olqan logo
One Platform. Infinite Possibilities.
Book a Demo
One Platform. Infinite Possibilities.

Olqan Privacy Policy

Last Updated: April 24, 2025

1. INTRODUCTION

This section explains why we have a privacy policy and our commitment to protecting your data.
At Olqan (“we,” “us,” or “our”), we understand that your privacy is important. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our all-in-one business management platform (the “Platform”). We are committed to ensuring the protection of your personal data and being transparent about how we handle it.
We’ve designed this policy to be clear and straightforward so you can understand our data practices without wading through complex legal jargon. Your trust matters to us, and we take our responsibility to protect your information seriously.

2. DEFINITIONS

This section defines key terms used throughout the policy to help you understand technical language.

To help you better understand this policy, here are some key terms:

  • Personal Data: Any information that relates to an identified or identifiable individual, such as your name, email address, phone number, or payment information.
  • Data Processing: Any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation, retrieval, use, disclosure, or deletion.
  • Cookies: Small text files stored on your device that help us recognize you, remember your preferences, and understand how you use our Platform.
  • Third-Party Integrations: External services or applications that may be connected to our Platform to enhance functionality (such as payment processors, calendar services, or social media platforms).
  • Data Controller: The entity that determines the purposes and means of processing personal data (in this case, Olqan).
  • Data Processor: The entity that processes personal data on behalf of the data controller.

3. COMPLIANCE WITH DATA PROTECTION LAWS

This section outlines the privacy laws we follow and your rights regarding your personal data.

Olqan is committed to complying with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Brazil’s Lei Geral de Proteção de Dados (LGPD), India’s Digital Personal Data Protection Act (DPDP), China’s Personal Information Protection Law (PIPL), Canada’s Consumer Privacy Protection Act (CPPA), and other applicable data protection laws. As part of our compliance efforts, we recognize and respect your rights concerning your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete personal data.
  • Right to Erasure: In certain circumstances, you can request that we delete your personal data.
  • Right to Restrict Processing: You can ask us to restrict the processing of your personal data under specific conditions.
  • Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to our processing of your personal data for direct marketing purposes or based on our legitimate interests.
  • Right to Withdraw Consent: Where we process your data based on your consent, you can withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided in the “Contact Information” section below.

4. DATA COLLECTION

This section explains what information we collect from you and how we collect it.

4.1 Information You Provide to Us

We collect personal data that you voluntarily provide when using our Platform, including:

  • Account Information: Name, email address, phone number, job title, and company details when you create an account.
  • Profile Information: Information you add to your profile, such as profile picture, time zone, and language preferences.
  • Payment Information: Credit card details, billing address, and other financial information necessary for paid subscriptions (note that payment processing is handled by secure third-party payment processors).
  • Content and Communications: Data you input into the Platform, such as project details, task assignments, notes, files, and messages.
  • Support Information: Information you provide when you contact our customer support team.
4.2 Information We Collect Automatically

When you use our Platform, we automatically collect certain information, including:

  • Device Information: IP address, browser type, operating system, device type, and mobile device identifiers.
  • Usage Information: How you interact with our Platform, including pages visited, features used, actions taken, time spent, and referring/exit pages.
  • Location Information: General location based on IP address.
  • Log Data: Server logs, error reports, and performance data.
4.3 Collection Methods

We collect this information through:

  • Direct input when you fill out forms, create content, or communicate with us
  • Cookies and similar tracking technologies
  • Our servers when you interact with the Platform
  • Third-party sources when you connect third-party services to your account

5. DATA USE

This section explains how and why we use the information we collect from you.

We use your personal data for the following purposes:

5.1 Providing and Managing Services
  • Setting up and maintaining your account
  • Processing transactions and sending related information
  • Delivering the features and functions of the Platform
  • Responding to your requests, comments, and questions
  • Providing customer support and troubleshooting issues
5.2 Improving User Experience
  • Analyzing usage patterns to enhance the Platform
  • Developing new features and functionality
  • Testing and fixing bugs
  • Personalizing your experience based on your preferences
5.3 Marketing and Communications
  • Sending you updates about the Platform and your account
  • Providing information about new features, offerings, and events
  • Delivering promotional content and special offers
  • Conducting surveys and collecting feedback

If required by law, we will obtain your explicit consent before sending promotional content or marketing materials. You can opt out of marketing communications at any time by clicking the “unsubscribe” link in any marketing email or updating your preferences in your account settings.

