Privacy Policy

Last Updated: December 4, 2025

Last Updated: December 4, 2025

At Appliqation, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our quality assurance testing platform ("Service").

By using our Service, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide

We collect information you voluntarily provide when using our Service:

Account Information: Name, email address, username, password
Profile Information: Optional profile details, preferences, settings
Testing Data: Test scenarios, test cases, steps, expected results, actual results
Visual Content: Screenshots and screen recordings you create during testing
Defect Reports: Bug descriptions, severity ratings, attachments
Comments and Annotations: Notes, feedback, and collaboration data
AI Prompts: Questions and prompts you submit to AI-powered features
Support Communications: Messages sent to customer support

1.2 Information Automatically Collected

We automatically collect certain information when you use the Service:

Technical Information: Browser type, version, operating system, device type
Usage Data: Features used, actions performed, time spent, navigation patterns
Session Information: Login times, session duration, authentication tokens
IP Address: For security monitoring and fraud prevention
Cookies and Similar Technologies: See Section 3 (Cookie Policy)

1.3 Information from Third Parties

We do not purchase or receive personal data from third-party data brokers. However, we may receive information when you use third-party integrations:

AI Service Providers: When you use AI features, response data is received from OpenAI or Anthropic
Email Service: Email delivery confirmations from our email provider

2. How We Use Your Information

We use your information for the following purposes:

2.1 Providing the Service

Create and manage your account
Enable testing features (test execution, result tracking, reporting)
Store and retrieve your test data
Process and display screenshots and recordings
Generate test reports and analytics
Provide AI-powered assistance

2.2 Service Improvement and Development

Analyze usage patterns to improve features
Identify and fix technical issues
Develop new features and capabilities
Conduct internal research and analytics

2.3 Communication

Send service-related notifications and updates
Respond to your inquiries and support requests
Send important security or policy updates
Notify you of new features (if you've opted in)

2.4 Security and Compliance

Detect, prevent, and respond to fraud or security threats
Monitor for unauthorized access or policy violations
Comply with legal obligations and enforce our Terms
Protect rights, property, and safety of users and the public

3. Cookies and Tracking Technologies

3.1 What Are Cookies?

Cookies are small text files stored on your device that help websites remember your preferences and improve your experience.

3.2 How We Use Cookies

We use the following types of cookies:

Cookie Type

Purpose

Duration

Required?

Session Cookies (SESS*)

Maintain your logged-in session and authentication state

Up to 23 days or until logout

Yes - Essential

Browser Storage

Store temporary testing session data locally in your browser (sessionStorage)

Session only (cleared when browser closes)

Yes - Essential

Preference Cookies

Remember your settings and preferences

Persistent

No - Optional

3.3 Third-Party Cookies

We do not currently use third-party cookies for advertising or tracking. If this changes, we will update this policy and obtain your consent as required.

3.4 Managing Cookies

You can control cookies through your browser settings:

Block Cookies: Configure your browser to reject all cookies
Delete Cookies: Clear existing cookies from your browser
Browser Storage: Clear browser data through browser settings

Note: Blocking essential cookies (session cookies) will prevent you from logging in and using the Service.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

4.1 Service Providers

We share data with trusted third-party service providers who help us operate the Service:

Provider Type

Purpose

Data Shared

Cloud Storage (AWS S3)

Store screenshots, recordings, and test attachments

Visual content, test data files

Database Hosting (MongoDB)

Store test data, user information, and session data

Account data, test scenarios, results

Email Service (Brevo)

Send transactional emails and notifications

Email address, name, notification content

AI Services (OpenAI, Anthropic)

Provide AI-powered testing assistance

Your prompts, test context, AI responses
See Section 4.2 for details

All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Artificial Intelligence (AI) Services

Our platform includes AI-powered features that utilize third-party AI services. Please read this section carefully as it explains how your data may be shared with AI providers.

