1. INTRODUCTION

Quos ("we," "our," "us") operates a mobile-first web application ("Service") that allows users to create, customize, and share satirical content designed for entertainment purposes. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with applicable privacy laws, including the Virginia Consumer Data Protection Act (VCDPA), California Consumer Privacy Act (CCPA), and General Data Protection Regulation (GDPR).

2. INFORMATION WE COLLECT

2.1 Account Information

• Email address, username, and securely hashed passwords
• Google OAuth information when using Google authentication
• Profile information you choose to provide

2.2 User-Generated Content

• Content templates, customizations, and shared materials
• Optional identifiers or parameters you input for content creation
• We do not verify or independently publish user-provided identifiers unless you share them publicly

2.3 Technical and Usage Data

• IP address, device information, browser type, and operating system
• Application interactions, feature usage, and performance analytics
• Session information and access logs

2.4 Payment Information

• When applicable, payment processing is handled by third-party providers (such as Stripe)
• We do not store complete credit card information on our systems
• We may retain transaction records and billing information

2.5 Cookies and Tracking Technologies

• Essential cookies for authentication and service functionality
• Analytics cookies to understand usage patterns and improve the Service
• Local storage for user preferences and application state

3. HOW WE USE YOUR INFORMATION

We process your information for the following purposes:

• Providing and maintaining the Service
• Authenticating users and managing accounts
• Customizing content and improving user experience
• Detecting and preventing abuse, fraud, and security threats
• Analyzing usage trends and optimizing Service performance
• Processing payments and managing subscriptions (when applicable)
• Communicating with users about Service updates and support
• Complying with legal obligations and protecting our rights

4. LEGAL BASIS FOR PROCESSING (GDPR)

For users in the European Union, our legal bases for processing include:

• Contract performance: Processing necessary to provide the Service
• Legitimate interests: Improving the Service, preventing fraud, and ensuring security
• Consent: Where you have provided explicit consent for specific processing activities
• Legal obligations: Compliance with applicable laws and regulations

5. INFORMATION SHARING AND DISCLOSURE

5.1 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties.

5.2 Service Providers

We may share limited information with trusted third-party service providers who assist in:

• Hosting and infrastructure services
• Analytics and performance monitoring
• Payment processing and billing
• Customer support and communications
• Security and fraud prevention

5.3 Legal Requirements

We may disclose your information when required by law, legal process, or to:

• Comply with valid legal requests or court orders
• Protect the rights, property, or safety of Quos, our users, or the public
• Investigate potential violations of our Terms of Service
• Respond to claims of illegal activity or policy violations

5.4 Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of our assets, user information may be transferred as part of the transaction. Users will be notified of any such change via email or prominent notice on the Service.

6. CONTENT RESPONSIBILITY AND DISCLAIMERS

6.1 User-Generated Content

• Users are fully responsible for content they create, share, and distribute
• The Service enables satirical content creation for entertainment purposes
• We do not endorse, control, or pre-review individual user-generated content

6.2 Prohibited Uses

Misuse of the Service for harassment, bullying, stalking, defamation, or targeted abuse is strictly prohibited and may result in account termination and legal action.

6.3 Content Moderation

We reserve the right to review and remove content that violates our policies or applicable laws.

7. DATA RETENTION

We retain personal information only as long as necessary to:

• Provide the Service and fulfill the purposes outlined in this Policy
• Comply with legal obligations and resolve disputes
• Maintain security and prevent fraud

You may request deletion of your personal data at any time by contacting privacy@quos.app, subject to legal retention requirements.

8. DATA SECURITY

8.1 Security Measures

We implement appropriate technical and organizational security measures, including:

• Encryption of data in transit and at rest
• Multi-factor authentication and access controls
• Row-level security (RLS) through our database provider
• Regular security assessments and monitoring

8.2 Security Limitations

Despite our security measures, no online platform can guarantee 100% security. You acknowledge and accept the inherent risks of internet-based services.

9. CHILDREN'S PRIVACY

9.1 Age Restrictions

The Service is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13.

9.2 Parental Rights

If we discover that a child under 13 has provided personal information, we will promptly delete their account and associated data. Parents who believe their child has provided information to us should contact privacy@quos.app.

10. YOUR PRIVACY RIGHTS

10.1 General Rights

You have the right to:

• Access your personal information
• Correct inaccurate or incomplete data
• Request deletion of your personal data
• Object to or restrict certain processing activities
• Data portability (receive your data in a structured format)

10.2 California Residents (CCPA)

California residents have additional rights including:

• Right to know what personal information is collected and how it's used
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell personal data)
• Right to non-discrimination for exercising privacy rights

10.3 Virginia Residents (VCDPA)

Virginia residents have rights including:

• Right to access and data portability
• Right to correct inaccuracies
• Right to delete personal data
• Right to opt-out of targeted advertising and profiling

10.4 European Union Residents (GDPR)

EU residents have rights including:

• Right of access and data portability
• Right to rectification and erasure
• Right to restrict or object to processing
• Right to withdraw consent
• Right to lodge complaints with supervisory authorities

11. EXERCISING YOUR RIGHTS

To exercise your privacy rights, contact us at privacy@quos.app with:

• Your full name and email address associated with your account
• Specific rights you wish to exercise
• Any additional information needed to verify your identity

We will respond to verified requests within the timeframes required by applicable law.

12. INTERNATIONAL DATA TRANSFERS

If you are located outside the United States, your information may be transferred to and processed in the United States. We implement appropriate safeguards to ensure adequate protection of your personal data during international transfers.

13. CHANGES TO THIS PRIVACY POLICY

13.1 Updates

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws.

13.2 Notification

Material changes will be communicated through:

• In-app notifications
• Email notifications to registered users
• Prominent notices on our website

13.3 Continued Use

Your continued use of the Service after policy updates constitutes acceptance of the revised Privacy Policy.

14. CONTACT INFORMATION

14.1 Privacy Inquiries

For questions about this Privacy Policy or our privacy practices, contact:

14.2 Data Protection Officer

For EU-related inquiries, contact our Data Protection Officer at: dpo@quos.app