Provide, maintain, and improve our services
Authenticate users securely
Manage billing and subscriptions
Support product development and analytics
Respond to user inquiries or support requests
Fulfill contractual or legal obligations
We do not sell or rent your data. We share limited data with trusted third-party services under contractual agreements:
All vendors are required to meet industry-standard security and confidentiality obligations.
We retain data only as long as needed to fulfill the purposes described above or as legally required.
Security Overview:
All data is encrypted in transit via TLS.
Supabase encrypts data at rest by default.
Role-based access control is enforced for internal systems.
Supabase Auth is used for secure authentication (password and third-party OAuth).
Access to production data is restricted to authorized personnel and is logged.
Development and production environments are isolated.
EQTR’s servers and backend APIs are hosted and deployed via Vercel’s serverless infrastructure.
Monitoring and alerting are in place to detect anomalies.
We are aligning our practices with SOC 2 Trust Service Criteria and continuously assess risk.
We support global privacy principles and comply with applicable rights under the GDPR, CCPA/CPRA, and similar laws. You may:
Access your personal data
Request correction or deletion
Export your data (portability)
Object to certain processing
To exercise your rights, email: privacy@eqtr.ai with the subject line: Privacy Request. Identity verification may be required.
Our services are not directed to individuals under 13. We do not knowingly collect data from children. If such data is discovered, we will delete it promptly.
Data is processed and stored in the United States. If you access our services from outside the U.S., you consent to transferring your data to the U.S. where different privacy protections may apply.
We may update this policy to reflect changes to our practices or for legal reasons. The latest version will always be available at https://eqtr.ai/privacy. Revisions are effective upon posting.
Our site and platform may use cookies or similar technologies to improve performance and analyze usage. You can control cookie preferences via your browser settings. Disabling cookies may affect functionality. Vercel and Supabase services do not currently respond to "Do Not Track" browser signals.
We process personal data based on:
Your consent
Contractual necessity
Legitimate interests (e.g., service improvement, security)
Legal obligations
In the event of a data breach, we will notify affected individuals and regulators as required under applicable law.
We do not currently use subcontractors, but we may engage subprocessors (e.g., for hosting or payments) bound by confidentiality and data protection terms.
This policy is governed by the laws of the State of Delaware, United States. Any disputes will be resolved in courts located in Delaware.
EQTR does not directly access or store customer-controlled system data unless explicitly authorized for support purposes. All such access is time-limited, logged, and governed by internal controls. All client data remains the property of the client. EQTR does not claim ownership or reuse rights over any uploaded content or activity logs unless explicitly authorized.
When EQTR integrates with client systems such as Salesforce, Veeva, or email platforms, data access is governed by explicit client authorization. Clients must provide permission to initiate and define the scope of such data syncs. Clients may revoke access or modify permissions at any time through the integration settings or by contacting our support team. Only data necessary to support functionality will be accessed or stored, and all synced data is treated as confidential.
For additional questions, reach out to: privacy@equator.ai