5.4 Legal and Security Purposes
  • Complying with legal obligations
  • Enforcing our Terms of Service
  • Detecting and preventing fraud, unauthorized access, and other harmful activity
  • Protecting our rights, property, and safety, as well as those of our users

6. COOKIES

This section describes the types of cookies we use and how you can control them.

6.1 Types of Cookies We Use

We use the following types of cookies:

  • Essential Cookies: Required for the Platform to function properly, allowing you to navigate and use key features.
  • Performance Cookies: Help us understand how visitors interact with the Platform by collecting and reporting information anonymously.
  • Functionality Cookies: Enable the Platform to remember choices you make and provide enhanced, personalized features.
  • Targeting/Advertising Cookies: Used to deliver relevant advertisements and track campaign performance.

Some third-party cookies used on our Platform may track your activities across different websites and platforms. You may review their privacy policies for more information about their data collection and use practices.

6.2 Cookie Management

You can manage your cookie preferences through:

  • Your browser settings, which allow you to refuse all or some cookies or to alert you when cookies are being sent
  • Our cookie preference center accessible on our Platform
  • Third-party tools for managing online advertising preferences

Please note that if you disable certain cookies, some parts of the Platform may not function properly.

7. THIRD-PARTY INTEGRATIONS

This section explains how we work with other companies and services, and how your data may be shared with them.

7.1 Service Providers

We work with third-party service providers to help us operate, provide, improve, and market our Platform. These service providers may have access to your personal data to perform services on our behalf and are contractually obligated to protect your data and only use it for the purposes we specify. We carefully vet all third-party service providers and conduct regular assessments to ensure they maintain appropriate security and privacy standards that comply with our requirements and applicable regulations. Our service providers include:

  • Cloud hosting and storage providers
  • Payment processors
  • Analytics providers
  • Customer support tools
  • Email and communication services
  • Marketing and advertising platforms
7.2 Platform Integrations

Our Platform allows you to connect with various third-party services to enhance functionality, such as:

  • Calendar applications (e.g., Google Calendar, Microsoft Outlook)
  • File storage services (e.g., Dropbox, Google Drive)
  • Communication tools (e.g., Slack, Microsoft Teams)
  • Social media platforms (e.g., LinkedIn, Twitter)
  • Accounting software (e.g., QuickBooks, Xero)

When you choose to connect these services, you authorize us to share and receive information with these third parties according to your settings and their respective privacy policies. We recommend reviewing the privacy policies of these third parties before connecting their services to our Platform, as they have their own data practices that are separate from ours.

8. DATA SECURITY

This section outlines how we protect your data and what happens in case of a data breach.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

  • Strong encryption protocols including AES-256 for data at rest and TLS for data in transit
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Regular security training for employees
  • Incident response procedures
  • Continuous monitoring of our systems

In the unlikely event of a data breach that affects your personal data, we will notify affected users promptly in accordance with applicable laws and regulatory requirements, including details about the breach and recommendations for protecting yourself.

While we take reasonable steps to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your personal data to the best of our ability.

9. DATA RETENTION

This section explains how long we keep your data and what happens when you delete or deactivate your account.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Providing the services you requested
  • Complying with legal, tax, or accounting requirements
  • Resolving disputes
  • Enforcing our agreements

Specific retention periods depend on the type of information, legal requirements, and business needs. We regularly review our data retention practices to ensure that we only keep personal data for the period necessary to fulfill the purposes outlined in this Privacy Policy. When we no longer need your personal data, we will securely delete or anonymize it.

If you delete your account, we will delete or anonymize your personal data within 30 days, except for information we need to:

If you choose to deactivate your account rather than delete it, we will retain your personal data for a period of time as necessary to allow you to reactivate your account, ensure compliance with legal obligations, or resolve disputes. We may also retain personal data to comply with other legal obligations or industry-specific regulations applicable to our operations.

  • Complete any transactions in progress
  • Comply with legal obligations
  • Resolve disputes
  • Prevent fraud or abuse
  • Enforce our terms

10. USER RIGHTS AND CALIFORNIA PRIVACY RIGHTS

This section explains what rights you have regarding your data and how to exercise them, with special provisions for California residents.

As detailed in the “Compliance with GDPR” section, you have various rights regarding your personal data. To exercise these rights:

  1. Account Settings: Many privacy preferences can be managed directly through your account settings.
  2. Contact Us: For requests that cannot be handled through account settings, please contact us using the information in the “Contact Information” section.
  3. Verification: We may need to verify your identity before processing your request.
  4. Response Time: We will respond to your request within 30 days, unless additional time is required due to the complexity or number of requests.

