Privacy Policy — QLS Token

Controller: QLS Contact: support@qls.one Last Updated: 2025‑10‑02

1. Scope & Controller

This Privacy Policy explains how we process personal data when you visit qls.one, contact us, or participate in community programs. It does not cover third‑party services (e.g., wallets, DEXs), which have their own privacy policies.

Controller: QLS • Email: support@qls.one

2. Categories of Data We Process

• Data you provide: contact form details, emails, usernames/handles (e.g., Discord/Telegram/X), support messages.
• Account / program data (optional): participation records for community programs (e.g., airdrop eligibility).
• On‑chain data: public wallet addresses and transactions (public by design; we do not control blockchain networks).
• Automatically collected: IP address, device/browser info, language, referring pages, pages visited, timestamps, and basic server logs.
• Cookies/IDs: consent logs and cookie identifiers (see section 4).

3. Purposes & Legal Bases (GDPR Art. 6)

Purpose	Examples	Legal Basis
Operate & secure the website	hosting, logs, fraud prevention, rate limiting	Legitimate interests (Art. 6(1)(f))
Communications & support	responding to messages/requests	Legitimate interests (Art. 6(1)(f)) or Contract (Art. 6(1)(b))
Community programs	eligibility checks, deliveries, anti‑abuse	Legitimate interests (Art. 6(1)(f)); Consent (Art. 6(1)(a)) where required
Marketing/newsletter (optional)	updates about the project	Consent (Art. 6(1)(a)); opt‑out anytime
Analytics/performance cookies	traffic measurement, performance	Consent (Art. 6(1)(a)); disabled until consent
Legal compliance	KYC/AML (if legally required), sanctions screening	Legal obligation (Art. 6(1)(c))

No sale of personal data. We do not sell your personal data.

Legitimate interest test: Where we rely on Art. 6(1)(f), we assess and balance our interests with your rights. You may object at any time (see section 8).

4. Cookies & Similar Technologies (TTDSG/ePrivacy)

We use strictly necessary cookies to operate the site and store your consent, and — with your permission — preferences, analytics, and marketing cookies. Non‑essential cookies are disabled until you consent in the banner or in Cookie Settings. You can change your choice anytime.

• Strictly necessary: required for site functionality and security; cannot be switched off.
• Preferences (opt‑in): language, UI choices.
• Analytics (opt‑in): aggregated usage metrics.
• Marketing (opt‑in): personalization (if used).

5. Recipients & Processors

We may share data with trusted processors under GDPR‑compliant data processing agreements, e.g.:

• Hosting/CDN and security services
• Email & customer support tools
• Analytics providers (if enabled by consent)
• Error monitoring and performance tools

We disclose data to authorities when required by law and to protect rights, property, or safety.

6. International Data Transfers

If data is transferred outside the EEA/UK, we use appropriate safeguards such as the Standard Contractual Clauses (SCCs) and conduct transfer risk assessments. Copies of safeguards are available on request.

7. Data Retention

• Server logs: typically 30–90 days (security).
• Contact/support data: up to 24 months after resolution.
• Consent logs: for at least the cookie lifetime or as required by law.
• Program records: as needed to operate the program and comply with law.

We delete or anonymize data when no longer necessary for the stated purposes.

8. Your Rights under GDPR

You have the right to access, rectify, erase, restrict processing, object to processing (including where based on legitimate interests), and data portability. Where processing relies on consent, you may withdraw consent at any time (withdrawal does not affect prior processing).

To exercise your rights, contact us at support@qls.one. We may need to verify your identity. We aim to respond within one month (Art. 12–15 GDPR).

You also have the right to lodge a complaint with a supervisory authority. In the EU, this is typically your local Data Protection Authority (DPA); in Germany, the competent Landesdatenschutzbehörde.

9. Children’s Privacy

Our services are not directed at children under 16 years of age (or a lower age permitted by local law, but never below 13). We do not knowingly collect data from children. If you believe a child has provided data to us, please contact us to delete it.

10. Security Measures

We implement reasonable technical and organizational measures, including TLS encryption in transit, access controls, least‑privilege practices, backups, and monitoring. No method of transmission or storage is 100% secure.

11. Automated Decision‑Making & Profiling

We do not perform automated decision‑making or profiling that produces legal or similarly significant effects (Art. 22 GDPR). If this changes, we will update this Policy and provide the required information and safeguards.

12. Third‑Party Links

Our website may include links to external sites or services. We are not responsible for their privacy practices. Please review their privacy policies.

13. Changes to this Policy

We may update this Policy from time to time. Changes will be posted on this page with the updated “Last Updated” date. Material changes may be announced via our official channels.

14. Contact & Complaints

For questions, requests, or complaints regarding this Policy or your personal data, contact: QLS, support@qls.one. You may also lodge a complaint with your supervisory authority.

© 2025 QLS — This page is for information purposes only and does not constitute legal advice.