Skip to content

Privacy Policy

Who we are

Our website address is: https://qmswrapper.com.

Whitepaper Downloads and Newsletter Subscriptions

When you download whitepapers from our website, we collect the following information:

  • Your name
  • Your email address
  • Which whitepaper(s) you have downloaded
  • Download date and time
  • IP address for security and tracking purposes

This information is collected to:

  • Provide you with access to the requested whitepaper
  • Add you to our newsletter subscribers list for general updates
  • Add you to a specific downloaders list for relevant follow-up content related to the whitepaper topic
  • Track download statistics for internal analytics

By downloading a whitepaper, you consent to:

  1. Being added to our general newsletter subscribers list
  2. Being added to a specific downloaders list for relevant follow-up content
  3. Receiving occasional emails related to the whitepaper topic you downloaded

You can unsubscribe from these communications at any time by clicking the unsubscribe link in any email we send or by contacting us directly at contact@qmswrapper.com.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Whitepaper Download Cookies

When you subscribe to download a whitepaper, we use local storage (a browser feature similar to cookies) to remember your subscription status. This allows you to download additional whitepapers without re-entering your information. This data is stored locally on your device and is not transmitted to our servers except when you actively download a whitepaper.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Security Monitoring and Automated Traffic Detection

We operate automated systems to detect and log bot and automated-crawler traffic to this website. When a visitor is identified as an automated agent (such as a search engine crawler, AI content scraper, SEO tool, or vulnerability scanner) or when any visitor generates an unusually high number of requests in a short time (exceeding our rate threshold), we log the following data:

  • IP address
  • User-agent string (browser or bot identifier)
  • HTTP Referrer header
  • URL path requested
  • Timestamp (UTC)

Normal human visitors who remain below the rate threshold are not logged by this system. Logged-in WordPress users are excluded entirely.

Geolocation Enrichment

After logging, each record is enriched with approximate geographic and organisational data through the following steps:

  1. Local geolocation database (primary): We use a locally stored MaxMind GeoLite2 database maintained on our own server. This lookup is performed entirely on our own server — no IP address or any other data is transmitted externally for this step.
  2. ip-api.com (fallback only): For IP addresses not found in the local database, we query ip-api.com, a third-party geolocation API. Only the IP address is transmitted; no other personal data is sent. This fallback is triggered only when the local database returns no country result.
  3. Reverse DNS lookup: We perform a reverse DNS lookup on our own server to identify the hostname and operating organisation. This is a standard DNS query; the IP address is not sent to any third-party API for this step.

Retention

All security-monitoring records are automatically deleted after 90 days via a scheduled cleanup process. No manual review of individual records is performed unless an active security incident requires investigation.

Processing is carried out on the basis of our legitimate interests under Article 6(1)(f) GDPR — specifically, protecting this website and our services from abuse, malicious access, and automated data harvesting (Recital 49: security of network and information systems). We have assessed this processing as proportionate and compatible with the fundamental rights of data subjects: normal human visitors are not logged; where any visitor is logged due to a rate anomaly, data is deleted after 90 days; no profiling or automated decision-making is applied to the logged data.

Who we share your data with

When you download whitepapers and subscribe to our newsletter, we share your information with:

  1. Brevo (Sendinblue) – Our email marketing and CRM platform. We share your name, email address, and whitepaper download history with Brevo to manage our email communications and track engagement. Brevo’s privacy policy can be found at: https://www.brevo.com/legal/privacypolicy/
  2. Internal tracking systems – We maintain internal records of whitepaper downloads for analytics and business intelligence purposes.

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For whitepaper downloads and subscriptions: We retain your subscription and download data indefinitely until you request deletion. This allows us to maintain accurate records of your preferences and download history. You can request deletion of your data at any time.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, have left comments, or have downloaded whitepapers, you can request to:

  1. Receive an exported file of the personal data we hold about you, including any data you have provided to us.
  2. Request correction of any inaccurate personal data we hold about you.
  3. Request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
  4. Opt-out of specific communications (e.g., you can unsubscribe from general newsletters but remain on the whitepaper follow-up list, or vice versa).

To exercise these rights, please contact us at contact@qmswrapper.com. We will respond to all legitimate requests within one month.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.

Security monitoring (bot detection): When our bot-detection system cannot resolve an IP address using the local geolocation database, that IP address is sent to ip-api.com to retrieve country and organisation data. Only the IP address is transmitted; no other personal data is shared. See Security Monitoring and Automated Traffic Detection above for full details.

Whitepaper subscription and download data is sent to Brevo (Sendinblue), which is based in France and complies with GDPR regulations. Their servers are located in the European Union. When you download a whitepaper, your information is transferred to Brevo for processing as described in their privacy policy.

Your Data Protection Rights Under GDPR

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you.
  • The right of rectification.
  • The right to object.
  • The right of restriction.
  • The right to data portability.
  • The right to withdraw consent.

Contact Information

For privacy-specific concerns, including requests to access, correct, or delete your personal data, please contact:

qmsWrapper Ltd.
Canada
Email: contact@qmswrapper.com

This privacy policy was last updated on 2026.06.22.