Privacy Policy

Last updated: July 2026

1. Who we are and what this covers

JinxQMS is a multi-tenant quality management platform for aerospace companies. This policy explains what information we collect when you use jinxqms.com and the JinxQMS application, how we use and protect it, and the choices you have. It applies to both visitors of our public pages and users of customer accounts.

2. Information we collect

  • Account information. Your name, work email address, role, and work-group membership, provided when your company invites you or you create an account.
  • Company information. Your company's name, address, phone number, and logo, used on the documents the platform generates for you.
  • Quality records and documents. The content your company puts into its quality system: projects, forms, uploaded files, vendor records, audit results, interview answers, and generated QMS documents. This data belongs to your company — we process it solely to provide the service.
  • Usage and security logs. Actions taken in the application (who did what, when, and from which IP address) are recorded in an append-only audit log. This is a deliberate compliance feature: aerospace quality systems require a tamper-evident record of every change.
  • Communications. Messages you send us through the contact form.

We do not collect data for advertising, run third-party ad trackers, or sell personal information — to anyone, ever.

3. How we use information

  • To operate the platform: authenticate you, run your company's workflows, generate documents, and send the notifications your company configures.
  • To meet compliance obligations: audit trails, electronic-signature records, and retention required by aerospace quality standards.
  • To secure the service: rate limiting, abuse detection, and investigating failed sign-in attempts.
  • To respond when you contact us.

4. AI processing

Some features (InstaQMS generation, InstaGap analysis, InstaAudit, the QMS Copilot) send your company's quality-system content to AI providers — Anthropic (Claude) for generation and analysis, and OpenAI for document-search embeddings — strictly to produce results for your account. We use these providers under API terms that do not permit training their models on your data. AI output that changes your quality system never goes live without a human's explicit, recorded approval.

5. Service providers

We use a small set of infrastructure providers to run JinxQMS:

  • Supabase — database, authentication, and file storage
  • Dropbox — controlled-document and project file storage
  • Render — application hosting
  • Anthropic and OpenAI — AI processing (Section 4)
  • Resend — transactional email delivery
  • Sentry — error monitoring (technical diagnostics, not marketing)
  • FedEx, UPS, and DHL — shipment tracking status, when your company uses in-transit tracking
  • Microsoft — only if your company connects the Outlook drag-and-drop integration

Each provider receives only what its function requires and is bound by its own contractual confidentiality and security obligations.

6. How we protect it

Every company's data is isolated by tenant at the database layer with row-level security as defense in depth. Data is encrypted in transit and at rest. Administrator accounts require multi-factor authentication. Every mutation is audit-logged with a tamper-evident hash chain. Our engineering controls are built to SOC 2 criteria — see the Security page for detail.

7. Retention

Aerospace regulation drives our retention: quality records (projects, forms, certificates, signed approvals) are retained for at least ten years and audit logs indefinitely — deleting them would break the compliance record your company relies on. Account information is retained while your account is active. When a contract ends, your company can export its data; we then delete or anonymize what regulation does not require us to keep.

8. Cookies

We use only the cookies required to keep you signed in (session authentication). There are no advertising, analytics, or cross-site tracking cookies, so there is no cookie banner to click through.

9. Your choices and rights

You can view and correct your profile information in Settings. Depending on where you live, you may have rights to access, correct, export, or delete personal information; we honor these subject to the regulatory retention in Section 7 (where deletion is restricted, we tell you why). If you use JinxQMS through your employer, your employer controls the account — direct requests to them first and we will support their response. To reach us, use the contact form.

10. Children

JinxQMS is a business tool and is not directed to anyone under 16. We do not knowingly collect information from children.

11. Changes to this policy

When we make material changes we will update this page and its date, and notify account administrators. Continued use of the service after a change takes effect means you accept the updated policy.