Skip to main content
Quopedia

Privacy Policy

Last updated: February 2026

1. Introduction

This Privacy Policy explains how Mindworks Labs ("we", "us", or "our") collects, uses, and protects your personal data when you use the Quopedia website and services (the "Service").

We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

Mindworks Labs is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, please contact us at Mindworks Labs.

3. Data We Collect

3.1 Account Information. When you create an account, we collect your name, email address, and password (stored in hashed form). You may optionally provide additional profile information.

3.2 User Submissions. We collect the content you submit to the Service, including quote suggestions, edit suggestions, and any associated text or information.

3.3 Usage Data. We automatically collect information about how you interact with the Service, including pages visited, features used, timestamps, and referring URLs.

3.4 Device Information. We collect information about the device you use to access the Service, including IP address, browser type, operating system, and device identifiers.

3.5 Cookies and Similar Technologies. We use cookies and similar technologies to maintain your session, remember your preferences, and analyse usage patterns. See Section 9 for more details.

4. How We Use Your Data

We use your personal data for the following purposes:

  • Providing the Service: To operate and maintain your account, process your submissions, and deliver the features you request.

  • AI Processing: To process your User Submissions through AgenticPV (our Agentic Provenance Verification) to discover, verify, and enrich quotations.

  • Improving Our AI: To train, improve, and develop AgenticPV using your User Submissions, as described in our Terms of Service.

  • Communication: To send you service-related notifications, respond to your enquiries, and provide customer support.

  • Security: To detect, prevent, and address fraud, abuse, and security issues.

  • Analytics: To understand how users interact with the Service and to improve our offerings.

  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

5. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract: Processing necessary to perform our contract with you (providing the Service).

  • Legitimate Interests: Processing necessary for our legitimate interests, such as improving the Service, ensuring security, and developing AgenticPV, where these interests are not overridden by your rights.

  • Legal Obligation: Processing necessary to comply with legal requirements.

  • Consent: Where you have given consent for specific processing activities.

6. Data Sharing

We may share your personal data with:

  • Service Providers: Third-party vendors who assist us in operating the Service, including hosting providers, analytics services, and AI infrastructure providers.

  • Legal Requirements: Law enforcement, regulators, or other parties when required by law or to protect our rights.

  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

We do not sell your personal data to third parties.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the United Kingdom. When we transfer data internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the UK Information Commissioner's Office.

8. Data Retention

We retain your personal data for as long as necessary to provide the Service and fulfil the purposes described in this Privacy Policy. Specifically:

  • Account Data: Retained while your account is active and for a reasonable period thereafter.

  • User Submissions: Retained indefinitely as they become part of the Service and are used to train and improve AgenticPV.

  • Usage Data: Retained for analytics purposes, typically for up to 24 months.

We may retain data for longer periods where required by law or for legitimate business purposes.

9. Cookies

We use cookies and similar technologies for:

  • Essential Cookies: Required for the Service to function, including authentication and security.

  • Analytics Cookies: To understand how users interact with the Service and to improve our offerings.

  • Preference Cookies: To remember your settings and preferences.

You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service.

10. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.

  • Rectification: Request correction of inaccurate or incomplete data.

  • Erasure: Request deletion of your personal data in certain circumstances.

  • Restriction: Request restriction of processing in certain circumstances.

  • Portability: Request transfer of your data to another service provider.

  • Objection: Object to processing based on legitimate interests.

  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise these rights, please contact us at Mindworks Labs. We will respond to your request within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated.

11. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe we have collected data from a child under 13, please contact us immediately so we can delete it.

Users between 13 and 18 years old must have parental or guardian consent to use the Service.

12. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at Mindworks Labs.