QuinnBack to Quinn

Privacy Policy

Last updated March 17, 2026

Introduction

This Privacy Policy ("Policy") describes how iollo, inc., a Delaware corporation ("iollo," "we," "us," or "our"), collects, uses, shares, and protects personal information in connection with the Quinn Platform, including the Quinn Platform dashboard, website, any subdomains, and all associated online properties and applications operated by iollo (collectively, the "Service"). This Policy also describes your rights and choices regarding your personal information.

This Policy applies to:

  • visitors to the Quinn Platform website;
  • individuals who create accounts on the Quinn Platform dashboard, including trial, evaluation, and demonstration users;
  • prospective clients and business contacts who interact with iollo in connection with the Quinn Platform; and
  • individuals who submit inquiries, request demonstrations, or engage with interactive features on the Service.

Client Data Under an MSA. If you or your organization have executed a Master Agreement ("MSA") with iollo, the processing of Client Data (as defined in the MSA) submitted to or through the Quinn Platform is governed by the MSA and, where required, by a Data Processing Addendum -- not by this Privacy Policy. This Policy governs personal information collected in connection with your use of the Service interface, dashboard features, and iollo's marketing and business development activities. To the extent there is any conflict between this Policy and an executed MSA regarding the processing of Client Data, the MSA shall control.

Evaluation Access Users. If you access the Service without an executed MSA (for example, under an evaluation, trial, or demonstration arrangement), data you submit through the Service is governed by this Policy and the Terms of Use.

For purposes of this Policy, "Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. Personal Information includes, without limitation, identifiers (such as name, email address, IP address), commercial information, internet or other electronic network activity information, geolocation data, and professional or employment-related information, as further described below. Personal Information does not include publicly available information, lawfully obtained truthful information that is a matter of public concern, or information that has been de-identified or aggregated such that it can no longer reasonably be used to identify any individual.

By accessing or using the Service, you acknowledge that you have read and understood this Policy. If you do not agree with the practices described herein, you should not use the Service.

1. Information We Collect

1.1 Information You Provide Directly

We collect Personal Information that you voluntarily provide to us, including when you:

  • Account setup. When your account is provisioned on the Quinn Platform dashboard (by iollo or by your organization's administrator), we collect your name, email address, company affiliation, and role. During your first login, we collect the password you set and your first and last name. iollo does not store or have access to your plaintext password.
  • Use the dashboard. When you use the Quinn Platform dashboard, we collect information you submit through the platform interface, including any inputs, queries, comments, annotations, or other content you provide through dashboard features.
  • Submit inquiries or contact us. When you contact us by email, through a contact form, by telephone, or by other means, we collect your name, email address, company name, job title, phone number, and the contents of your communication.
  • Request a demonstration or trial. When you request a demo, trial, or other evaluation of the Quinn Platform, we collect your name, email address, company name, title, and any additional information you provide about your use case or requirements.
  • Attend events or webinars. When you register for or attend an iollo-sponsored event, webinar, or conference, we collect your registration information, including your name, email address, company name, and job title.
  • Subscribe to communications. When you sign up to receive newsletters, updates, or other communications from us, we collect your name and email address.
  • Provide feedback. When you submit suggestions, feedback, survey responses, or other input through the Service or otherwise, we collect the content of your submission and any associated contact information.
  • Engage in business discussions. In the course of evaluating or negotiating a potential engagement with iollo, we collect business contact information and information relevant to the proposed engagement, such as your company's therapeutic focus areas, data types, and analytical needs.

1.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information, including:

  • Device and Browser Information. Your Internet Protocol (IP) address, browser type and version, operating system, device type, device identifiers, screen resolution, and language preferences.
  • Dashboard Usage Data. Features accessed, actions performed within the dashboard, session duration, navigation patterns, and error events.
  • Website Usage Data. Pages and content viewed, time spent on pages, click patterns, navigation paths, referring and exit URLs, search terms used to reach the Service, and the date and time of your visits.
  • Log Data. Server logs that record access times, pages and endpoints requested, authentication events, error logs, and other diagnostic information.
  • Location Information. General geographic location inferred from your IP address.
  • Audit and Activity Logs. The Service maintains audit logs that record certain user actions for security, compliance, and operational purposes. Audit logs do not record the substance of your inputs or outputs.
  • Cookies and Similar Technologies. Information collected through cookies, session tokens, and similar technologies, as further described in Section 6.

1.3 Information from Third-Party Sources

We may obtain Personal Information about you from third-party sources, including:

  • Business data providers. Publicly available business contact information from professional networking platforms (such as LinkedIn), company websites, industry databases, and business intelligence providers.
  • Analytics providers. Aggregated and individual-level usage data from analytics services.
  • Referral partners. Information from business partners, collaborators, or referral sources who introduce you to iollo.
  • Event and conference organizers. Attendee information from industry events, conferences, and trade shows at which iollo participates.

