QuantAllocarrow_backBack to site

Legal

Privacy Policy

How QuantAlloc handles your data.

Last updated: 15 May 2026

1. Who we are

QuantAlloc is a Namibian institutional investment workbench operated for the analysis of portfolios, mandates, and Reg 28 compliance. References to “we,” “us,” and “QuantAlloc” in this policy mean the QuantAlloc product and the natural and legal persons operating it.

2. What we collect

We collect only the data that is necessary to provide the service.

From visitors to the public site

  • Demo request information — name, work email, company, role (optional), and any message you choose to include — submitted via the “Request Demo” form.
  • Bot protection signals — a Cloudflare Turnstile challenge token used to verify the form submission is not automated.

From signed-in users

  • Account identity — email address (and optionally name) supplied to our authentication provider when you sign up or sign in.
  • Workspace data you enter — fund positions, market values, weights, asset classifications, mandate rules, monthly returns, fact-sheet notes, and any other content you add to the workbench.
  • Operational metadata — timestamps of saves, IP address attached to API requests, and basic browser information necessary to render the application.

We do not collect

  • Payment card information (we do not process card payments).
  • Personal identification numbers, ID document copies, or biometric data.
  • Behavioural advertising data — we do not run third-party advertising trackers on QuantAlloc.

3. How we use your data

  • To provide the service — store and retrieve your workspaces, compute analytics, send the breach alerts you can opt into, and let you sign in.
  • To respond to demo requests — the form information is emailed to a QuantAlloc operator inbox so we can schedule a walkthrough with you.
  • To keep the service safe — rate-limit abusive traffic, verify bot challenges, and investigate suspicious activity.
  • To comply with law — respond to lawful requests where we are legally required to do so.

We do not use your workspace data to train any models, do not share it with third parties for marketing, and do not sell it.

4. Where your data lives

QuantAlloc uses the following processors to deliver the service. Each is contractually obligated to handle data only on our instructions, and the categories of data shared are listed below.

  • Clerk (authentication) — your account email, name (if supplied), and session tokens. Privacy policy.
  • Supabase (database hosting) — workspace contents you save to the cloud, plus the email allowlist of authorised users. Privacy policy.
  • Vercel (application hosting) — request metadata required to serve the app (IP, user-agent, request path). Privacy policy.
  • Resend (transactional email) — recipient address and the email content for demo notifications, breach alerts, and other transactional mail. Privacy policy.
  • Cloudflare (Turnstile bot protection) — anonymised challenge tokens from form submissions. Privacy policy.

Several of these processors operate servers outside Namibia. By using QuantAlloc you consent to the cross-border transfer of the data described above, where it is processed on servers that may be located in the European Union, the United States, or other jurisdictions.

5. Retention

  • Workspace data is retained for as long as your account is active. Local-only mode keeps data in your browser; deleting site data removes it. Cloud data is removed when you delete the workspace or close your account.
  • Demo request emails are retained in the operator inbox for as long as the relationship is active or until you ask us to delete them.
  • Server logs are retained for a short period (typically 30 days) for operational and security purposes.

6. Your rights

You can:

  • Ask for a copy of the personal data we hold about you.
  • Ask us to correct inaccurate personal data.
  • Ask us to delete your personal data (subject to any legal retention obligations).
  • Withdraw your consent to processing, where consent is the legal basis we rely on.

To exercise any of these rights, contact us at the address in the “Contact” section below. We will respond within a reasonable period.

7. Security

QuantAlloc enforces standard production security controls: TLS for all data in transit, row-level security on the database, secrets stored in managed environment variables, bot protection on public forms, and an allowlist gating access to the workbench. No system is perfectly secure; we ask that you choose a strong password and notify us immediately if you suspect any unauthorised activity on your account.

8. Children

QuantAlloc is a professional tool intended for institutional analysts and is not directed to anyone under 18. We do not knowingly collect personal data from minors.

9. Changes to this policy

We may update this policy from time to time. Material changes will be highlighted at the top of this page. The “Last updated” date above always reflects the current version. Continued use of QuantAlloc after the change indicates your acceptance of the updated policy.

10. Contact

For privacy questions, data-subject requests, or any other concern about how we handle your data:

QuantAlloc
Email: privacy@quantalloc.com
Postal address available on request.