Effective Date: May 27, 2026
This Privacy Policy explains how Thrum, Inc., doing business as QuarqAI (“QuarqAI”, “we”, “us”, or “our”), collects, uses, shares, and protects information when you visit https://quarq.ai (the “Site”) or use our products and services (the “Services”).
If you do not agree with this Privacy Policy, please do not use the Site or Services.
1. Information we collect
We collect three categories of information:
Information you provide directly. This includes information you submit through forms on the Site (such as your name, email, company, role, and any free-text comments when you book a demo or contact us), account credentials if you register for the Services, and any information you provide when communicating with us by email or other channels.
Customer Data. When you use the Services, you may upload, connect, or otherwise provide data about your partner ecosystem, including partner organization names, deal records, ARR contributions, contact information, and related signals (collectively, “Customer Data”). You are the controller of Customer Data; QuarqAI processes it on your behalf to provide the Services. If any Customer Data includes personal information about your customers, partners, or other third parties, you are responsible for ensuring you have the lawful basis to share it with us.
Information collected automatically. When you visit the Site, we and our sub-processors automatically collect technical information such as your IP address, browser type, device identifiers, the pages you view, the date and time of your visit, referring URLs, and similar telemetry. This is collected through cookies, web beacons, and similar technologies (see Section 9, Cookies).
2. How we use information
We use the information we collect to:
- Provide, maintain, secure, and improve the Site and Services
- Communicate with you (respond to inquiries, deliver requested information, send important notices about your account or the Services)
- Analyze usage and trends to understand how the Services are used and to develop new features
- Detect, prevent, and respond to fraud, security incidents, and violations of our Terms of Service
- Comply with legal obligations, respond to lawful requests, and defend our legal rights
- With your consent (or where permitted by law), send marketing communications about QuarqAI products you may be interested in; you can opt out at any time using the unsubscribe link in those emails or by writing to contact@quarq.ai
We do not sell personal information. We do not share personal information with third parties for their independent marketing purposes.
3. Legal basis for processing (for GDPR-eligible users)
If you are in the European Economic Area, the United Kingdom, or Switzerland, our legal bases for processing your personal information include:
- Performance of a contract when we process information to provide the Services you’ve requested
- Legitimate interests when we process information to improve and secure the Services, to communicate about the Services, and to protect our business
- Consent when you’ve given it (for example, for marketing emails or non-essential cookies); you can withdraw consent at any time
- Legal obligation when processing is required to comply with applicable law
4. How we share information
We share information with the following categories of recipients:
Sub-processors. Service providers that process information on our behalf to operate the Services (hosting, content delivery, analytics, email delivery, customer support, security). These sub-processors are contractually obligated to use the information only to perform services for us and to maintain appropriate safeguards. Our current sub-processor list (subject to change with reasonable notice) is in Section 5.
Business transfers. If QuarqAI is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our assets, your information may be transferred as part of that transaction. We will provide notice if your information becomes subject to a different privacy policy.
Legal compliance and protection. We may share information if we believe in good faith that disclosure is required by law, regulation, legal process, or government request, or to protect the rights, property, or safety of QuarqAI, our users, or others.
With your direction or consent. We may share information at your direction or with your consent (for example, if you ask us to integrate the Services with a third-party tool).
5. Sub-processors
The following third parties currently process information on behalf of QuarqAI:
- Namecheap — Site hosting and storage
- Automattic (Jetpack and WordPress.com infrastructure) — Site security, analytics, content delivery, and integration tooling
- Google (Site Kit, Search Console, Google Analytics) — Site traffic analytics and search performance
- Yoast SEO — Search-engine metadata and structured-data generation
- Wordfence and Solid Security Pro — Site security, login security, intrusion prevention
- LiteSpeed Cache — Performance optimization and edge caching
- HubSpot — Customer relationship management and marketing communications
- Anthropic and other AI providers — AI inference for partner-ecosystem analysis (only when explicitly invoked by a customer)
We will update this list when sub-processors are added or removed. If you are an enterprise customer with specific sub-processor commitments in a signed MSA, those commitments control.
6. Data retention
We retain information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Specifically:
- Account information: retained for the duration of your account and for a reasonable period afterward
- Customer Data: retained according to the terms of your engagement; on termination, deleted or returned per your instructions and any signed MSA
- Marketing data: retained until you opt out or for a reasonable period of inactivity
- Site analytics: retained per the policies of our analytics sub-processors (typically 14–26 months for Google Analytics)
- Logs and security data: retained for a reasonable period to support security and forensics
Where required by law, we may retain certain information longer.
7. Your rights
Depending on where you live, you may have certain rights regarding your personal information, including:
- Access: the right to know what personal information we hold about you
- Correction: the right to ask us to correct inaccurate or incomplete information
- Deletion: the right to ask us to delete your personal information
- Portability: the right to receive your information in a portable format
- Objection or restriction: the right to object to or restrict certain processing
- Withdrawal of consent: the right to withdraw consent at any time where our processing is based on consent
- Complaint: the right to file a complaint with a supervisory authority
To exercise any of these rights, email contact@quarq.ai. We may need to verify your identity before responding. We will respond within the time required by applicable law.
California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know, delete, correct, opt-out of sale or sharing (we do not sell personal information), and the right to non-discrimination for exercising these rights. Authorized agents may submit requests on your behalf.
European Economic Area / United Kingdom / Switzerland users have the right to lodge a complaint with the supervisory authority in your country of residence.
8. International transfers
QuarqAI is based in the United States. If you access the Site or Services from outside the United States, your information may be transferred to, stored in, and processed in the United States or other countries where our sub-processors operate. These countries may have data-protection laws that differ from those in your country.
When we transfer personal information from the EEA, UK, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or equivalent mechanisms.
9. Cookies and similar technologies
We and our sub-processors use cookies, local storage, and similar technologies to:
- Keep the Site functioning correctly (essential cookies)
- Remember your preferences
- Analyze traffic and improve the Site
- Secure the Site against fraud and abuse
You can control cookies through your browser settings. Disabling cookies may affect Site functionality.
10. Security
We use commercially reasonable administrative, technical, and physical measures to protect personal information against unauthorized access, disclosure, alteration, and destruction. These include encryption in transit, access controls, and security monitoring through our sub-processors.
No method of transmission or storage is 100% secure. If you have reason to believe your interaction with us is no longer secure, please contact us immediately at contact@quarq.ai.
11. Children
QuarqAI is a B2B service intended for business users 18 years of age and older. The Site and Services are not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact contact@quarq.ai and we will take steps to delete it.
12. Third-party links
The Site may contain links to third-party websites and services. We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies before providing any personal information to them.
13. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Effective Date” at the top and may provide additional notice (for example, by email or an in-product notice). We encourage you to review this Privacy Policy periodically.
14. Contact
Questions about this Privacy Policy, requests to exercise your rights, or other privacy concerns:
Email: contact@quarq.ai
Mail: Thrum, Inc. (dba QuarqAI)