Privacy Policy

Quartech Privacy Policy

Last Updated: March 20, 2026

  1. Overview

Quartech Systems Ltd. (“Quartech”, “we”, “our”, “us”) values privacy and is committed to handling personal information responsibly. This Privacy Statement explains:

  • what personal information we collect,
  • how we use it,
  • when we share it,
  • how we protect it, and
  • what choices and rights you may have.

This statement applies to Quartech’s public websites and business interactions, and it is supplemented by product specific privacy notices for Quartech applications and services.

  1. Scope

This Privacy Statement applies to:

  • Quartech public websites, including quartech.com and related web properties;
  • marketing, sales, and business development interactions;
  • recruitment interactions (job applications and related communications);
  • Quartech operated products and services where this statement is referenced.

Product-specific privacy notices:
Some Quartech products and apps have additional privacy details that apply specifically to those services. See Section 3.

  1. Product-Specific Privacy Notices

The following notices supplement this Privacy Statement:

  • QCMS Mobile Apps – Privacy Notice: https://quartech.com/privacy-policy/#q-cms
  • Digital Trust (DTS) Apps & Services – Privacy Notice: https://quartech.com/privacy-policy/#dts

If you are using a solution delivered for a Quartech client, the client may publish a client branded privacy notice that governs the service. In those cases, Quartech typically acts as a service provider under contract.

  1. Definitions
 
  • Personal Information / Personal Data: Information about an identifiable individual (e.g., name, email, phone number, IP address, identifiers, usage data).
  • Service Providers: Third parties that process information on our behalf (e.g., hosting, analytics, communications tools).
  • Cookies & Similar Technologies: Cookies, pixels, SDKs, and identifiers used for site functionality, analytics, and preferences.
 
  1. Personal Information We Collect

We may collect:

5.1 Information you provide voluntarily

  • Contact and inquiry details (name, company, email, phone, message content)
  • Event/marketing sign‑ups (newsletter, webinar registration)
  • Recruitment information (resume/CV and application details)

5.2 Usage and technical information

When you use Quartech websites or online services, we may collect:

  • Device and browser information (device type, OS, browser version)
  • Log data (pages viewed, time spent, referring sources)
  • IP address (commonly used for security, fraud prevention, and approximate location)

5.3 Cookies and similar technologies

We may use cookies and similar technologies for:

  • essential website functions,
  • analytics/performance measurement,
  • and marketing/advertising where enabled and permitted.
 
  1. How We Use Personal Information

We may use personal information to:

  • respond to inquiries and manage our relationship with you,
  • operate, maintain, and improve our websites and services,
  • send communications you request (and marketing communications where permitted),
  • support recruitment and business operations,
  • meet legal, regulatory, contractual, and security obligations.
 
  1. Legal Bases (Where Applicable)

Depending on context and jurisdiction, we may process personal information based on:

  • consent,
  • performance of a contract,
  • legitimate interests (e.g., improving services, securing systems),
  • legal obligations.
 
  1. Sharing and Disclosure

We do not sell or rent personal information.

We may share personal information with:

  • Service Providers that support our operations (e.g., hosting, analytics, communications) under confidentiality/security obligations,
  • Legal or regulatory authorities where required by law,
  • Business transfers (e.g., reorganization/merger/sale), with appropriate protections.
 
  1. Cookies, Analytics, and Session Replay (Configure to actual tools)

We may use analytics to understand engagement and improve site performance.

Cookie controls: You can manage cookies through your browser settings and/or any cookie preference tools we provide.

Google Analytics: If enabled, we may use Google Analytics to measure engagement and site performance.

  1. Data Retention

We retain personal information only as long as necessary for the purposes described in this statement, unless longer retention is required or permitted by law.

  1. Security

We implement reasonable technical and organizational safeguards designed to protect personal information against loss, theft, and unauthorized access, disclosure, copying, use, or modification.

  1. Children’s Privacy

Our public websites and services are not directed at children under 13, and we do not knowingly collect personal information from children under 13.

  1. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • Request access, correction, or deletion,
  • Withdraw consent (where applicable),
  • Opt-out of marketing communications,
  • Request restriction or object to certain processing (where applicable).

How to Request Account or Data Deletion

Submit a request: Contact our privacy team by email and specify that you wish to delete your account and/or personal data.

Verification: We may ask you to confirm your identity to protect your account and information.

Processing: Once verified, we will begin processing your deletion request and notify you when the process is complete.

What Data Is Deleted?

The following types of data will typically be deleted: Account profile information (name, email, contact details) Photos or media you have uploaded App usage history and preferences Notifications and operational alerts specific to your account

What Data May Be Retained?

