Legal

Privacy Policy

How Qualisense collects, uses and protects personal data across our website and platform.

Last updated: 16 June 2026

1. Who we are and scope

Qualisense is a qualitative-research software platform operated by Graphiti Research Technologies Private Limited, with its registered office at 814, Galleria Office Tower, DLF Phase 4, Gurgaon, Haryana, India, 122009 ("Qualisense", "we", "us" or "our"). This Policy applies to quali-sense.ai, the Qualisense platform, related applications, sales and support interactions, and other services that link to this Policy.

This Policy does not govern the independent privacy practices of our Customers, respondent-recruitment providers, research agencies or other third parties. Their own notices may also apply.

2. Our roles

Qualisense may have different legal roles depending on the data and context:

  • Controller / Data Fiduciary: We determine why and how we process website, account, billing, sales, security and support data for our own business purposes.
  • Processor / Data Processor / Service Provider: For Customer Content, including Respondent recordings, transcripts and research data, the Customer generally determines the research purpose and means. We process that data on the Customer's documented instructions under our agreement and DPA.
  • Independent third parties: Fieldwork, respondent-recruitment, payment, integration and other providers may act under their own privacy notices where they determine their own purposes.

Research Respondents should normally direct requests about a study to the organisation that invited them or conducted the research. We will assist our Customer as required by contract and applicable law.

3. Personal data we collect

3.1 Website, sales and account information

  • Name, business email address, telephone number, job title, company and country
  • Account credentials, authentication records, workspace membership and permissions
  • Sales enquiries, demo requests, contracts, communications and support correspondence
  • Billing contact details, transaction information and subscription records
  • Preferences for communications, events, product updates and marketing

3.2 Technical and usage information

  • IP address, browser, device, operating system, language, approximate location and referral source
  • Login times, pages viewed, features used, actions taken, error logs and performance data
  • Security events, audit logs and information used to detect misuse
  • Cookie, local-storage and similar technology identifiers

3.3 Customer Content and research data

  • Audio and video recordings, voice, image and spoken responses
  • Transcripts, translations, discussion guides, interview questions and notes
  • Respondent identifiers, demographic information, segmentation variables and incentive details where supplied
  • Opinions, behaviours, preferences, experiences and other information disclosed during research
  • Analysis matrices, reports, summaries, themes, chat prompts and generated outputs
  • Project metadata, workspace selections and cross-project query history

Customer Content may contain sensitive or special-category information depending on the study. Customers must minimise such collection and ensure that appropriate notices, permissions and safeguards are in place.

3.4 Live interviewing data

When a Customer uses the live interviewing agent, the Service may process Respondent audio, text responses, language, interaction timing and contextual signals needed to conduct and transcribe the interview. The Service is not intended to identify individuals using biometric templates, and Qualisense does not use voice recordings for biometric identification.

4. How we obtain personal data

  • Directly from website visitors, Customers, Users and Respondents
  • From Customer uploads, integrations and instructions
  • Automatically through the website and platform
  • From authorised research agencies, respondent-recruitment or fieldwork partners
  • From payment, communications, identity, security and analytics providers
  • From publicly available business sources where permitted

5. How and why we use personal data

  • Provide the Service: Create accounts, conduct configured interviews, transcribe and translate recordings, generate matrices and reports, enable project and cross-project chat, provide support and fulfil contracts.
  • Secure the Service: Authenticate Users, manage permissions, detect abuse, investigate incidents, maintain logs and protect systems, Customers and Respondents.
  • Operate the business: Manage billing, contracts, suppliers, records, audits, corporate transactions and legal obligations.
  • Improve Qualisense: Diagnose errors, measure feature performance and improve workflows using permitted service data. Customer Content is handled as stated in the agreement and DPA.
  • Communicate: Respond to enquiries, provide service notices, send requested information and, where permitted, send marketing communications.
  • Comply and protect: Respond to lawful requests, enforce agreements, establish or defend legal claims, and prevent fraud or harm.

