Website Privacy Policy
Last updated: January 28, 2026
1. Scope
This Privacy Policy applies to the qmediat.io marketing website and contact form operated by Quantum Media Technologies sp. z o.o.
Our mobile applications and other products have separate privacy policies. See App Privacy Policy for app-specific information.
2. Data Controller
Quantum Media Technologies sp. z o.o.
ul. Ślężna 104/2A, 53-111 Wrocław, Poland
KRS: 0000370462 | NIP: PL8971768021
For privacy inquiries: contact@qmt.email
3. What Data We Collect
3.1 Contact Form
When you submit our contact form, we collect:
- Name (required)
- Email address (required)
- Company name (optional)
- Message content (required)
- IP address
- Submission timestamp
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — to respond to your inquiry and prevent abuse.
Necessity: Name, email, and message are required to process your inquiry. Without them, we cannot respond to you.
3.2 Server Logs
Our hosting provider (Vercel) automatically collects server log data including IP address, browser type, referring URL, and pages visited.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — security and performance monitoring.
Retention: Server logs are retained by Vercel according to their data retention policies (typically up to 30 days).
4. Recipients & Third-Party Processors
Your data may be processed by the following service providers:
4.1 Vercel Inc. (Hosting)
Website hosting and server log processing.
Location: USA
Safeguards: Standard Contractual Clauses (SCCs)
Vercel Privacy Policy
4.2 Upstash Inc. (Database)
Storage of contact form submissions.
Location: USA / EU (region may vary)
Safeguards: Standard Contractual Clauses (SCCs)
Upstash Privacy Policy
4.3 Cloudflare Inc. (Security)
Turnstile bot protection for the contact form. Cloudflare processes browser fingerprint data to distinguish humans from bots.
Location: Global CDN (including USA)
Safeguards: Standard Contractual Clauses (SCCs)
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — spam prevention.
Cloudflare Privacy Policy
4.4 Google LLC (Maps)
Embedded Google Maps widget on the contact page to display our office location. The map is only loaded after you accept cookies. When loaded, Google may collect data including IP address and browser information.
Location: USA
Safeguards: Standard Contractual Clauses (SCCs)
Legal basis: Consent (Art. 6(1)(a) GDPR).
Google Privacy Policy
5. Cookies & Local Storage
We use minimal cookies and browser storage:
| Name | Provider | Purpose | Type | Duration |
|---|---|---|---|---|
| cookie-consent | QMT (localStorage) | Stores your cookie preference | Essential | Persistent |
| cf_clearance | Cloudflare | Bot verification (Turnstile) | Functional | 30 minutes |
| NID, 1P_JAR, etc. | Maps functionality (consent required) | Third-party | 6–12 months |
Managing preferences: You can clear cookies via your browser settings. To reset your consent choice, clear localStorage for this site.
6. International Data Transfers
Some of our service providers are located outside the European Economic Area (EEA), primarily in the United States. We ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Verification that recipients maintain adequate security measures
7. Data Retention
- Contact form submissions: Up to 12 months after inquiry resolution
- Server logs: According to Vercel's retention policy (typically 30 days)
Data may be retained longer if required by law or for legal claims.
8. Your Rights
Under GDPR, you have the right to:
- Access — obtain a copy of your personal data
- Rectification — correct inaccurate data
- Erasure — request deletion ("right to be forgotten")
- Restriction — limit processing in certain circumstances
- Portability — receive data in a structured format
- Object — object to processing based on legitimate interest
To exercise these rights, email us at contact@qmt.email. We will respond within 30 days.
You may also lodge a complaint with the Polish supervisory authority:
Prezes Urzędu Ochrony Danych Osobowych (UODO)
ul. Stawki 2, 00-193 Warszawa
uodo.gov.pl
9. Data Security
We implement appropriate technical and organizational measures including: encrypted transmission (HTTPS/TLS), access controls, and secure data storage.
10. Changes to This Policy
We may update this Privacy Policy. Changes will be posted on this page with an updated revision date.