Some information may be kept for a limited period after your request to comply with legal, contractual, or operational requirements, such as: Transaction records (for tax, compliance, or audit purposes) Customer support interactions Data required to resolve disputes or enforce our agreements

Retention Period: Data retained for compliance or contractual obligations will only be kept as long as necessary, typically no longer than required by law or policy. Once the retention period expires, such data will be securely deleted or anonymized.

  1. Third-Party Links

Our websites may contain links to third-party sites. Their privacy practices are governed by their policies.

  1. Changes to This Statement

We may update this statement from time to time. Changes will be posted with a revised “Last Updated” date.

  1. Contact Us

For privacy questions or requests, contact:
Privacy Contact: [email protected]
Mailing Address:  4211 Kingsway, #710, Burnaby, BC, V5H 1Z6

2) Q‑CMS Apps & Services — Privacy Policy

Last Updated: March 20, 2026
Applies to Q-CMS products and services.

  1. Summary

This notice explains how personal information is handled when you use Q‑CMS mobile applications operated by Quartech (“Q‑CMS Mobile Apps”).

This notice supplements the Quartech Privacy Statement: https://quartech.com/privacy-policy

  1. What information the QCMS Mobile Apps may collect:

2.1 Data Categories

  • Location — if applicable and only if the app uses it
  • Personal / Account / Identity data (e.g., name, username, email, user ID, role/claims, PII)
  • Financial Information (e.g. social security/insurance number)
  • Health and Fitness (e.g. health problems, fitness activities and capabilities)
  • Messages (e.g. text messages, instant messages)
  • Content you submit (e.g., form entries, attachments, photos) — if applicable
  • App usage data (e.g., feature usage, timestamps, interaction events)
  • Device/technical data (e.g., OS version, device model, IP address)
  • Diagnostics (e.g., crash logs, performance metrics)

3. How we use the information

We use information to:

  • Provide and operate the app and its features
  • Authenticate users and enforce role-based access
  • Maintain security and prevent misuse
  • Support customer support and troubleshooting
  • Improve performance and reliability

4. App permissions

Q‑CMS Mobile Apps may request device permissions such as:

  • Camera (e.g., to capture photos/documents)
  • Photos/Media (e.g., to upload attachments)
  • Notifications (e.g., operational alerts)
  • Location (only if required for app functionality)
  • Biometrics (e.g. authentication)

5. Data retention

We retain personal information only as long as necessary for app operation, customer support, compliance obligations, and contractual requirements.

6. Security

We apply reasonable safeguards (technical and organizational) to protect data from unauthorized access, disclosure, or misuse.

7. Per-app differences (matrix)

 

App name

Platform (s)

Data collected (high level)

Sensitive permissions

Third‑party SDKs

Data stored where

Recruiting

iOS/Android

Location, Personal, Financial, Health, Fitness, Messages, Content, Usage, Device, Diagnostics

Camera, Media, Notifications, Location, Biometrics

Google Maps

Quartech

DPJ

iOS/Android

   

Quartech

3) Digital Trust (DTS) Apps & Services — Privacy Policy

Last Updated: March 20, 2026
Applies to: Quartech Digital Trust products delivered under the “DTS” family, including cloud services and mobile applications that can be used to issue, hold, and verify digital credentials and related administrative portals/SDKs (“Digital Trust Services”).

  1. Summary

This notice explains how personal information is handled when you use Quartech Digital Trust Services (DTS), which may be used to issue, hold, and verify digital credentials (for example ISO/IEC 18013‑5 mobile driver’s licence (mDL), W3C Verifiable Credentials, and AnonCreds).

This notice supplements the Quartech Privacy Statement: https://quartech.com/privacy-policy

  1. What information the Digital Trust Services may collect or process

What data is processed depends on the product role (issuer, holder/wallet, verifier) and deployment (public cloud, private cloud, on-premises, or customer managed). Where Quartech delivers Digital Trust Services for a specific customer organization, that customer may act as the controller and Quartech typically acts as a service provider under contract.

  • 2.1 Holder (wallet) apps
    • Credentials stored on device: Wallet apps may store issued credentials and related cryptographic keys on the user’s device. Where supported, keys may be protected using OS provided secure storage (for example secure enclave/keystore).
    • Local history/settings: Wallet apps may store user preferences and optional local activity history on device.
    • No biometric collection: If biometric unlocking is enabled, biometric templates are handled by the operating system; the app does not receive or store biometric data.
    • Network data: When a wallet communicates with an issuer or verification service, network information such as IP address and timestamps may be processed for routing and security.

