Privacy Policy

QuestIT Platform operates the public website at quest-it.tech. This policy covers the public marketing pages, localized routes, articles, service pages, and lead forms available on the site.

If the final controller details are clarified or updated later, this page will be revised accordingly. Until then, privacy requests can be submitted through the website contact form.

We limit collection to the information required to route enquiries, respond to requests, and keep the website secure and operational.

• name, email address, and Telegram handle when you provide it;
• requested role, experience description, and any text submitted in the lead form;
• sourceType, sourcePage, and locale so we can understand how the request entered the site;
• the hidden anti-spam field website; if it is triggered, the submission is treated as spam and not as a lead;
• basic technical request logs required for security, diagnostics, and abuse prevention;
• language preference storage: questit-locale cookie, questit-locale localStorage, and questit-locale-scroll sessionStorage.

For the English version of the site, the disclosure model follows a GDPR-style global baseline. We process lead data to review your enquiry, recommend a relevant simulation or role, and continue communication about your request.

The main legal bases are your action in submitting the form and the consent implied by that action for contact-related processing, together with operational necessity and legitimate interests in protecting the website, preventing spam, and maintaining language routing and security logging.

Lead data is kept for as long as needed to process the request, continue business communication, and maintain a reasonable record of prior contact. As a working baseline, lead correspondence is generally not kept longer than 24 months after the last meaningful interaction unless law or contractual context requires more.

Technical logs and anti-spam events are usually kept for shorter periods and only for diagnostics, incident review, and security monitoring.

We may use hosting providers, infrastructure vendors, and message delivery providers to run the site and receive enquiries. Lead submissions are sent by the QuestIT server to the Telegram Bot API and then into the configured team chat.

Where infrastructure routing or Telegram delivery involves cross-border access or transfer, we try to minimise the amount of data sent and limit it to the information required for follow-up communication and operational handling.

The website uses a minimal set of client-side storage mechanisms to remember the selected language and restore scroll position during localized navigation. At the time of this version, the public website does not intentionally load third-party browser analytics scripts, tracking pixels, or external icon assets during normal public browsing.

Server-side request logs may still exist as part of infrastructure operations, abuse prevention, and technical diagnostics.

We use reasonable technical and organisational safeguards, including HTTPS transport, access limitation, data minimisation, anti-spam controls, and internal handling restrictions for lead information.

No internet-facing system can guarantee absolute security, but we aim to reduce the risk of unauthorised access, loss, disclosure, or misuse.

Depending on the law that applies to you, you may have rights to request access, correction, deletion, restriction, portability, objection, or withdrawal of consent for future processing.

Before we complete a request, we may reasonably ask you to verify your identity and your relationship to the data so that personal information is not disclosed to the wrong person.

Use the website contact form at https://quest-it.tech/en/#contact. Please describe the right you want to exercise, the data involved, and the safest way to contact you back.

If your request concerns a submitted lead form, include the approximate submission date plus any identifying fields you used, such as your name, email address, or Telegram handle.

We may revise this page whenever product flows, form fields, processors, infrastructure, storage mechanisms, or applicable legal expectations change.

The latest version is always published on this page, and the last updated date shows when the policy was reviewed.