Privacy Notice

Last updated: 30 June 2026

This privacy notice explains how CISLO Solutions Ltd collects, uses and protects personal data when you use QRTOGRAPHY, visit our website, access a demonstration environment, or contact us.

1. Who we are

QRTOGRAPHY is operated by CISLO Solutions Ltd.

  • Company name: CISLO Solutions Ltd
  • Company number: 09633549
  • Registered office: South Building Upper Farm, Wootton St Lawrence, Basingstoke, Hampshire, United Kingdom, RG23 8PE
  • Registered in: England and Wales
  • Contact: privacy@cislosolutions.com

For the purposes of UK data protection law, CISLO Solutions Ltd is the controller of personal data processed through this website and, unless otherwise agreed in writing, through QRTOGRAPHY demonstration environments operated by CISLO Solutions Ltd.

2. Personal data we may collect

Depending on how you use QRTOGRAPHY, we may collect and process the following types of personal data:

  • account details, such as name, email address, username and authentication status;
  • contact details provided when you contact us or request access to a demo;
  • technical information, such as IP address, browser type, device type and security logs;
  • usage information, such as sign-in activity, scan activity, selected links, audit events and application actions;
  • workspace or project access information, such as assigned roles and permissions;
  • information submitted through forms, reports, notes or support requests.

Demonstration data within QRTOGRAPHY is intended to be synthetic and should not include real client, project, asset or confidential information unless this has been expressly agreed in writing.

3. How we use personal data

We use personal data for the following purposes:

  • to provide access to QRTOGRAPHY and related services;
  • to authenticate users and protect accounts;
  • to manage workspaces, permissions and resolver profiles;
  • to record audit events, including scans, clicks, changes and administrative actions;
  • to investigate errors, security issues, misuse or suspected unauthorised access;
  • to respond to enquiries, support requests or reported issues;
  • to improve the reliability, security and usability of the service;
  • to comply with legal, regulatory, accounting or contractual obligations.

4. Lawful basis for processing

We rely on one or more of the following lawful bases when processing personal data:

  • Contract: where processing is necessary to provide access to QRTOGRAPHY or related services.
  • Legitimate interests: where processing is necessary to operate, secure, audit and improve the service, provided those interests are not overridden by individual rights.
  • Legal obligation: where processing is necessary to comply with legal, regulatory, tax, accounting or security obligations.
  • Consent: where we ask for consent for a specific purpose, such as optional communications or non-essential cookies, if used.

5. Cookies and similar technologies

QRTOGRAPHY may use strictly necessary cookies or similar technologies to support essential functions such as sign-in, authentication, session management, security and user access.

These cookies are required for the service to work properly. If we introduce non-essential cookies, such as analytics, advertising or tracking cookies, we will provide appropriate information and request consent where required.

6. Who we share personal data with

We may share personal data with:

  • hosting, infrastructure, authentication, email or support service providers;
  • professional advisers, such as accountants, insurers or legal advisers;
  • customers or workspace administrators where access is provided as part of an organisation or project environment;
  • law enforcement, regulators or public authorities where required by law.

We do not sell personal data.

7. International transfers

Where personal data is transferred outside the United Kingdom, we will take steps intended to ensure that appropriate safeguards are in place, where required by applicable data protection law.

8. How long we keep personal data

We keep personal data only for as long as reasonably necessary for the purposes described in this notice, including to provide the service, maintain security and audit records, resolve disputes, meet legal obligations, and maintain business records.

Account, audit and security records may be retained for a reasonable period after access ends where this is necessary for security, contractual, legal or evidential purposes.

9. Your rights

Depending on the circumstances, you may have rights under data protection law, including the right to:

  • access your personal data;
  • ask for inaccurate data to be corrected;
  • ask for data to be erased;
  • ask for processing to be restricted;
  • object to processing;
  • request data portability;
  • withdraw consent where processing is based on consent.

To exercise your rights, contact us at privacy@cislosolutions.com.

10. Security

We use technical and organisational measures intended to protect personal data against unauthorised access, loss, misuse, alteration or disclosure. No online system can be guaranteed to be completely secure, but we take security seriously and review our approach as the service develops.

11. Complaints

If you have concerns about how we use your personal data, please contact us first so we can try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office, the UK supervisory authority for data protection matters.

12. Changes to this notice

We may update this privacy notice from time to time. The latest version will be made available on this page.