Default AI Processing

By default, AI features use OpenAI's services. When you use AI-powered features:

Your prompts, test scenarios, and related context are sent to OpenAI for processing
We have limited control over how OpenAI processes this data once transmitted
OpenAI's data handling is governed by their privacy policy: https://openai.com/privacy
OpenAI may process data in regions outside Australia/your jurisdiction

Data Sent to AI Providers May Include:

Your test case descriptions and scenarios
Bug reports and defect descriptions
Application names and URLs
Any text you include in prompts to the AI assistant

What We Do NOT Send to AI Providers:

Your account credentials or passwords
Payment information
Personal data beyond what's necessary for AI processing

Your Control Over AI Data Sharing

You have two options for AI services:

Option 1: Platform-Managed AI (Default)

We provide access to OpenAI and Anthropic APIs using our API keys
Your data is sent to these AI providers for processing
Subject to the AI provider's privacy policy and terms
Recommended only for non-sensitive testing data

Option 2: Bring Your Own AI (BYOAI)

You can provide your own OpenAI or Anthropic API keys
You have direct control and contractual relationship with the AI provider
Your data handling is governed by your agreement with the AI provider
Strongly recommended for sensitive or confidential testing

To enable BYOAI, navigate to your Account Settings and enter your own API keys.

Our Recommendations

For sensitive data: Use BYOAI with your own API keys and enterprise agreements
For public/non-sensitive testing: Platform-managed AI is acceptable
Review AI provider policies: We recommend reviewing OpenAI's and Anthropic's privacy policies to understand their data handling practices
Minimize sensitive data: Avoid including personal data, credentials, or confidential information in AI prompts

AI Provider Information

When you use platform-managed AI:

OpenAI (default for AI features)
- Privacy Policy: https://openai.com/privacy
- Data Processing: Subject to OpenAI's terms
- Data Location: May be processed globally
Anthropic (alternative AI provider)
- Privacy Policy: https://www.anthropic.com/privacy
- Data Processing: Subject to Anthropic's terms
- Data Location: May be processed globally

Important: We cannot guarantee where or how AI providers process your data. If you have specific data residency or processing requirements, you must use BYOAI with your own enterprise agreements.

4.3 Legal Requirements

We may disclose your information if required to:

Comply with legal obligations, court orders, or government requests
Enforce our Terms and Conditions or protect our rights
Investigate fraud, security issues, or policy violations
Protect the safety and rights of users or the public

4.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

5. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy:

Data Type

Retention Period

Account Information

Until account deletion, plus 30 days for backup retention

Test Data (scenarios, cases, results)

Until manually deleted by user or account deletion

AI Conversation History

Until manually deleted by user or account deletion

Screenshots and Recordings

Active storage, then archived (10 days → standard archive, 100 days → deep archive)

Session Data

24 hours (automatically cleaned up)

Security Logs

14 days

After the retention period, data is securely deleted or anonymized. Some data may be retained longer if required by law or legitimate business purposes (e.g., dispute resolution, fraud prevention).

6. Data Security

We implement industry-standard security measures to protect your data:

Encryption: Data transmitted using TLS/SSL encryption (HTTPS)
Authentication: Secure password hashing and JWT-based session management
Access Control: Role-based access control (RBAC) to limit data access
Infrastructure Security: Regular security audits and monitoring
Secure Storage: Data stored on secure cloud infrastructure with access controls

However, no system is completely secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

7.1 Access and Portability

Right to Access: Request a copy of the personal data we hold about you
Right to Portability: Receive your data in a structured, commonly used format

7.2 Correction and Deletion

Right to Rectification: Request correction of inaccurate personal data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")

7.3 Control and Restriction

Right to Restriction: Request limitation of processing of your personal data
Right to Object: Object to processing of your personal data for certain purposes
Right to Withdraw Consent: Withdraw previously given consent at any time

7.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at: [INSERT SUPPORT EMAIL]

We will respond to your request within 30 days. Some requests may require identity verification to protect your privacy.

Note: Certain rights may be limited by legal obligations or legitimate business interests (e.g., we cannot delete data required for legal compliance).

8. International Data Transfers

Our Service uses third-party providers that may store or process data outside your country:

AWS S3: Data stored in Australia region (ap-southeast-2)
MongoDB: Data stored in US region (iad2)
AI Providers: OpenAI and Anthropic may process data globally

When data is transferred internationally, we ensure appropriate safeguards are in place (e.g., contractual protections, compliance with GDPR and Australian Privacy Principles).

9. Children's Privacy

Our Service is not intended for children under 13 years of age (or under 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately and we will delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

Posting the updated policy with a new "Last Updated" date
Sending email notification for material changes
Displaying a notice on the Service

Your continued use of the Service after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

11. Contact Us

For privacy questions or concerns:

Appliqation
Email: contact@appliqation.io
Address: 145 Stanmore Crescent, Wyndham Vale VIC 3024, Australia

By using Appliqation, you consent to the collection and use of information in accordance with this Privacy Policy.