Privacy Policy

🔒 Privacy Overview

PQ Crypta is committed to protecting your privacy while providing secure post-quantum encryption services. This policy explains how we collect, use, and protect your information when you use our services at pqcrypta.com.

🗂️ Information We Collect

Automatically Collected Information

• IP Address: For security monitoring and geographic location (country-level only)
• User Agent: Browser and device information for compatibility
• Session Data: Temporary identifiers for operational continuity
• Performance Metrics: Response times, error rates, and system performance data
• Security Events: Failed authentication attempts, suspicious activity patterns

Cryptographic Operation Metadata

• Algorithm Types: Which encryption algorithms you select
• Key Sizes: Length of encryption keys used
• Processing Times: Time taken for cryptographic operations
• Operation Counts: Number of encryption/decryption operations

Account Information (If You Register)

• Email Address: For account creation and security notifications
• Username: Your chosen identifier
• Authentication Data: Hashed passwords and MFA tokens
• Account Preferences: Settings and configuration choices

🚫 Information We DO NOT Collect

• Your Encrypted Data: We never access or store the content you encrypt
• Your Private Keys: All keys are generated and stored locally
• Personal Content: Messages, files, or documents you encrypt
• Detailed Browsing History: We don't track your activity across other sites
• Biometric Data: No fingerprints, facial recognition, or similar data

🎯 How We Use Your Information

Service Operation

• Providing post-quantum encryption and decryption services
• Maintaining system performance and reliability
• Optimizing cryptographic algorithm performance
• Ensuring service availability and uptime

Security & Protection

• Detecting and preventing security threats
• Rate limiting to prevent abuse
• Monitoring for suspicious activity
• Maintaining audit logs for security incidents

Service Improvement

• Analyzing performance metrics to optimize algorithms
• Understanding usage patterns to improve user experience
• Developing new cryptographic features
• Ensuring compatibility across different devices and browsers

📊 Data Retention

Operational Data

Retention Period: 90 days maximum

• IP addresses and session data
• Performance metrics and error logs
• Security event logs
• Cryptographic operation metadata

Account Data

Retention Period: Until account deletion

• Email addresses and usernames
• Account settings and preferences
• Authentication credentials (hashed)

Automated Cleanup

We use automated systems to regularly purge old data according to our retention schedules. Data is securely deleted using industry-standard wiping procedures.

🔐 Data Security

Technical Safeguards

• Encryption: All data transmission uses TLS 1.3
• Access Controls: Multi-factor authentication for administrative access
• Network Security: Firewalls, intrusion detection, and monitoring
• Data Encryption: Sensitive data encrypted at rest

Operational Safeguards

• Regular Audits: Security reviews and penetration testing
• Employee Training: Security awareness and data handling procedures
• Incident Response: Documented procedures for security incidents
• Vendor Management: Security requirements for third-party services

🤝 Data Sharing

We do not sell, rent, or trade your personal information.

Limited Sharing Scenarios

• Legal Requirements: When required by valid legal process
• Security Threats: To prevent fraud or security incidents
• Service Providers: Trusted partners who help operate our services (under strict agreements)
• Business Transfers: In the event of a merger or acquisition (with notice)

🌍 International Data Transfers

PQ Crypta operates globally. If you're outside the United States, your data may be transferred to and processed in the US, where our servers are located. We ensure appropriate safeguards are in place for international transfers.

👤 Your Rights

Access & Control

• Access: Request copies of data we hold about you
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your data (subject to legal requirements)
• Portability: Receive your data in a structured format

Communication Preferences

• Opt-out: Unsubscribe from non-essential communications
• Security Notifications: Essential security alerts cannot be disabled

🍪 Cookies and Tracking

Essential Cookies

• Session Management: Maintaining your login state
• Security: CSRF protection and security tokens
• Preferences: Remembering your settings

Analytics

We use minimal, privacy-focused analytics to understand how our service is used. We do not use third-party tracking services like Google Analytics.

👶 Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

📱 Third-Party Services

Our service may contain links to third-party websites or services. This privacy policy does not apply to third-party services. We recommend reviewing their privacy policies before using their services.

🔄 Policy Updates

We may update this privacy policy to reflect changes in our practices or legal requirements. We will:

• Post updates on this page with a new "Last Updated" date
• Notify users of significant changes via email (if you have an account)
• Provide 30 days notice for material changes that affect your rights

⚖️ Legal Basis for Processing

We process your information based on:

• Legitimate Interest: Providing secure encryption services and preventing fraud
• Consent: When you voluntarily provide information or create an account
• Legal Compliance: Meeting regulatory and legal requirements
• Contract Performance: Fulfilling our service obligations to you