6. Legal bases and permitted grounds

Depending on the jurisdiction and context, we rely on one or more of the following:

  • Performance of a contract or steps requested before entering a contract
  • Legitimate interests in operating, securing, supporting and improving a business service, balanced against individual rights
  • Consent, including for optional marketing or non-essential cookies where required
  • Compliance with legal obligations and lawful requests
  • Establishment, exercise or defence of legal claims
  • Other permitted uses or lawful grounds available under applicable data-protection law

For Customer Content, our Customer is responsible for identifying and documenting the lawful basis for the underlying research. We process the data under the Customer's instructions and the DPA.

7. AI systems and use of Customer Content

Qualisense uses automated systems and may use approved AI and machine-learning providers to deliver transcription, translation, interviewing, analysis, reporting and chat features. Depending on the feature, Customer Content may be transmitted to these providers under contractual and security controls.

Qualisense does not use Customer Content to train general-purpose AI models unless the Customer expressly opts in or the parties agree in writing. We may use aggregated and de-identified telemetry that does not identify a Customer, User or Respondent to operate, secure and improve the Service.

The Service is intended to assist human research and business teams. It is not intended to make solely automated decisions that produce legal or similarly significant effects on individuals. Customers must independently review Outputs and must not use them as the sole basis for high-impact decisions.

8. How we disclose personal data

We may disclose personal data to:

  • Authorised Customer administrators and Users within the relevant workspace
  • Hosting, storage, security, communications, AI, transcription, translation, analytics, support and payment subprocessors
  • Professional advisers, auditors, insurers, banks and corporate service providers
  • Respondent-recruitment and fieldwork providers where requested or authorised by the Customer
  • Government authorities, courts or other parties where required by law or necessary to protect rights and safety
  • An acquirer, investor or successor in connection with a merger, financing, reorganisation or sale, subject to appropriate confidentiality
  • Other parties with the individual's or Customer's direction or consent

We do not disclose Customer Content to other customers.

9. Sale and targeted advertising

Qualisense does not sell personal data or personal information. Qualisense does not share personal information for cross-context behavioural advertising. If this changes, we will update this Policy and provide legally required opt-out mechanisms.

Our website may use analytics and marketing technologies only as described in our cookie settings. Non-essential technologies should be activated only after consent where required.

10. International transfers

Qualisense, its Customers and service providers may operate in different countries. Personal data may therefore be processed outside the country where it was collected. Where required, we use recognised safeguards such as adequacy decisions, standard contractual clauses, the UK International Data Transfer Agreement or Addendum, contractual data-protection terms and supplementary security measures.

Customers should review the DPA and subprocessor list for information relevant to Customer Content and transfer locations.

11. Data retention and deletion

We retain personal data only for as long as reasonably necessary for the purposes described in this Policy, including contractual, security, accounting, dispute and legal requirements.

  • Account and contract records: for the customer relationship plus 3 years.
  • Website enquiries and sales records: for 3 years after the last meaningful interaction, unless a longer period is required.
  • Security and audit logs: generally for 3 years, subject to incident and legal needs.
  • Customer Content: for the subscription term and the deletion/export period in the Order Form or DPA.
  • Marketing records: until opt-out, plus a suppression record so we can respect the request.

We may retain de-identified or aggregated information that cannot reasonably be linked to an individual or Customer.

12. Security

We use technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Measures may include access controls, authentication, encryption where appropriate, logging, backups, vulnerability management, personnel confidentiality and vendor oversight.

No method of transmission or storage is completely secure. Customers are responsible for configuring permissions, limiting uploads to necessary data, protecting credentials and handling exported data securely.

If we confirm a personal-data breach affecting Customer Content, we will notify the affected Customer without undue delay as required by the DPA and applicable law. Customer remains responsible for notices to Respondents and authorities where Customer is the responsible controller or Data Fiduciary.

13. Cookies and similar technologies

The website and platform may use:

  • Strictly necessary technologies for login, security, load balancing and core functions
  • Preference technologies that remember settings
  • Analytics technologies that help us understand usage and performance
  • Marketing technologies, if used, to measure campaigns or personalise outreach

A cookie banner or settings tool identifies current cookies, providers, purposes and durations and allows Users to manage non-essential choices. Browser controls may also limit cookies, although some functions may be affected.

