Privacy Policy
Last Updated: July 2026
Version: 1.1
This Privacy Policy explains how Qlevia AI Pte. Ltd. (“Qlevia”, “we”, “us”, or “our”) collects, uses, shares, and protects personal data when you visit our website at https://qlevia.com or use our RDF Graph SaaS platform, knowledge graph services, APIs, user interfaces, support services, and related offerings (the “Services”).
This Privacy Policy applies to:
- visitors to our website;
- individuals who contact us, request a demo, subscribe to updates, or engage with our sales and support teams;
- users who access the Services on behalf of an organisation that has subscribed to our Services; and
- administrative users, technical users, and business users of the Qlevia platform.
Where a business customer uploads, connects, indexes, queries, or otherwise processes data through the Services, Qlevia generally processes that data as a data processor or service provider on behalf of the customer. In that case, the customer remains responsible for determining what data is processed and why. Such processing is governed by the applicable customer agreement, data processing agreement, and security terms.
This Privacy Policy governs Qlevia’s own processing of personal data about individuals, such as website visitors, account users, administrators, customer contacts, prospects, suppliers, and business partners.
1. Who We Are and How to Contact Us
Data Controller:
Qlevia AI Pte. Ltd.
9 Chin Bee Dr #06-02
Innovate 360, Innovation Hub
Singapore 619860
Data Protection Contact:
For privacy enquiries, please contact:
Email: privacy@qlevia.com
Security Contact:
For security incidents or vulnerability reports, please contact:
Email: security@qlevia.com
Postal Contact:
Data Protection Contact
Qlevia AI Pte. Ltd.
9 Chin Bee Dr #06-02
Innovate 360, Innovation Hub
Singapore 619860
2. What Personal Data We Collect
We collect different categories of personal data depending on how you interact with us.
2.1 Data you provide directly
This may include:
- Identity data: name, job title, company name, username, and similar identifiers.
- Contact data: business email address, telephone number, billing address, and company address.
- Account data: login credentials, authentication details, user role, permissions, tenant or workspace assignment.
- Commercial data: subscription details, purchase orders, billing contacts, invoices, usage plans, renewal information, and support entitlements.
- Communications: emails, support tickets, demo requests, feedback, survey responses, call notes, and other messages you send to us.
- Professional information: company, department, role, and business context relevant to your use of the Services.
2.2 Data we collect automatically
When you use our website or Services, we may collect:
- Technical data: IP address, browser type, device type, operating system, time zone, login timestamps, referring URLs, and network information.
- Usage data: pages visited, features used, API calls, query activity, session duration, clickstream data, error logs, and administrative actions.
- Security data: authentication events, failed login attempts, access logs, audit logs, role changes, configuration changes, and suspicious activity indicators.
- Cookie data: data collected through cookies and similar technologies, as described in Section 5.
2.3 Customer content and graph data
Customers may use the Services to upload, connect, transform, index, store, query, or visualise data, including RDF data, knowledge graph data, ontologies, metadata, documents, source files, database extracts, APIs, or other customer-controlled datasets.
Where such data contains personal data, Qlevia processes it on behalf of the customer under the applicable agreement and data processing terms. Qlevia does not determine the purpose of such processing; the customer does.
2.4 Data from third parties
We may receive personal data from:
- identity providers, such as Microsoft Entra ID or other single sign-on providers;
- CRM, support, billing, or marketing platforms;
- business partners, resellers, cloud marketplaces, and technology partners;
- event organisers, where you have agreed to share your information with us;
- public business sources, such as company websites or professional networks.
2.5 Data we do not intentionally collect
We do not intentionally collect special categories of personal data through our website or account registration process, such as data revealing racial or ethnic origin, religious beliefs, health data, biometric data, sexual orientation, or criminal convictions.
However, customer-controlled datasets processed through the Services may contain such data if a customer chooses to include it. In that case, the customer is responsible for ensuring that it has a lawful basis and appropriate safeguards for processing such data.
Our website and Services are not directed at children, and we do not knowingly collect personal data from children.
3. How We Use Personal Data
We use personal data only where we have a lawful basis to do so, including performance of a contract, legitimate interests, consent, or compliance with legal obligations.
3.1 Account creation and administration
We use personal data to create and manage accounts, authenticate users, assign roles and permissions, administer tenants or workspaces, and maintain account security.
3.2 Providing the Services
We use personal data to operate, maintain, support, and improve the Qlevia platform, including RDF graph hosting, query services, indexing services, APIs, administrative portals, monitoring, and support.
