01Introduction
This Privacy Policy explains how Qalam IO LLC (“Qalam I/O”, “we”, “us”, or “our”) collects, uses, discloses, stores, and protects personal data when you:
- visit our websites;
- join a waitlist;
- subscribe to updates;
- contact us;
- purchase or use our cloud-hosted (SaaS) products;
- purchase or download our self-hosted software;
- engage our consulting, mentoring, or other professional services.
This Privacy Policy applies only to personal data that Qalam IO LLC controls. It does not apply to personal data processed by customers using our self-hosted software on infrastructure they control. See Section 11.
02Who we are
Qalam IO LLC is a limited liability company organized under the laws of the State of Wyoming, United States.
For personal data described in this Privacy Policy, Qalam IO LLC generally acts as the data controller. For certain enterprise or contractual services, we may also act as a data processor where agreed in writing.
If you have privacy questions, contact us using the information in Section 21.
03Personal data we collect
Depending on how you interact with us, we may collect the following categories of personal data.
Contact information
Examples include your name, email address, company name, job title, and any information you voluntarily provide through forms or communications — such as joining a waitlist, subscribing to updates, requesting support, contacting us, or engaging consulting services.
Account information
For cloud-hosted services we may collect username, email address, encrypted or hashed passwords, profile information, and account preferences.
Technical information
When you use our websites or services, we may automatically collect technical information, including:
- IP address;
- browser type;
- operating system;
- device information;
- approximate location (such as country or city derived from IP);
- pages visited;
- referring URLs;
- timestamps;
- request metadata;
- diagnostic information;
- security logs.
This information helps us operate, secure, monitor, and improve our services.
Waitlist information
When you join a waitlist, we may collect:
- your email address;
- your name (if provided);
- referral information;
- waitlist position;
- UTM campaign parameters;
- first and last attribution information;
- visit counts;
- approximate geographic information derived from IP.
Payment information
Payments are processed by third-party payment providers. We do not store complete payment card numbers or payment credentials on our own servers. We may receive limited billing information such as customer name, billing email, invoice information, payment status, and subscription status.
Communications
If you contact us, we may retain emails, support tickets, chat messages, consulting communications, attachments, feedback, bug reports, and feature requests.
Usage information
We may collect information regarding how our products and services are used. Where reasonably possible, we aggregate or pseudonymize usage information to reduce identification.
Sensitive personal data
We do not intentionally collect special-category or sensitive personal data, including information relating to health, religion, political opinions, ethnicity, biometric identifiers, sexual orientation, or similar protected categories. Please do not send us such information unless specifically requested.
04How we use personal data
We use personal data to:
- operate our websites;
- manage waitlists;
- create and administer accounts;
- deliver products and services;
- provide consulting and mentoring;
- authenticate users;
- process payments;
- detect fraud;
- prevent spam and abuse;
- secure our infrastructure;
- investigate incidents;
- troubleshoot technical problems;
- improve products and services;
- communicate with customers;
- send product updates;
- comply with legal obligations;
- protect our rights, users, and business.
05Legal bases (EEA / UK)
Where GDPR or UK GDPR applies, we process personal data under one or more of the following legal bases:
- consent;
- performance of a contract;
- legitimate interests;
- compliance with legal obligations;
- protection of vital interests where applicable.
Our legitimate interests include maintaining security, improving our services, preventing fraud, and operating our business efficiently while balancing your rights.
06Cookies and similar technologies
We use cookies and similar technologies for authentication, security, fraud prevention, load balancing, remembering preferences, measuring website performance, and analytics where permitted.
Where required by applicable law, we obtain consent before placing non-essential cookies. You can manage cookies through your browser settings; disabling cookies may affect certain functionality.
07Analytics
We use analytics services to understand website usage, improve performance, diagnose technical issues, and measure product effectiveness. Our primary analytics provider is PostHog.
Analytics may collect information such as pages visited, browser information, device characteristics, approximate location derived from IP, referring websites, UTM parameters, feature usage, and session events. Where required by applicable law, analytics requiring consent are enabled only after consent has been obtained. We configure analytics with privacy protections where reasonably available.