We will make reasonable efforts to fulfill your request, as long as it is technically feasible and not inconsistent with our legal obligations.

10.1 California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

  • The right to know what personal information we collect about you and how we use and disclose it
  • The right to request deletion of your personal information
  • The right to correct inaccurate personal information
  • The right to opt-out of the sale or sharing of your personal information
  • The right to limit the use and disclosure of sensitive personal information
  • The right to non-discrimination for exercising your rights

To exercise these rights, please use the contact information provided in Section 14.

11. INTERNATIONAL DATA TRANSFERS

This section explains how we handle your data when it’s transferred across borders.

Olqan operates globally, which means your personal data may be transferred to and processed in countries other than the one in which you reside. These countries may have different data protection laws than your country of residence.

When we transfer personal data from the European Economic Area, United Kingdom, or Switzerland to countries that have not been deemed to provide an adequate level of protection, we use specific legal mechanisms designed to safeguard your personal data, such as Standard Contractual Clauses approved by the European Commission. In some cases, we may rely on other safeguards or agreements such as binding corporate rules or other approved data transfer mechanisms, and we will take appropriate steps to ensure the protection of your data in accordance with applicable laws.

12. CHANGES TO THE PRIVACY POLICY

This section explains how we’ll notify you if we update this policy.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you through:

  • A notice on our Platform before the changes take effect
  • Email notification (for significant changes)
  • Update to the “Last Updated” date at the top of this policy

We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the revised policy.

13. DATA GOVERNANCE AND ACCOUNTABILITY

This section explains our internal practices for responsible data handling.

We maintain a robust data governance framework to ensure accountability and compliance with data protection laws. Our governance structure includes:

  • A designated Data Protection Officer responsible for overseeing data protection compliance
  • Regular privacy impact assessments for new features and processes
  • Comprehensive data protection training for all employees
  • Documented policies and procedures for handling personal data
  • Regular privacy audits to ensure ongoing compliance
  • Clear incident response protocols

14. AUTOMATED DECISION-MAKING

This section explains how we use automated systems to process data and make decisions, and your rights regarding these processes.

In some instances, we may use automated decision-making processes, including profiling, to improve our services and user experience. These processes may analyze your usage patterns, preferences, and behaviors to make recommendations or customize your experience.

Examples of automated decision-making on our Platform include:

  • Personalized content recommendations based on your past usage and preferences
  • Customized pricing offers based on your subscription history and usage patterns
  • Fraud detection and security measures to protect your account
  • Automated customer support routing based on the nature of your inquiry
  • Task prioritization suggestions based on your work patterns and deadlines

If you are subject to a decision based solely on automated processing that produces legal or similarly significant effects, you have the right to:

  • Obtain human intervention
  • Express your point of view
  • Contest the decision

To exercise these rights, please contact us using the information in the “Contact Information” section.

15. SPECIFIC RETENTION PERIODS

This section provides more detailed information about how long we keep different types of data.

While retention needs may vary, here are typical retention periods for common data categories:

  • Account information: For as long as your account is active plus 30 days after deletion
  • Payment information: 7 years (to comply with financial regulations)
  • Usage logs: 90 days
  • Marketing preferences: Until you withdraw consent
  • Customer service communications: 2 years after resolution of the inquiry

Please note that these retention periods are general guidelines and may vary depending on local laws, financial regulations, specific legal requirements, or ongoing business needs in your jurisdiction. We regularly review and update our retention practices to ensure compliance with evolving regulations.

16. DATA MINIMIZATION

This section explains our commitment to collecting only the data we need.

We adhere to data minimization principles, collecting and processing only the personal data that is necessary, relevant, and limited to what is required for the purposes for which it is processed. We regularly review our data collection practices to ensure we’re not collecting excessive information.

17. CONSENT MANAGEMENT

This section explains how you can control your consent choices for data processing.

We obtain and manage consent through a transparent Consent Management Platform that allows you to:

  • Provide granular consent for different processing purposes
  • Access and review your current consent settings
  • Withdraw consent as easily as it was given
  • Receive clear information about how your data will be used before consent is requested

18. CONTACT INFORMATION

This section provides details on how to contact us with questions or concerns about your privacy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through:

Data Protection Officer
 Email: privacy@olqan.com

For users in the European Union, if you have concerns about our data processing activities that we have not addressed satisfactorily, you have the right to lodge a complaint with your local data protection authority.