operator (our customer), we act as a data processor and the operator is the data controller. Where this policy refers to data we collect directly from visitors to qinoglobal.com, we are the data controller.

1. Information we collect

1.1 Information you give us

• Contact details when you email us, fill in a contact form, or apply for partnership (name, email address, company, message contents).
• Operator account information if your organisation becomes a customer of the platform (legal name, billing information, authorised contacts, license details).
• Email correspondence with our support, sales, privacy, and abuse teams.

1.2 Information we collect automatically

• Server logs recording IP address, user-agent, requested URL, response code, and timestamp. These are kept for security and abuse-prevention purposes.
• Email engagement events (delivered, bounced, complained, unsubscribed) returned by Amazon SES for each message we send. We do not insert tracking pixels or click-tracking on the marketing site.

1.3 Information processed on behalf of operators

When an operator uses the QinoGlobal platform, end-user data (account credentials, balances, communications) is stored in tenant-isolated databases. We act as a processor: the operator decides what data is collected, why, and for how long, and we provide the technical tools to honour their commitments.

2. How we use information

• To respond to enquiries and provide the services you request.
• To operate, secure, and improve the platform.
• To comply with legal obligations and lawful requests.
• To detect, prevent, and respond to fraud or abuse.
• To send transactional notifications (account, security, billing).
• To send marketing only to people who have explicitly opted in. Every marketing email contains a one-click unsubscribe link.

3. Email practices

We use Amazon Simple Email Service (Amazon SES) to send email and we adhere to the AWS Acceptable Use Policy and the CAN-SPAM Act:

• Permission-based sending: we only send email to addresses that have an existing account, an active business relationship, or have explicitly opted in.
• Authentication: all sending domains are configured with SPF, DKIM, and DMARC.
• Unsubscribe: every marketing email includes a one-click unsubscribe link; transactional emails always identify who they are from and why you received them.
• Suppression: bounces and complaints are added to a suppression list automatically and never re-mailed.
• Reporting: abuse and complaints can be reported to abuse@qinoglobal.com; we investigate every report within one business day.

4. Sharing

We share personal data only where necessary, with:

• Sub-processors we engage to operate the platform (cloud hosting, email delivery, observability). We require each to process data under contract with comparable safeguards.
• Operators on whose behalf we process end-user data, for the purposes the operator is authorised to use it.
• Authorities when compelled by valid legal process or to protect the safety of our users or the public.

We do not sell personal data, and we do not share it with advertising networks.

5. Sub-processors

• Amazon Web Services, Inc. — infrastructure hosting (Singapore).
• Amazon Simple Email Service — outbound email.
• Cloudflare, Inc. — DNS, edge security, and DDoS mitigation.

6. International transfers

Our primary infrastructure is in AWS Asia Pacific (Singapore). Where personal data is transferred outside its country of origin, the transfer is governed by appropriate safeguards (such as the EU Standard Contractual Clauses) where applicable.

7. Retention

We keep personal data only for as long as necessary for the purposes described in this policy or as required by law. Server logs are retained for 90 days; contact-form correspondence is retained for up to 24 months unless you ask us to delete it sooner.

8. Your rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal data, to object to processing, or to lodge a complaint with a supervisory authority. To exercise any of these rights with respect to data we hold about you directly, email privacy@qinoglobal.com. For data we process on behalf of an operator, please contact that operator first; we will assist them in honouring your request.

9. Security

We protect personal data with industry-standard measures: encryption in transit and at rest, parameterized database queries, secrets in a managed vault, audited access to production, and continuous monitoring. Despite our efforts no system is perfectly secure; if you suspect a vulnerability, please email abuse@qinoglobal.com.

10. Children

Our services are not directed at children. We do not knowingly collect personal data from anyone under the age of majority in their jurisdiction.

11. Changes

When we make material changes to this policy we will update the “Last updated” date and, where appropriate, notify you directly. The most recent version always lives at this URL.

12. How to contact us

Privacy enquiries: privacy@qinoglobal.com
General contact: contact@qinoglobal.com