NeurQ AI Labs Private Limited ("we", "us", "our") operates the QS Asset APM Platform. We are unconditionally committed to protecting the privacy, digital assets, and sensitive telemetry data of our enterprise organizations and individual administrators.
This Privacy Policy delineates our rigorous methodologies for data collection, processing, transit security, and absolute isolation. This platform operates in strict compliance with the **Digital Personal Data Protection Act, 2023 (DPDP Act)** of India, the **General Data Protection Regulation (GDPR)** for EU citizens, and relevant regional regulatory frameworks.
2. Data We Collect & Lawful Bases
We strictly process data based on your explicit consent, which is requested at the time of account creation. We gather the following categories of telemetry and parameters:
Discovery Scanning Data: Hostnames, local IP allocations, MAC coordinates, responding service interfaces, operating system signatures, network switch configurations, SNMP-enabled equipment metrics, ONVIF CCTV capabilities, and physical vehicle GPS coordinate values discovered through active system scans.
Host Agent System Telemetry: CPU cores, memory utilization arrays, disk volume limits, running daemon instances, active user sessions, and comprehensive software manifests gathered by the QS Asset Management Agent.
3. Purpose Bound Processing Specifications
We process the collected telemetry strictly for bounded purposes:
OPERATIONAL DELIVERY
Populating real-time infrastructure topology, issuing priority alert dispatches, and managing helpdesk service requests.
Vulnerability mitigation
Correlating operating systems and daemon variations against globally verified Common Vulnerabilities and Exposures (CVE) repositories.
Zero External Monetization Commitments: We strictly declare that your data is never sold, leased, shared, or compiled for targeted consumer profiling or external advertising under any circumstances.
4. Data Storage & SOC 2 Security Protocols
We mandate state-of-the-art technical protections across our infrastructure to preserve the integrity of your telemetry data. QS Assets operates under SOC 2 security controls โ see the Security Trust Center and Data Processing Addendum for processing and subprocessor details:
Encryption-in-Transit: All interface interaction, API transport, and remote agent telemetry are encapsulated within TLS 1.3 packets with mandatory HSTS (HTTP Strict Transport Security) active.
Encryption-at-Rest: Physical storage uses AES-256 block-level disk encryption. Highly sensitive variables (like ticketing credentials or network community keys) are individually salted and encrypted within PostgreSQL columns.
Multi-Tenant Isolation: Virtual environments are segmented using foreign-key organization schemas. Direct cross-tenant data requests are programmatically intercepted and neutralized at the middleware layer.
Tamper-Proof Audit Logging: System audit logs utilize sequential cryptographically-linked SHA-256 hash chains. Any unauthorized alteration instantly invalidates the subsequent validation checks, alerting security command centers immediately.
5. Data Retention Limits & Disposal
To guarantee compliance with data minimization directives, telemetry is automatically pruned based on strict lifecycle boundaries:
90 Days
Agent Telemetry
180 Days
Discovery Scans
365 Days
Audit Event Logs
Following user account termination, user parameters are flagged for deletion. Complete zero-residual sanitization across database engines is completed automatically within 30 days.
6. User Rights & Consent Management (DPDP Act 2023)
In accordance with the India DPDP Act 2023, you retain absolute authority over your digital personal data. You are entitled to exercise these rights at any time:
Right to Access & Summary: Request a comprehensive, structured output of all personal datasets and logs related to your identity held by NeurQ AI Labs.
Right to Correction & Erasure: Rectify inaccurate, obsolete, or incomplete coordinates immediately. You may request physical erasure of all records if they are no longer required for lawful, bounded purposes.
Right to Consent Withdrawal: Revoke authorization for future data processing at your convenience. Note that withdrawing authentication permissions may limit our ability to deliver platform functionalities.
Right to Data Portability: Export all system parameters in a standard, machine-readable JSON structure for transfer to other monitoring services.
7. First-Party Storage Mechanisms
We enforce a strict Zero Third-Party Cookie Policy. No advertising pixels, tracking tags, or external behavioral marketing blocks are integrated into our pages.
We utilize first-party browser localStorage parameters to support essential platform controls: active JWT session storage, visual layout theme configuration, and cookie banner consent values. Please refer to our complete Cookie Policy for detailed schemas.
8. Grievance Redressal & Contact Coordinates
For inquiries concerning privacy regulations, data access requests, or to register a formal concern, you may contact our appointed Data Protection Officer directly: