QP

Privacy Policy

Last Updated: November 23, 2025

1. Introduction

QuickPetition ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered immigration petition drafting service.

This policy complies with the EU General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA), and Swiss Federal Act on Data Protection (FADP).

Data Controller: QuickPetition
Contact: customer-support@quickpetition.com

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Username, email address, full name, authentication credentials
  • Petition Information: Name, nationality, occupation, field of expertise, achievements, publications, research work, employment history
  • Supporting Documents: CVs, publication lists, reference letters, certificates, research papers
  • Communication Data: Support requests, feedback, correspondence

2.2 Automatically Collected Information

  • Usage Data: Application interaction data and analytics
  • Device Information: Browser type, operating system, IP address, device identifiers
  • Session Information: Authentication session data
  • Cookies: Session cookies for authentication (essential cookies only)

2.3 AI Processing Data

  • Information submitted to third-party AI language models for petition generation
  • AI-generated petition drafts and recommendations
  • Web scraping results from publicly available sources for evidence gathering

3. How We Use Your Information

3.1 Legal Bases for Processing (GDPR)

  • Contract Performance:To provide petition drafting services you've purchased
  • Consent: For AI processing of your immigration information
  • Legitimate Interests: Service improvement, security, fraud prevention
  • Legal Obligation: Compliance with immigration, tax, and data protection laws

3.2 Purposes

  • Generate AI-powered EB-1A and EB-NIW petition letters
  • Provide document review and formatting services
  • Conduct research on your behalf for evidence gathering
  • Communicate service updates, petition status, and support responses
  • Process payments and manage subscriptions
  • Improve our AI models and service quality
  • Detect and prevent fraud, security threats, and abuse
  • Comply with legal obligations and respond to legal requests

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

  • AI Providers: Third-party AI language models for petition generation
  • Cloud Infrastructure: Cloud hosting and storage services
  • Email Service: Third-party email delivery service for transactional emails
  • Payment Processor: Third-party payment processing service (if applicable)

Important: Third-party AI providers may process your petition information according to their own privacy policies. We use enterprise-grade API services with data processing agreements.

4.2 We Do NOT Share Data With:

  • Advertising networks or data brokers
  • Social media platforms for marketing purposes
  • Third parties for their own marketing

4.3 Legal Disclosures

We may disclose your information if required by law, subpoena, court order, or government request, or to protect our legal rights and safety.

5. Data Storage and Security

5.1 Where We Store Your Data

  • Primary Storage: Secure cloud infrastructure in the United States (Iowa region)
  • File Storage: Encrypted cloud storage in the United States (Iowa region)
  • Application Hosting: Cloud hosting services in the United States (Iowa region)

International Transfers:If you are located in the EU/UK/Switzerland, your data is transferred to the United States. We rely on Standard Contractual Clauses (SCCs) and our cloud provider's GDPR compliance for lawful transfers.

5.2 Security Measures

  • Industry-standard encryption for all data in transit and at rest
  • Secure password storage using cryptographic hashing
  • Secure session management with industry-standard protections
  • Regular security audits and vulnerability scanning
  • Access controls and role-based permissions
  • Automated backups with encrypted storage
  • Multi-layer security architecture

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy or as required by law:

  • Active Accounts: Data retained while account is active
  • Inactive Accounts: Data retained for 3 years after last login, then deleted
  • Deleted Accounts: Data anonymized immediately, backups purged within 90 days
  • Transaction Records: Retained for 7 years for tax/legal compliance
  • Security Logs: Retained for 1 year for fraud prevention

7. Your Privacy Rights

7.1 GDPR Rights (EU/UK/Swiss Residents)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure:Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for AI processing at any time
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

7.2 CCPA Rights (California Residents)

  • Right to Know: Request disclosure of data collected and shared
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: We do not sell personal information
  • Right to Non-Discrimination: Equal service regardless of privacy rights exercise

7.3 How to Exercise Your Rights

Online (Recommended):

By Email:

Contact us at customer-support@quickpetition.comwith subject "Privacy Rights Request"

We will respond to verified requests within 30 days (GDPR) or 45 days (CCPA).

8. Cookies and Tracking

We use minimal cookies, primarily for essential functionality:

  • Session Cookie: Required for authentication (essential, no consent needed)
  • CSRF Token: Security protection (essential, no consent needed)
  • Cookie Consent: Remembers your cookie preferences (essential, no consent needed)

We do NOT use: Analytics cookies, advertising cookies, or third-party tracking cookies.

9. Children's Privacy

QuickPetition is not intended for children under 13 years old (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at customer-support@quickpetition.com.

10. Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

  • Notify affected users within 72 hours (GDPR requirement)
  • Report to relevant data protection authorities
  • Provide details about the breach, affected data, and remediation steps
  • Offer assistance such as credit monitoring if applicable

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on our website

Continued use of our service after changes constitutes acceptance of the updated policy.

12. Contact Us

Data Controller: QuickPetition

Email: customer-support@quickpetition.com

Website: https://quickpetition.com

Subject Line for Privacy Requests:"Privacy Rights Request"

EU Representative: To be appointed if required under GDPR Article 27

13. Supervisory Authorities

If you are located in the EU/UK/Switzerland and believe we have violated your privacy rights, you have the right to lodge a complaint with your local data protection authority:

Back to Home