Skip to main content


What is GDPR

General Data Protection Regulation (GDPR) is a EU privacy data protection policy that was enacted on May 25th, 2018.

The policy defines more clearly what a user’s rights are when it comes to the storage, usage and management of their personal data and data rules for all companies operating in the EU, wherever they are based. For more details.

If you already know your rights, feel free to reach out to us with any requests. Otherwise, keep reading to learn more.

Key Terminology

Data Controller

“A controller is the entity that determines the purposes, conditions and means of the processing of personal data”
In this instance is a Data Controller.

Data Processor

“[A] processor is an entity which processes personal data on behalf of the controller” uses many Data Processors which can be found in the table below.

Data Subject

“A natural person whose personal data is processed by a controller or processor.”

In this instance you are the Data Subject.

Data Subject Rights

The details on each of your rights can be found here in the regulation.’s compliance to each of the rights are explained in the sections below.

Right to be Informed will send a message via email to all registered customers and controllers of any breach within 72 hours of first becoming aware of the breach.

Right to Access

Our Terms of Service lay out the data that collects on Data Subjects. By accepting these Terms you give consent to processing your personal data. To access your personal data please send an email.

Right to Rectification

Your personal data can be seen and modified via the profile page of’s AutoQL Integrator Portal. Any changes to data not found on this page but received as part of the Right to Access process may be changed by sending an email message.

Right to Erasure

To be forgotten please send an email.

Right to Restrict Portability

All data accessed via the Right to Access section above is allowed to be transmitted to another controller.

Right to Object

You may object to our usage of your personal data by sending an email.

Rights related to automated decision making including profiling does not automatically make decision or profile users based on their personal information.’s Data collects personal data from two primary sources. These are the following:

  • AutoQL
  • All integrations

AutoQL by Application Data

AutoQL stores the following personal data:

  • Organization Names
  • Project Names
  • Email Addresses
  • Full Name
  • Ip Address
  • Location information including the following:
    • Country
    • Region
    • City
    • Zip Code
    • Time Zone
    • Longitude
    • Latitude
Data Type How we obtain it Usage of the data
Organization Name Entered on signup To display to user to uniquely identify organizations
Project Name Either entered on integration connection or retrieved from the integration To display to the user to unique identify projects
Email Addresses Entered on signup To send notifications about application activity, billing receipts and marketing material
Full Name Entered on signup To personalize email communication and to identify to other users your personal content (comments, reports, etc.)
Ip Address Collected automatically by signing up To obtain location data
Location Data Collected automatically by signing up To fill initial billing information including tax percentage and currency.

Security stores data securely using state of the art database technologies. Data is sent and received exclusively over SSL protected requests. Your data is available for you to access through a natural language question when required.

Data Protection Officer does not have a Data Protection Officer as it does not meet any of the two possible requirements for appointing one. These are the following:

  • a public authority or body (except for courts acting in their judicial capacity);
  • core activities require large scale, regular and systematic monitoring of individuals (for example, online behaviour tracking); or core activities consist of large scale processing of special categories of data or data relating to criminal convictions and offences.


Entity Function Country GDPR Compliant
Google Cloud Platform Cloud Service US yes
Azure Cloud Platform Cloud Service US yes
Sendgrid Cloud Based email notification US yes
MongoDB Atlas Cloud data storage Service US yes
Hubspot Cloud based CRM and Marketing automation US yes
Hubspot Cloud based scheduling software US yes
Chart Mogul Cloud based subscription analytics Germany yes
Google Analytics Google service US yes
Stripe Payment Processor US yes
Twilio Cloud based communication platform US yes

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.
Suite 2100,
333-7th Ave SW
Calgary, Alberta T2P 2Z1