Privacy Policy

1) Who We Are

QuPracs is operated by CloudKarya, Inc. For the purposes of applicable data protection laws, CloudKarya, Inc. is the “controller” (or equivalent term) for personal information processed through this website.

2) Information We Collect

We collect information in the following categories:

A. Information you provide

When you contact us, submit a form, or otherwise communicate with us, we may collect:

• Name
• Email address
• Company, role, or other professional details (if provided)
• The content of your message and any information you choose to share

B. Usage and device information

When you browse the site, we (and our service providers) may collect:

• Pages viewed, navigation paths, and interactions
• Referring pages/sources
• Approximate location (generally derived from IP address)
• Device/browser type, operating system, and similar technical details
• Performance and diagnostic signals (for reliability and security)

This information may be collected via cookies or similar technologies (see Cookies and Analytics).

C. Account and sign-in information

If you sign in, authentication is handled through NextAuth. Depending on the identity provider you use (for example, Google or LinkedIn) and what you authorize, we may receive:

• Name
• Email address
• Profile image
• Provider identifier (for example, a unique user ID)

D. Tutorials and interactive feature activity

When you use Tutorials or other interactive features, we may collect activity and operational telemetry needed to provide and secure the feature, such as:

• Tutorial starts/completions
• Session creation and related feature events
• Technical logs required for performance, troubleshooting, and abuse prevention

3) How We Use Information

We use information to:

• Provide and operate the site (deliver pages, route requests, maintain availability)
• Authenticate users and manage sessions for gated features (via NextAuth)
• Improve content and product experience (understand what content is useful and how the site performs)
• Communicate with you (respond to inquiries and provide requested information)
• Security and abuse prevention (detect and prevent fraud, abuse, or security incidents)
• Compliance (meet legal obligations and enforce our terms)

4) Legal Bases (EEA/UK)

If you are in the European Economic Area (EEA) or the United Kingdom, we rely on one or more of the following legal bases:

• Consent (for certain analytics cookies where required)
• Contract (to provide features you request, such as authenticated Tutorials)
• Legitimate interests (to operate, secure, and improve the site), balanced against your rights
• Legal obligations (where we must comply with law)

5) Cookies and Analytics (GA4)

We use cookies and similar technologies for:

• Essential site functionality and security
• Analytics to understand usage patterns and improve the site

We use Google Analytics (GA4) or similar tools that may collect information such as:

• Pages viewed and interactions
• Device/browser type
• Approximate location derived from IP address

Your choices

You can manage cookies through:

• Browser settings (block or delete cookies)
• Any cookie controls we provide, where applicable

UK and EU rules may treat certain analytics cookies as “non-essential.” Where required by law (including UK PECR and EU ePrivacy rules), we will seek consent before placing non-essential cookies.

Google also provides a browser add-on to opt out of Google Analytics.

6) Authentication (NextAuth)

We use NextAuth to support sign-in and session management for gated features.

If you sign in via an external identity provider (for example, Google or LinkedIn):

• authentication is performed by that provider
• we use the information returned to create and maintain your session and enable features
• your use of the provider is governed by their own privacy policy

7) Sharing of Information

We do not sell your personal information.

We may share information with:

A. Service providers

Third parties who help us operate the site and deliver services, including:

• Vercel (hosting and delivery)
• Google Cloud Run (hosting/runtime for certain services)
• Google Analytics (analytics)
• Authentication-related providers used with NextAuth (identity providers you choose)

These providers are permitted to process personal information only as necessary to provide services to us.

B. Legal and safety disclosures

We may disclose information if we believe disclosure is necessary to:

• comply with law or legal process
• protect the rights, property, or safety of CloudKarya, QuPracs, our users, or others
• investigate and prevent fraud, abuse, or security incidents

8) International Transfers

We may process and store information in countries other than where you live (including the United States) through our service providers.

Where required, we use appropriate safeguards for cross-border transfers, such as:

• European Commission Standard Contractual Clauses (SCCs)
• UK International Data Transfer Agreement (IDTA) or UK Addendum

9) Your Rights (EEA/UK and other regions where applicable)

Depending on your location and applicable law, you may have rights to:

• request access to personal information we hold about you
• request correction of inaccurate information
• request deletion of your information
• object to or restrict certain processing
• request portability of your information
• withdraw consent at any time (where processing is based on consent)

You may also have the right to lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO).

10) Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy, unless a longer retention period is required or permitted by law.

11) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information. However, no method of transmission or storage is 100% secure.

12) Children

This website is not directed to children, and we do not knowingly collect personal information from children.

If you believe a child has provided personal information, please contact us and we will take appropriate steps.

13) Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date above.

14) Contact

For privacy questions or requests, contact: