Quantra

Privacy Policy

Effective Date: October 20, 2025

Last Updated: October 20, 2025

1. Introduction

Welcome to Quantra ("we," "our," or "us"), operated by Deoxy Labs. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Virtual Private Server (VPS) hosting services and related infrastructure solutions.

By using Quantra's services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

We collect the following categories of personal information:

  • Account Information: Email address, name, password (encrypted), and two-factor authentication settings
  • Billing Information: Payment details, billing address, and transaction history (processed securely through Stripe)
  • Contact Information: Phone number, company name, and business details (for enterprise customers)
  • Profile Data: Profile picture, display name, and account preferences

2.2 Technical Information

  • Server Data: VM configurations, resource usage (CPU, RAM, disk), IP addresses assigned to your VMs, and SSH keys
  • Access Logs: Login attempts, API requests, console access timestamps, and authentication events
  • Network Data: Bandwidth usage, network traffic patterns, and connection metadata
  • Device Information: Browser type, operating system, IP address, and device identifiers

2.3 Usage Information

  • Pages visited, features used, and time spent on our platform
  • VM deployment history and configuration changes
  • Support tickets, correspondence, and feedback
  • Performance metrics and service quality data

2.4 Data Stored on Your VMs

We do not access, monitor, or collect data stored within your virtual machines unless:

  • You explicitly request technical support that requires access
  • Required by law enforcement with valid legal documentation
  • Necessary to prevent security threats or abuse of our infrastructure

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Delivery

  • Provision, manage, and maintain your VPS instances
  • Process payments and billing
  • Provide technical support and respond to inquiries
  • Monitor system performance and ensure uptime

3.2 Security and Fraud Prevention

  • Detect and prevent unauthorized access, abuse, and malicious activity
  • Implement DDoS protection and network security measures
  • Verify user identity and prevent fraud
  • Comply with abuse reports and takedown requests

3.3 Service Improvement

  • Analyze usage patterns to optimize infrastructure
  • Develop new features and improve existing services
  • Conduct research and analytics (using anonymized data)

3.4 Communication

  • Send service notifications, security alerts, and maintenance updates
  • Respond to support requests and provide customer service
  • Send billing statements and payment confirmations
  • Provide marketing communications (with your consent, where required)

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

4.1 Service Providers

We engage third-party service providers to assist with:

  • Payment Processing: Stripe (PCI DSS compliant)
  • Infrastructure: Proxmox virtualization, hardware vendors
  • Email Services: Transactional email providers
  • Security Services: DDoS mitigation, threat intelligence

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

4.2 Legal Compliance

We may disclose your information if required to do so by law or in response to:

  • Valid legal process (subpoenas, court orders, warrants)
  • Government or regulatory requests
  • Protection of our rights, property, or safety
  • Investigation of fraud, abuse, or violations of our Terms of Service

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your information becomes subject to a different privacy policy.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: TLS/SSL for data in transit, AES-256 for sensitive data at rest
  • Access Controls: Role-based access, multi-factor authentication, and principle of least privilege
  • Network Security: Firewalls, intrusion detection systems, and DDoS protection
  • Monitoring: 24/7 security monitoring and incident response procedures
  • Physical Security: Secure data center facilities with biometric access controls
  • Regular Audits: Security assessments, vulnerability scanning, and penetration testing
  • Data Backup: Regular encrypted backups with secure off-site storage

However, no method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal obligations (e.g., tax records, audit requirements)
  • Resolve disputes and enforce our agreements
  • Maintain security and prevent fraud

Specific Retention Periods:

  • Active Accounts: Data retained while account is active
  • Closed Accounts: Personal data deleted within 90 days of account closure (unless legally required to retain)
  • VM Data: Deleted immediately upon VM termination (backup retention: 30 days)
  • Billing Records: Retained for 7 years for tax and audit purposes
  • Access Logs: Retained for 12 months for security purposes

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

  • Request a copy of your personal information
  • Export your data in a machine-readable format

7.2 Correction and Update

  • Update inaccurate or incomplete information
  • Modify your account settings and preferences

7.3 Deletion

  • Request deletion of your personal information (subject to legal retention requirements)
  • Close your account permanently

7.4 Objection and Restriction

  • Object to processing of your data for certain purposes
  • Request restriction of processing in certain circumstances

7.5 Withdrawal of Consent

  • Opt-out of marketing communications
  • Disable cookies (may affect functionality)

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

8. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

8.1 Legal Basis for Processing

We process your data based on:

  • Contract Performance: To provide our services
  • Legitimate Interests: Security, fraud prevention, and service improvement
  • Legal Obligation: Compliance with applicable laws
  • Consent: For marketing communications (where required)

8.2 Data Transfers

Your data may be processed in countries outside the EEA. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for certain countries
  • Other approved transfer mechanisms

8.3 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

9. CCPA Compliance (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell your data)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To submit a CCPA request, email [email protected] with "CCPA Request" in the subject line.

10. Cookies and Tracking Technologies

We use the following types of cookies:

10.1 Essential Cookies

  • Session management and authentication
  • Security and fraud prevention
  • Load balancing and performance optimization

10.2 Analytics Cookies

  • Usage statistics and performance monitoring
  • Feature usage and user behavior analysis

10.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect service functionality.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete it.

12. International Data Transfers

Quantra operates globally. Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

  • Data processing agreements with third parties
  • Adherence to international data protection frameworks
  • Encryption and security measures during transit
  • Compliance with applicable data transfer regulations

13. Third-Party Links and Services

Our platform may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. We will notify you of material changes by:

  • Posting a notice on our website
  • Sending an email notification to your registered email address
  • Updating the "Last Updated" date at the top of this policy

Your continued use of our services after such changes constitutes acceptance of the updated policy.

15. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of discovery (where legally required)
  • Provide details about the nature of the breach and data affected
  • Describe measures taken to mitigate harm
  • Provide recommendations for protecting your information
  • Notify relevant regulatory authorities as required by law

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Deoxy Labs (Quantra)

Email: [email protected]

Support: [email protected]

Website: quantra.deoxylabs.com

Data Protection Officer: For GDPR-related inquiries, you may contact our Data Protection Officer at [email protected]

By using Quantra's services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.