  • 2.2 Issuance services (cloud or customer hosted)
    • Identity attributes provided by the issuer/customer: Depending on the program, issuance workflows may process attributes required to create a credential (e.g., name, date of birth, licence/entitlement attributes, identifiers assigned by the issuer).
    • Credential and transaction metadata: Such as credential type, issuance status, timestamps, and technical identifiers needed for lifecycle management.
    • Fraud prevention and security logs: We may process logs (e.g., IP address, device/technical signals, administrator actions) to secure the service, prevent abuse, and support auditing required by the customer or law.

  • 2.3 Verification services (cloud or verifier apps)
    • Presentations and proofs: Verification may involve processing user presented credential data, selective disclosure data elements, and/or cryptographic proofs.
    • Verification outcomes: Such as valid/invalid results, revocation and integrity checks, and timestamps.
    • Operational and audit logging: Depending on deployment, we may process logs to support troubleshooting, security monitoring, and customer audit requirements.

  • 2.4 Administration portals, support tools, and cookies
    • Portal account information: Administrator usernames, roles, and authentication information (as provided by the customer’s identity provider) may be processed to provide role-based access control.
    • Session and security data: Including login events and administrative actions for security and audit purposes.
    • Cookies and similar technologies: Portals may use essential cookies for signin and session management. Analytics or session replay tools (if any) must be enabled and documented per deployment.

  1. How we use the information

  • Provide and operate Digital Trust Services (issuance, wallet, verification, administration, and support functions).
  • Authenticate users and enforce role-based access (including integration with customer identity providers).
  • Maintain security and prevent fraud or misuse (monitoring, abuse prevention, incident response, and audit logging).
  • Support customers and troubleshoot (diagnostics, support ticket handling, and service communications).
  • Improve reliability and performance (service monitoring, error analysis, and product improvement).
  • Meet legal, regulatory, and contractual requirements (including customer required audits and retention where applicable).

    4. App permissions (must match what the apps request)

Digital Trust mobile apps may request device permissions such as:

  • Camera (e.g., to scan QR codes for verification, or to capture documents/photos if required by an issuance workflow).
  • Photos/Files (e.g., to upload attachments if supported).
  • Notifications (e.g., credential status updates, expiry reminders, operational alerts).
  • Bluetooth / NFC (only if the specific verifier or wallet workflow uses proximity based presentation or device to device exchange).
  • Location (only if required for a customer program feature; if not required, it is not collected).

    5. Data retention

We retain personal information only as long as necessary for service operation, security, customer support, and compliance with legal/contractual requirements. Wallet apps typically store credentials locally on the device until the user removes them or uninstalls the app. Server-side logs and records (if any) are retained according to the customer program’s retention requirements and applicable law

6. Security

We apply reasonable technical and organizational safeguards appropriate to the sensitivity of the data and the deployment environment. Safeguards may include encryption in transit and at rest, secure key storage on supported devices, access controls, logging/monitoring, and secure development and testing practices.

7. Per product differences (matrix)

Product name

Role

Platform

Data processed (high level)

Sensitive permissions

Third‑party SDKs/tools

Data stored where

Q-Wallet

Holder

iOS/Android

Credentials on device; minimal telemetry if enabled

Camera/NFC/location

N/A

On device

Q-Trust Cloud

Issuer

Cloud/On Prem

Attributes required to issue; audit/security logs

N/A

N/A

Customer tenant/region

Q-Verifier

Verifier

iOS/Android/Cloud

Presented data/proofs; verification results; logs as configured

Camera/NFC/Location/etc.

N/A

Customer tenant/region and on-device

Locations

We have deep expertise in leading technology platforms. Our proven processes deliver dependeable solutions with impactful results.

Burnaby, BC, Canada

4211 Kingsway, #710
Burnaby, BC
V5H 1Z6

604-291-9686

Victoria, BC, Canada

1012 Douglas St. #200
Victoria, BC
V8W 2C3

250-380-9686

Seattle, WA, USA

Suite 970
5608 17th Avenue NW
Seattle, WA 98107

Quartech
Linkedin

People-centric IT solutions that empower organizations to better serve their communities.

Burnaby, BC, Canada

4211 Kingsway, #710
Burnaby, BC
V5H 1Z6

604-291-9686

Victoria, BC, Canada

1012 Douglas St. #200
Victoria, BC
V8W 2C3

250-380-9686

Seattle, WA, USA

Suite 970
5608 17th Avenue NW
Seattle, WA 98107

©2026 Quartech. All rights reserved.