Privacy Policy
Effective date: 2026-06-04 · Last updated: May 29, 2026
This Privacy Policy explains what data Qamino collects, how we use it, with whom we share it, and the rights you have over it. We keep this short, plain, and honest — if anything is unclear, write to us at privacy@qamino.io.
1. Who we are
Qamino is operated by Qamino LLC, a limited liability company organized under the laws of the State of Wyoming, United States.
For any data protection matter, contact us at privacy@qamino.io.
We are the data controller for all data processed through qamino.io and app.qamino.io.
2. Data we collect
We only collect what we need to run Qamino. We never buy data, we never sell data, and we do not run advertising trackers.
- Account data — your Google account email (via Google OAuth), your preferred language, and your marketing consent (boolean + timestamp).
- Profile data — your plan (FREE / CORE / PRO), your Stripe customer ID, and your country of residence if you choose to provide it.
- Usage data — the trips you enter (country codes, entry and exit dates) and the residency calculations derived from them.
- Technical data — IP address, user agent and device type, collected by Firebase Auth and Firebase Hosting for security, abuse prevention, and quality of service.
- Marketing data — if you opt in, opens and clicks on our marketing emails, collected by Zoho Campaigns.
- Payment data — handled directly by Stripe. Qamino never sees your card number or banking details; we only store the Stripe customer / subscription identifiers.
3. How we use your data
We process your data only for the purposes listed below, each under a specific legal basis (GDPR Art. 6).
- To provide the service (performance of contract) — authenticate you, compute your compliance status, sync your data across devices.
- To send transactional emails (performance of contract) — confirmations, security notices, billing receipts, deletion confirmations. These cannot be opted out of as long as you have an account.
- To send marketing emails (consent) — product updates, tips, occasional offers. You can withdraw consent any time from your account or via the unsubscribe link in every email.
- To process payments (performance of contract) — via Stripe.
- To manage our CRM relationship (legitimate interest) — keep a record of you as a customer in Zoho CRM for support and lifecycle communications.
- To prevent fraud and abuse (legitimate interest) — server logs, rate limiting, anomaly detection.
- To comply with legal obligations (legal obligation) — tax records, accounting, responding to lawful requests.
4. Sub-processors
We rely on the following sub-processors to operate Qamino. Each has its own privacy policy and security commitments. We have data processing agreements in place where applicable.
- Google LLC (USA) — Firebase Authentication, Cloud Firestore, Cloud Functions, Cloud Run. Region: us-central1.
- Stripe Inc. (USA) — payment processing, subscription billing, customer portal.
- Zoho Corporation (USA data center .com) — Zoho CRM (customer records), Zoho Campaigns (marketing emails), ZeptoMail (transactional emails), SalesIQ (live chat), PageSense (product analytics).
- Vercel Inc. (USA) — landing site hosting (qamino.io).
- Cloudflare Inc. (USA) — DNS and edge protection.
5. Data retention
We keep your account data for as long as your account is active.
When you delete your account through the app, your personal data is anonymized in our systems within 90 days. We keep a non-identifying transactional record for accounting and tax obligations for the period required by law (up to 10 years for some financial records).
Server logs are retained for up to 30 days. Backups are retained for up to 30 days.
6. Your rights
Under GDPR (if you are in the EU/UK) and CCPA (if you are a California resident), you have the right to:
- Access the personal data we hold about you.
- Rectify data that is inaccurate or incomplete.
- Erase your data — directly via the "Delete account" button inside the app, or by email.
- Restrict or object to certain processing activities.
- Port your data — receive a copy in a structured, machine-readable format.
- Withdraw consent for marketing emails at any time.
- Lodge a complaint with your local data protection authority.
- Opt out of "sale" or "sharing" (CCPA) — Qamino does not sell or share your personal information as defined by the CCPA, so this right does not apply in practice.
7. Cookies and local storage
Qamino does not run any third-party advertising or behavioral tracking. We do use a small set of cookies and local storage for the service to work. The full breakdown is in our Cookies Policy.
Key points: Firestore stores a local cache on your device for offline-first usage; Firebase Auth keeps your session token; Zoho PageSense (product analytics) and Zoho SalesIQ (live chat) only load if you explicitly accept them in our consent banner.
8. Children
Qamino is not directed to children. The service is intended for users aged 16 and older. We do not knowingly collect personal data from anyone under 16. If you believe a minor has provided us with personal data, contact us and we will delete it.
9. International data transfers
Qamino is operated from the United States. Our infrastructure (Google Cloud, Stripe, Zoho .com data center, Vercel, Cloudflare) is primarily hosted in the United States.
If you are in the European Economic Area, the United Kingdom, or Switzerland, your data is transferred to the United States. Our sub-processors rely on the European Commission Standard Contractual Clauses (SCCs) and equivalent UK/Swiss safeguards to protect your data during these transfers.
10. Security
We apply industry-standard security practices: encrypted connections (HTTPS / TLS), encrypted storage at rest, scoped access controls, and regular security reviews of our code and dependencies.
No system is perfectly secure. If you believe you have found a vulnerability, please write to privacy@qamino.io with the details so we can investigate quickly.
11. Changes to this policy
We may update this Privacy Policy as Qamino evolves. For any material change, we will notify you by transactional email before the change takes effect. The "Last updated" date at the top of this page always reflects the current version.
12. Contact
For any question or request regarding this policy or your data, write to privacy@qamino.io.
Questions about your privacy?
We answer every email personally. Reach out and we will get back to you within a few business days.
Postal address: 30 N Gould St #65230, Sheridan, WY 82801, USA