3.3 Customer support and service management
We use personal data to respond to support requests, investigate incidents, troubleshoot technical issues, manage service requests, and communicate about platform availability or changes.
3.4 Billing and commercial operations
We use personal data to issue invoices, manage renewals, administer billing (including billing processed through Microsoft Azure Marketplace), track usage, manage subscriptions, and fulfil tax, accounting, and business record obligations.
3.5 Security and fraud prevention
We use personal data to monitor for suspicious activity, protect accounts, enforce security controls, investigate misuse, maintain audit logs, and protect the integrity and availability of the Services.
3.6 Product analytics and improvement
We may use usage data, diagnostic data, and aggregated data to understand how the Services are used, improve product performance, prioritise features, and optimise user experience.
Where possible, we use aggregated or anonymised data for these purposes.
3.7 Marketing and communications
We may use personal data to send service updates, event invitations, newsletters, product announcements, and other business communications. You may opt out of marketing communications at any time.
3.8 Legal compliance and dispute resolution
We may use personal data to comply with laws and regulations, respond to lawful requests, enforce agreements, protect our rights, and establish, exercise, or defend legal claims.
4. How We Share Personal Data
We do not sell personal data.
We may share personal data in the following circumstances.
4.1 Service providers and subprocessors
We use third-party providers to help us operate our business and deliver the Services. These may include cloud hosting providers, infrastructure providers, identity providers, monitoring tools, support systems, email providers, security tools, and professional service providers. We do not use separate payment processors; billing for the Services is processed through Microsoft Azure Marketplace.
Where these providers process personal data on our behalf, they are required to protect it and process it only for authorised purposes.
A current list of subprocessors is available at:
qlevia.com/subprocessors
4.2 Cloud and infrastructure providers
Qlevia may host Services using cloud infrastructure, including Microsoft Azure. Customer environments, storage, databases, container services, logs, and related infrastructure may be hosted in selected cloud regions depending on the applicable agreement and deployment model.
4.3 Affiliates and group companies
We may share personal data with Qlevia affiliates or group companies where necessary for the purposes described in this Privacy Policy, subject to appropriate data protection obligations.
4.4 Business partners and resellers
Where Qlevia works with resellers, implementation partners, cloud marketplaces, system integrators, or technology partners, we may share relevant business contact and service information to manage the relationship and deliver the Services.
4.5 Professional advisers
We may share personal data with lawyers, auditors, accountants, insurers, banks, and other professional advisers where necessary for legitimate business purposes and subject to confidentiality obligations.
4.6 Business transfers
If Qlevia is involved in a merger, acquisition, investment, restructuring, financing, or sale of assets, personal data may be transferred as part of that transaction, subject to applicable law.
4.7 Legal and regulatory disclosures
We may disclose personal data where required by law, court order, regulator, or government authority, or where necessary to protect the rights, property, security, or safety of Qlevia, our customers, users, or others.
4.8 With your consent
We may share personal data with third parties for other purposes where you have given us consent.
5. Cookies and Similar Technologies
Our website at qlevia.com does not currently set cookies. We do not use analytics, advertising, or marketing cookies on our website.
The Qlevia platform uses strictly necessary cookies and similar technologies for authentication, session management, and security. These are required to operate the Services, and disabling them may prevent the Services from functioning.
If we introduce non-essential cookies in the future, we will update this Privacy Policy and, where required by applicable law, obtain consent before placing them. You can manage cookies at any time through your browser settings.
6. International Transfers of Personal Data
Qlevia may process and store personal data in countries where Qlevia, its affiliates, customers, cloud providers, or service providers operate.
This may include Singapore, Switzerland, the European Economic Area, the United Kingdom, the United States, and selected Microsoft Azure regions, depending on the Services, customer agreement, and deployment model.
Where personal data is transferred internationally, Qlevia will use appropriate safeguards as required by applicable law. These may include:
- standard contractual clauses;
- adequacy decisions;
- data processing agreements;
- contractual commitments with subprocessors;
- customer-selected regional hosting options, where available;
- other lawful transfer mechanisms.
7. Data Retention
We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer period is required by law, contract, audit, tax, accounting, or legitimate business needs.
Our retention principles include:
- Account data: retained while the account is active and for a reasonable period after closure for audit, legal, and business purposes.
- Billing and transaction data: retained as required for tax, accounting, and financial reporting.
- Support and communication data: retained for as long as needed to manage the relationship and resolve issues.
