Trust

Security & privacy.

One page, two sections. Short, because the long version reads like every other security page. If you have a question we don't answer here, email [email protected].

Security Privacy

What we collect

✓ Your STEP files & BOMs — Required for the product. Stored at rest, encrypted. You own them; we don't reuse them for ML training.
✓ Your email — Only if you give it to us (upload form, account creation, sales conversation).
✓ Analytics — Page views and event counts via self-hosted Umami. No third-party trackers, no cookies by default.

What we don't collect

✗ Cross-site cookies, fingerprints, IP-keyed tracking — None. Umami is cookieless by default; we don't use Google Analytics or Meta Pixel.
✗ Sensitive personal data — We don't ask. If you embed Quidities on a site that handles PII, that data is yours and stays on your side.

Deletion & data control

→ Per-upload delete — Every upload you make while signed in shows up in /dashboard with a Delete button. Removing an upload there wipes the file from our storage and the viewer URL stops resolving.
→ Account-level deletion — Email [email protected] from the address on your account; we wipe your uploads + remove your identity from our auth store. No self-service flow yet — we do it by hand and confirm to you when it's done.
→ GDPR / SAR requests — [email protected] — we'll get back to you in line with the statutory window.

Sub-processors: Cloudflare (CDN/TLS), SendGrid (transactional email). Email [email protected] if you need an up-to-date list for your compliance file.