Privacy Policy

Simpletrak ("we", "us", "our") is a cloud-based quality management system (QMS) platform operated by Ion Quality Systems Inc. Our registered address and contact details are available on request.

We are the data controller for information collected through our website at simpletrak.app and through the Simpletrak platform. Where we process data on behalf of our customers in connection with their use of the platform, we act as a data processor.

If you have any questions about this policy or our data practices, use our contact form.

We collect information in the following categories:

We use the data we collect for the following purposes:

• To provide, operate, and maintain the Simpletrak platform and all its features
• To process your subscription and manage your account
• To respond to your enquiries, demo requests, and support tickets
• To send transactional communications such as account confirmations, password resets, and billing notices
• To send product updates and feature announcements (you can unsubscribe at any time)
• To improve the platform through analysis of how features are used
• To power Simple AI capabilities — AI features analyse only your own organisation's data within your account; your data is never used to train models shared with other customers
• To comply with legal obligations and enforce our terms of service

We do not sell your data to third parties. We do not use your data for advertising purposes.

Where applicable under data protection law (including GDPR), we rely on the following legal bases to process your personal data:

• Contract: Processing is necessary to perform the contract we have with you — providing the Simpletrak service
• Legitimate interests: We process certain data to improve our platform and communicate relevant product updates, where this does not override your rights
• Legal obligation: We may process data where required to comply with applicable law
• Consent: Where we rely on consent (such as for marketing emails), you may withdraw it at any time

Your data is stored on secure cloud infrastructure. We implement technical and organisational measures appropriate to the risk, including:

• Encryption of data in transit (TLS) and at rest
• Role-based access controls — only authorised personnel can access your data
• Regular security reviews and vulnerability assessments
• Immutable audit logs within the platform
• Automated backups with point-in-time recovery

No method of transmission over the internet is 100% secure. While we use commercially reasonable measures to protect your data, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately via our contact form.

Data may be stored and processed in the United States, United Kingdom, or Australia depending on your region. Where data is transferred internationally, we ensure appropriate safeguards are in place in accordance with applicable law.

We work with a small number of trusted third-party providers to operate the platform. We share only the minimum data necessary for each provider to perform their function.

We do not share your data with advertisers, data brokers, or any third party for marketing purposes. All third-party providers are contractually bound to process your data only as instructed by us and in accordance with applicable data protection law.

We use cookies and similar technologies to operate the platform and understand how it is used. The cookies we set fall into the following categories:

• Essential cookies: Required for the platform to function — authentication, session management, and security. These cannot be disabled.
• Analytics cookies: Help us understand how visitors use the site so we can improve it. These are anonymised and do not identify you personally.
• Preference cookies: Remember your settings and preferences within the platform.

You can control non-essential cookies through your browser settings. Note that disabling certain cookies may affect platform functionality.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data, subject to legal obligations
• Portability: Request your data in a structured, machine-readable format
• Restriction: Request that we limit how we process your data in certain circumstances
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing

To exercise any of these rights, use our contact form. We will respond within 30 days. If you are based in the EU or UK and believe we have not handled your data lawfully, you have the right to lodge a complaint with your local supervisory authority.

We retain your data for as long as your account is active or as needed to provide the service. Specifically:

• Active accounts: Data is retained for the duration of your subscription
• After cancellation: Account and platform data is retained for 90 days, then permanently deleted unless you request earlier deletion
• Billing records: Retained for 7 years to comply with financial and tax obligations
• Contact form submissions: Retained for 2 years, then deleted
• Server logs: Retained for 90 days for security and diagnostic purposes

You may request earlier deletion of your data at any time via our contact form. Note that some data may need to be retained to comply with legal obligations even after a deletion request.

Simpletrak is a business software platform intended for use by organisations and their employees. It is not directed at or designed for use by individuals under the age of 18.

We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected such data, please contact us immediately via our contact form and we will delete it promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes we will:

• Update the "Last updated" date at the top of this page
• Notify active subscribers by email at least 14 days before the change takes effect
• In some cases, seek your consent if required by law

We encourage you to review this policy periodically. Your continued use of Simpletrak after a policy update constitutes acceptance of the revised policy.

If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your data, please contact us:

We will always respond within 30 days for data rights requests, and sooner for general enquiries.