- Security logs and audit logs: retained for security, compliance, investigation, and operational purposes.
- Marketing data: retained until you opt out or request deletion, subject to suppression lists and legal requirements.
- Customer-controlled data: retained and deleted according to the customer agreement, data processing agreement, and applicable service configuration.
When personal data is no longer required, we will delete, anonymise, or securely archive it in accordance with applicable requirements.
8. Data Security
We implement administrative, technical, and organisational safeguards designed to protect personal data against unauthorised access, disclosure, alteration, loss, misuse, or destruction.
These measures may include:
- encryption in transit and, where appropriate, encryption at rest;
- role-based access controls;
- multi-factor authentication;
- identity and access management;
- network security controls;
- audit logging and monitoring;
- vulnerability management;
- secure software development practices;
- incident response procedures;
- backup and recovery processes;
- least-privilege access principles;
- segregation of customer environments where applicable.
No method of transmission or storage is completely secure. If you become aware of a security issue, please contact us at security@qlevia.com.
Where required by law or contract, we will notify affected parties and relevant authorities of personal data breaches.
9. Your Privacy Rights
Depending on your location and applicable law, you may have rights regarding your personal data.
These may include the right to:
- request access to personal data we hold about you;
- request correction of inaccurate or incomplete personal data;
- request deletion of your personal data;
- object to certain processing;
- request restriction of processing;
- request portability of your personal data;
- withdraw consent where processing is based on consent;
- opt out of marketing communications;
- lodge a complaint with a data protection authority.
To exercise your rights, contact us at privacy@qlevia.com.
We may need to verify your identity before responding. We will respond within the timeframe required by applicable law.
If your personal data is processed by Qlevia on behalf of a customer, we may refer your request to that customer, as the customer is usually the controller of that data.
10. Additional Rights for Certain Regions
Singapore residents
If you are located in Singapore, you may have rights under the Personal Data Protection Act 2012, including rights to access and correct your personal data, and to withdraw consent subject to legal and contractual restrictions.
EEA, UK, and Swiss residents
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you may have additional rights under applicable data protection laws, including rights to restriction, portability, objection, withdrawal of consent, and complaint to a supervisory authority.
California residents
If applicable, California residents may have rights to know, access, correct, delete, and opt out of certain uses of personal information. Qlevia does not sell personal information.
11. Third-Party Links and Integrations
Our website and Services may contain links to third-party websites or integrate with third-party systems, identity providers, cloud services, data sources, APIs, or customer-selected applications.
This Privacy Policy does not apply to third-party websites or services. We encourage you to review the privacy policies and security terms of any third-party services you use.
Qlevia is not responsible for the privacy practices of third parties that are not acting on our behalf.
12. RDF Graph Processing, AI, and Automated Decision-Making
Qlevia’s Services are designed to help customers store, connect, index, query, and manage RDF graph data, knowledge graphs, metadata, and related datasets.
Depending on the product configuration, Qlevia may support semantic search, graph query, entity linking, ontology alignment, data integration, indexing, and analytics.
Qlevia does not use customer content, or personal data processed on behalf of customers, to train artificial intelligence or machine learning models.
Qlevia does not use personal data from customer-controlled datasets for unrelated purposes unless permitted by the applicable customer agreement.
Unless expressly stated in a customer agreement or product notice, Qlevia does not use automated decision-making that produces legal or similarly significant effects on individuals.
Where Qlevia uses aggregated, anonymised, or diagnostic data to improve the Services, we take steps to prevent such data from identifying individuals or customers.
If Qlevia introduces AI-enabled features, model-assisted processing, or automated recommendations, we will describe the relevant processing in the applicable product documentation, customer agreement, or privacy notice.
13. Children’s Privacy
Our website and Services are not directed at children. We do not knowingly collect personal data from children.
If you believe we have collected personal data from a child, please contact us at privacy@qlevia.com, and we will take appropriate steps to delete the data.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our Services, business operations, legal requirements, or privacy practices.
When we make material changes, we will provide notice where required by law, such as by updating our website, notifying account administrators, or sending an email notification.
The updated Privacy Policy will include the revised effective date.
15. Contact Us
For privacy questions, rights requests, or concerns, please contact:
Privacy: privacy@qlevia.com
Security: security@qlevia.com
Post:
Data Protection Contact
Qlevia AI Pte. Ltd.
9 Chin Bee Dr #06-02
Innovate 360, Innovation Hub
Singapore 619860
We aim to respond to privacy enquiries and formal rights requests within the timeframe required by applicable law.