14. Your privacy rights

Depending on location and applicable law, individuals may have rights to:

  • Receive information about processing and obtain access to personal data
  • Correct inaccurate or incomplete data
  • Request deletion or erasure
  • Withdraw consent, without affecting earlier lawful processing
  • Object to or restrict certain processing
  • Receive portable data where applicable
  • Opt out of certain sale, sharing, targeted advertising or profiling where applicable
  • Limit use or disclosure of certain sensitive personal information where applicable
  • Nominate another person or use an authorised agent where recognised by law
  • Receive non-discriminatory treatment for exercising privacy rights
  • Complain to a data-protection or privacy authority

To exercise rights regarding Qualisense account, website or marketing data, contact contact@quali-sense.ai. We may verify identity and authority before acting. We will respond within the period required by applicable law.

For personal data in a Customer's research project, contact the Customer or research sponsor identified in the study notice. If you contact us, we may refer the request to that Customer and assist them as required.

15. Additional information for California residents

If the California Consumer Privacy Act, as amended, applies, California residents may have rights to know, access, correct and delete personal information; opt out of sale or sharing; limit certain uses of sensitive personal information; and receive non-discriminatory treatment. Requests may be submitted through contact@quali-sense.ai.

During the preceding 12 months, the categories of personal information we may have collected correspond to the information described in Section 3, including identifiers, customer records, commercial information, internet or electronic activity, audio/visual information, professional information, inferences and sensitive personal information where included in authorised research data. We use and disclose these categories for the purposes and to the recipients described in this Policy.

We do not knowingly sell or share personal information of individuals under 16.

16. Additional information for EEA, UK and Swiss individuals

Individuals in these regions may contact contact@quali-sense.ai regarding access, correction, erasure, restriction, objection, portability or withdrawal of consent. Where processing is based on legitimate interests, further information about the balancing assessment may be requested. Where data is transferred internationally, information about the relevant safeguards may also be requested, subject to confidentiality restrictions.

17. Additional information for individuals in India

Where India's Digital Personal Data Protection framework applies, individuals may have rights to access information about processing, correction, completion, updating and erasure, grievance redressal and nomination, subject to applicable commencement dates, rules and exemptions. Requests and grievances may be sent to contact@quali-sense.ai.

Customers conducting research in India are responsible for providing compliant notice, establishing a lawful ground, enabling withdrawal where applicable, and meeting duties relating to children, security safeguards, breach response and Respondent rights.

18. Children and vulnerable participants

The website and platform are not directed to children under 18. We do not knowingly create platform accounts for children. Customers must not use the Service to interview or process information about children or vulnerable individuals unless the study is lawful, ethically appropriate, covered by required parental or guardian consent, and agreed with Qualisense where additional safeguards are needed.

If you believe a child's data has been submitted unlawfully, contact contact@quali-sense.ai and identify the relevant Customer or study where possible.

19. Third-party links and integrations

Our website or Service may link to or integrate with third-party services. Their privacy practices are governed by their own notices, and we are not responsible for independent third-party processing. Customers should review third-party terms before enabling an integration.

20. Changes to this Policy

We may update this Policy to reflect changes in the Service, law, technology or business operations. We will post the updated version with a revised date and provide additional notice where required or where changes are material. Archived versions may be requested at contact@quali-sense.ai.

21. Contact and grievance redressal

For privacy questions, requests or complaints, contact:

  • Graphiti Research Technologies Pvt. Ltd.
  • 814 Galleria Office Towers, DLF Phase 4, Gurgaon, Haryana, India, 122009
  • Privacy email: contact@quali-sense.ai
  • Grievance Officer / Data Protection Contact: Abhishek Chaubey
  • Website: graphitirt.com

We will acknowledge and address complaints within the time required by applicable law. Individuals may also contact the competent privacy or data-protection authority in their jurisdiction.