Back to ValiqAI

Privacy Policy

Last updated: April 2026

Introduction

ValiqAI ("we", "us", "our") operates the ValiqAI web application quality scanning platform. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have regarding your data.

By using ValiqAI, you agree to the collection and use of information as described in this policy. If you do not agree with any part of this policy, please do not use our service.

Information We Collect

We collect several types of information to provide and improve our service.

Account Information

When you create an account, we collect:

  • Your email address (required for account creation and communication)
  • Your name or display name (to personalize your experience)
  • Password (stored in hashed form, we cannot see your actual password)
  • Profile photo (if you choose to upload one or use OAuth)

OAuth and Third-Party Sign-In

If you sign in using Google or GitHub, we receive:

  • Your email address from the OAuth provider
  • Your name as registered with the OAuth provider
  • Your profile picture URL (if available)
  • A unique identifier from the OAuth provider to link your account

We do not receive or store your password from these providers. We only request basic profile information needed to create your account.

Profile and Preferences

You may optionally provide additional information:

  • Job title and company name
  • Your role (QA Engineer, Developer, etc.)
  • Use case preferences (what you want to achieve with ValiqAI)
  • Theme preferences (light or dark mode)
  • Notification settings

Organization Information

If you create or join an organization, we collect:

  • Organization name
  • Billing email address (for paid plans)
  • Team member email addresses (when you invite others)
  • Integration tokens (for Slack, Jira, etc., stored encrypted)

Scan Data

When you run scans, we collect and store:

  • URLs you submit for scanning
  • Scan results, findings, and screenshots
  • Console logs and network requests from scanned pages
  • Scan configuration and settings you choose
  • Test credentials you provide (stored encrypted, used only for your scans)

Important: Test credentials are encrypted at rest and in transit. They are only used to authenticate during your scans and are never exposed in logs or to third parties.

Payment Information

We use Stripe to process payments. When you subscribe to a paid plan, Stripe collects and stores your payment card details. We do not store your full card number on our servers. We only store:

  • Your Stripe customer ID (to link your ValiqAI account to your Stripe account)
  • Your subscription ID and status
  • Last four digits of your card (for display purposes only)

Usage and Analytics Data

We automatically collect certain information when you use ValiqAI:

  • Pages you visit and features you use
  • Time spent on the platform
  • Browser type and version
  • Device type and operating system
  • IP address (used for security and approximate location)
  • Referral source (how you found us)

We use PostHog for analytics. You can opt out of analytics tracking via the cookie consent banner when you first visit our site.

Error and Performance Data

We use Sentry to track errors and improve application stability. When an error occurs, Sentry may collect:

  • Error messages and stack traces
  • Browser and device information
  • Session replay data (to help us see what led to an error)

How We Use Your Information

We use the information we collect for the following purposes:

  • Provide the service: Run scans, generate reports, and deliver the core functionality of ValiqAI.
  • Account management: Create and maintain your account, authenticate your sessions, and manage your subscriptions.
  • Communication: Send you important updates about your account, scan results, service changes, and security alerts.
  • Improvement: Analyze usage patterns to improve features, fix bugs, and make the product better.
  • Security: Detect and prevent fraud, abuse, and unauthorized access to our systems.
  • Legal compliance: Meet our legal obligations and respond to lawful requests from authorities.

Who We Share Your Information With

We do not sell your personal information. We share information only in these situations:

Service Providers

We use third-party services to operate ValiqAI. These providers only have access to the information they need to perform their services and are bound by confidentiality agreements.

  • Stripe: Payment processing
  • PostHog: Product analytics
  • Sentry: Error tracking and monitoring
  • Cloud hosting providers: Data storage and infrastructure
  • Email service providers: Transactional emails

Your Organization

If you are part of an organization on ValiqAI, other members of that organization with appropriate permissions may see your scan history, results, and activity within the organization.

Integrations You Enable

If you connect integrations (Slack, Jira, GitHub, etc.), we share relevant scan data with those services as you configure. You control which integrations are enabled and what data is shared.

Legal Requirements

We may disclose your information if required by law, subpoena, court order, or other legal process. We may also disclose information if we believe it is necessary to protect the rights, property, or safety of ValiqAI, our users, or the public.

Business Transfers

If ValiqAI is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.

Data Retention

We retain your information for as long as your account is active or as needed to provide you services. Specific retention periods:

  • Account data: Retained until you delete your account
  • Scan history (Free tier): 7 days
  • Scan history (Paid plans): 90 days to unlimited, depending on plan
  • Billing records: 7 years (for tax and legal compliance)
  • Analytics data: Aggregated data may be retained indefinitely; personally identifiable analytics data is deleted after 2 years

Your Rights

Depending on where you live, you may have certain rights regarding your personal information:

Access and Portability

You can request a copy of the personal data we hold about you. We provide a data export feature in your account settings that lets you download your data in a machine-readable format.

Correction

You can update most of your personal information directly in your account settings. If you need help correcting other information, contact us.

Deletion

You can delete your account at any time from your account settings. When you delete your account, we delete your personal information within 30 days. Some information may be retained longer for legal compliance or to resolve disputes.

Opt-Out of Analytics

You can opt out of analytics tracking by declining cookies when first visiting our site, or by clearing your browser data and declining cookies on your next visit.

Do Not Sell (California Residents)

We do not sell personal information. If you are a California resident and want to exercise rights under the CCPA, contact us at privacy@valiqai.com.

For Users in the European Union

If you are in the EU, the General Data Protection Regulation (GDPR) gives you additional rights:

  • Legal basis: We process your data based on your consent (for optional features), contract performance (to provide the service you signed up for), and legitimate interests (to improve our service and prevent fraud).
  • Data transfers: Your data may be transferred to and processed in the United States, where our servers are located. We use standard contractual clauses approved by the European Commission to protect data transferred outside the EU.
  • Right to object: You can object to processing based on legitimate interests at any time.
  • Right to complain: You have the right to lodge a complaint with your local data protection authority.

Security

We take the security of your information seriously. Measures we use include:

  • All data transmitted over HTTPS (TLS encryption)
  • Passwords hashed using industry-standard algorithms
  • Sensitive data (credentials, tokens) encrypted at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication for internal systems
  • Employee training on data handling and security practices

No system is 100% secure. If you discover a security vulnerability, please report it to security@valiqai.com.

Children's Privacy

ValiqAI is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@valiqai.com and we will delete that information.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or by posting a notice on our website. Your continued use of ValiqAI after changes are posted means you accept the updated policy. We encourage you to review this policy periodically.

Contact Us

If you have questions about this Privacy Policy or how we handle your data, contact us at privacy@valiqai.com.

Back to ValiqAI
Terms of ServiceCookie Policy