08Service providers
We use carefully selected third-party service providers to help operate our business. Examples include providers for content delivery, security, hosting, databases, analytics, email delivery, payment processing, customer support, and AI services.
Current providers may include Cloudflare, PostHog, Turso, payment processors, and email delivery providers. We may add, remove, or replace providers over time without updating this list, provided they perform substantially similar services. Where required by applicable law, we enter into contractual arrangements designed to protect personal data.
09International transfers
Your personal data may be processed in the United States and other countries where our service providers operate. Where required by law, we rely upon appropriate safeguards including Standard Contractual Clauses, adequacy decisions, and other lawful transfer mechanisms recognized by applicable law.
10Cloud-hosted (SaaS) services
For our hosted services, Qalam IO LLC generally acts as the data controller regarding customer account information. Certain products may process customer-generated content necessary to provide requested functionality. Individual products may provide additional privacy information or product-specific terms.
11Self-hosted products
When you deploy and operate one of our self-hosted products on infrastructure you control, you — not Qalam IO LLC — are responsible for determining the purposes and means of processing personal data within that deployment.
Accordingly, you are responsible for:
- applicable privacy law compliance;
- security configuration;
- encryption;
- access control;
- backups;
- retention policies;
- responding to requests from your users.
We do not access, receive, or control data processed within your deployment unless you voluntarily provide access or data for support that you specifically request or authorize.
12AI processing
Some of our products include AI-powered functionality. Where AI features process customer information, such processing is performed solely to provide requested functionality. We do not use personal data collected through our websites or cloud-hosted products to train publicly available AI models.
AI-generated outputs may occasionally be inaccurate, incomplete, or unexpected and should not be relied upon as the sole basis for important decisions. For self-hosted products, any AI processing is entirely controlled by the customer.
13Data retention
We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy or as required or permitted by applicable law. Retention periods vary depending on the type of information involved. When no longer required, personal data is securely deleted, anonymized, or otherwise disposed of.
14Disclosure of personal data
We do not sell your personal data. We may disclose personal data to service providers, professional advisers, auditors, insurers, legal counsel, payment providers, corporate affiliates, authorities where required by law, and during mergers, acquisitions, financing, or asset sales.
We may also preserve, access, or disclose personal data where reasonably necessary to comply with applicable law; respond to lawful governmental requests; enforce agreements; investigate fraud or abuse; protect our users, our rights, and public safety.
15Children’s privacy
Our services are not directed toward children. We do not knowingly collect personal data from individuals under 16 years of age or the minimum legal age applicable in their jurisdiction. If we learn that we have collected such information, we will delete it within a reasonable period.
16Your privacy rights
Depending on your jurisdiction, you may have rights including access, correction, deletion, restriction, objection, portability, withdrawal of consent, and complaint to a supervisory authority. California and certain U.S. state residents may have additional statutory rights.
We do not sell personal data. Requests may require identity verification before fulfillment. To exercise any right, contact us.
17Do Not Track
Because there is no universally accepted standard for Do Not Track signals, our services do not currently respond to generic browser DNT signals.
18Security
We implement administrative, technical, and organizational safeguards designed to protect personal data against unauthorized access, disclosure, alteration, destruction, and misuse. These measures include, where appropriate, HTTPS encryption, access controls, authentication mechanisms, security monitoring, logging, abuse prevention, and infrastructure protections.
No security measure is perfect, and we cannot guarantee absolute security. Customers remain responsible for protecting their own credentials and securing systems under their control.
19Business transfers
If Qalam IO LLC is involved in a merger, acquisition, financing, bankruptcy, restructuring, due diligence process, or sale of assets, personal data may be transferred as part of that transaction subject to appropriate confidentiality obligations.
20Changes to this Privacy Policy
We may revise this Privacy Policy from time to time. Material changes will be published on this page together with an updated “Last updated” date. Where required by applicable law, we will obtain additional consent before material changes take effect.
21Contact
For privacy questions or to exercise your rights, contact:
Qalam IO LLC
312 W 2nd St Unit #A2299
Casper, WY 82601
United States
Email: info@qalamio.com
Formal legal notices may be served through our registered agent: Registered Agents Inc, 30 N Gould St Ste R, Sheridan, WY 82801, United States.