Privacy Policy

1. Introduction

Q4US (“Q4US”, “we”, “our”, or “us”) is a Finnish–Sri Lankan software development company with a global reach, bringing life to innovative ideas through high-quality, transparent, and collaborative development processes.

With offices and operational presence in:

Oulu
Helsinki
Colombo
Auckland

we serve clients across the United States, Europe, and globally.

This Privacy Policy explains how we collect, use, disclose, and protect personal data when:

You visit our website
You engage with us as a client or partner
You use software solutions developed or operated by Q4US
You communicate with us
You apply for employment with us

We are committed to transparency, quality, and trust. These values are embedded in our development philosophy and reflected in our data protection practices.

2. Data Controller Information

Depending on your location and the nature of the engagement, the data controller may be:

Q4US entity incorporated in Finland
Q4US entity incorporated in Sri Lanka
Or another Q4US group entity responsible for the specific service

For data protection inquiries, please contact:
Email: hello@q4us.dev

Where required under applicable law (including GDPR), a Data Protection Officer (DPO) or designated contact person will be appointed.

3. Legal Framework

We process personal data in compliance with applicable data protection laws, including but not limited to:

The EU General Data Protection Regulation (GDPR)
Finnish Data Protection Act
Applicable Sri Lankan data protection legislation
Other relevant international and local privacy laws depending on the client’s jurisdiction

When acting as a data processor on behalf of clients (e.g., building and hosting software systems), we process personal data strictly under the client’s instructions and applicable data processing agreements (DPAs).

4. Categories of Personal Data We Collect

4.1 Information You Provide Directly

Name, job title, company name
Email address, phone number
Billing and contract information
Project-related communications
Information submitted via contact forms
Recruitment-related information (CV, portfolio, references)

4.2 Information Collected Automatically

When visiting our website:

IP address
Browser type and version
Device information
Cookies and usage data
Log files and technical diagnostics

4.3 Client System Data (When Acting as Processor)

For software developed by Q4US, including solutions in:

Smart manufacturing systems
Job management tools
Truss design validation and production control software
Mobile applications
E-commerce systems
AI/ML solutions
Blockchain-based systems
System integrations and APIs

we may process end-user data strictly on behalf of the client. The type of data depends on the specific system and may include:

User account information
Operational data from manufacturing systems
Order and delivery information
Employee usage data
Production performance data
Uploaded documents
Analytics and reporting data

In such cases, the client remains the data controller.

5. Purposes of Processing

We process personal data to:

5.1 Deliver Services

Conduct discovery and pre-study phases
Prepare project proposals
Execute agile development cycles
Provide launch, maintenance, and continuous improvement services
Deliver full-stack web development and digital transformation solutions
Provide data integration, analysis, and visualization services
Deliver smart manufacturing and industry-specific software (including truss industry solutions)
Develop AI/ML, blockchain, API, and system integration solutions

5.2 Business Operations

Manage contracts and billing
Maintain security and system integrity
Improve service quality through testing and quality assurance
Provide technical support and maintenance

5.3 Communication & Marketing

Respond to inquiries
Send relevant business communications
Share insights about our services (where legally permitted)

5.4 Recruitment

Evaluate job applications
Communicate with candidates
Maintain talent pipelines

6. Legal Basis for Processing

We rely on one or more of the following legal bases:

Performance of a contract
Legitimate interests (e.g., improving services, ensuring security)
Compliance with legal obligations
Consent (where required)
Client instructions (when acting as data processor)

7. International Data Transfers

As a Finnish–Sri Lankan company with global operations, personal data may be transferred between:

Finland
Sri Lanka
New Zealand
Other jurisdictions where our clients operate

Where required under GDPR and other regulations, we ensure appropriate safeguards such as:

Standard Contractual Clauses (SCCs)
Data Processing Agreements (DPAs)
Adequacy decisions where applicable
Technical and organizational safeguards

8. Data Security

We implement technical and organizational measures including:

Secure cloud infrastructure
Role-based access controls
Encryption (in transit and where appropriate at rest)
Code reviews and secure development practices
Regular testing (unit testing, integration testing)
Monitoring and logging
Backup and disaster recovery systems

Our development process emphasizes transparency while maintaining strict confidentiality and integrity of data.

9. Data Retention

We retain personal data only as long as necessary to:

Fulfill contractual obligations
Comply with legal requirements
Resolve disputes
Enforce agreements

Retention periods vary depending on the nature of the data and applicable legal requirements.

When acting as processor, retention is determined by the client’s instructions.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

Access your personal data
Rectify inaccurate information
Erase data (“right to be forgotten”)
Restrict processing
Object to processing
Data portability
Withdraw consent
Lodge a complaint with a supervisory authority

For EU residents, complaints may be directed to the relevant national Data Protection Authority.

To exercise your rights, contact: hello@q4us.dev

11. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to:

Improve user experience
Analyze traffic
Enhance functionality
Maintain security

Users may manage cookie preferences through browser settings or cookie banners (where applicable).

A separate Cookie Policy may supplement this Privacy Policy.

12. Third-Party Service Providers

We may engage trusted third-party providers for:

Cloud hosting
Analytics
Communication tools
Payment processing
Infrastructure and DevOps services

All service providers are contractually obligated to implement appropriate data protection measures.

13. Confidentiality and Client Data Protection

As part of our “radical transparency” and collaborative development philosophy:

Clients receive visibility into development environments
Access controls are strictly managed
Confidentiality agreements are enforced
Teams are assigned specifically per project
Data is isolated per client environment

We treat client data as strictly confidential and proprietary.

14. Children’s Privacy

Our services are intended for businesses and professional users. We do not knowingly collect personal data from children under 16.

If we become aware of such collection, we will take steps to delete the information.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

Legal changes
Service enhancements
Operational adjustments

The updated version will be posted on our website with a revised “Last Updated” date.

16. Contact Us

If you have questions regarding this Privacy Policy or your personal data, please contact:

Q4US
hello@q4us.dev

+1 224 342-0111
+358 50 482 4226

17. Commitment to Responsible Innovation

As a company delivering:

Smart manufacturing software
Truss industry digital solutions
AI/ML systems
Blockchain solutions
Data analytics platforms
System integrations and APIs

we recognize that innovation must be balanced with responsibility.

We are committed to:

Ethical AI development
Secure-by-design architecture
Privacy-by-design principles
Continuous learning and improvement
Transparent collaboration