2. How We Use Your Information

We use the Personal Information we collect for the following purposes:

  • Provide and operate the Service. To provide, maintain, improve, and secure the Service and its features, including the Quinn Platform dashboard, analytical capabilities, and interactive features.
  • Authenticate and manage accounts. To verify your identity, manage your account, enforce access controls, and maintain session security.
  • Respond to inquiries. To respond to your questions, requests, and communications.
  • Marketing and communications. To send you marketing and promotional communications about our products, services, events, and other offerings that may be of interest to you, where permitted by applicable law, including automated email sequences related to your platform activity. You may opt out of marketing communications at any time as described in Section 10.
  • Analytics and improvement. To conduct analytics, research, and reporting on Service usage, user engagement, feature adoption, and the effectiveness of our marketing activities; to identify usage trends, diagnose technical issues, and inform product development.
  • Personalization. To personalize your experience on the Service and tailor content, recommendations, and communications to your interests and preferences.
  • Security and fraud prevention. To detect, prevent, and respond to security incidents, unauthorized access, fraud, abuse, and other harmful or unauthorized activity.
  • Legal compliance. To comply with applicable laws, regulations, legal processes, and governmental requests.
  • Business operations. To support our general business operations, including accounting, auditing, record-keeping, internal reporting, and corporate governance.
  • Enforce agreements. To enforce our Terms of Use, this Policy, and any other agreements or policies.
  • Usage metering. To record operational metadata related to Quinn Platform usage for billing, compliance, and support purposes. Such operational metadata does not include the substance of your inputs or outputs.

Use of Platform Data. If you or your organization have executed an MSA with iollo, the MSA governs how iollo may and may not use Client Data. For Evaluation Access users without an executed MSA, iollo's use of your User Data is governed by the license set forth in the Terms of Use.

De-Identified and Aggregated Data. We may de-identify or aggregate Personal Information collected through the Service such that it can no longer reasonably be used to identify any individual. We may use and disclose such de-identified or aggregated data for any lawful business purpose, including product development, analytics, benchmarking, marketing, and research.

3. Legal Basis for Processing

To the extent required by applicable data protection law (such as the EU General Data Protection Regulation or UK GDPR), we process your Personal Information on the following legal bases:

  • Performance of a contract. Where processing is necessary to perform our obligations under a contract with you (including these Terms of Use or an MSA) or to take pre-contractual steps at your request, such as responding to your inquiry, providing trial access, or operating the Service.
  • Legitimate interests. Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your data protection rights. Our legitimate interests include marketing and business development, Service analytics and improvement, security and fraud prevention, product development, and general business operations.
  • Consent. Where you have provided your consent to the processing of your Personal Information for a specific purpose, such as receiving marketing communications or the use of non-essential cookies. Where processing is based on consent, you have the right to withdraw your consent at any time, as described in Section 10.
  • Legal obligation. Where processing is necessary for compliance with a legal obligation to which iollo is subject.

4. How We Share Your Information

We may share your Personal Information with the following categories of recipients:

4.1 Service Providers

We engage third-party vendors, contractors, and service providers to perform functions on our behalf. These service providers are contractually required to use your Personal Information only as necessary to provide services to us and are bound by confidentiality and data protection obligations at least as protective as those contained in this Policy. Categories of service providers include:

  • Cloud infrastructure and hosting. The Service is hosted on third-party cloud platforms that process request data, IP addresses, and traffic data in the course of delivering the Service.
  • Identity and authentication. User authentication is managed through a third-party identity service that stores your email address, hashed password, and account attributes.
  • Platform functionality. Certain features of the Service rely on third-party service providers for processing. When you use the Service, your inputs and content may be transmitted to and processed by such providers. You should not submit sensitive personal information, trade secrets, or data not authorized for third-party processing through the Service.
  • Email delivery. Transactional emails and automated communication sequences are delivered through a third-party email delivery service that processes your email address and the content of email communications.
  • Internal operations. iollo uses internal tools to manage platform operations and notify the iollo team of certain platform events. These tools receive limited operational information and do not include the substance of your analytical inputs or outputs.

4.2 Business Transfers

In the event of a merger, acquisition, financing, reorganization, bankruptcy, receivership, dissolution, or sale of all or a portion of iollo's assets, your Personal Information may be transferred to the acquiring or successor entity as part of the transaction. We will use reasonable efforts to ensure that any such successor entity is bound by privacy obligations consistent with this Policy.

4.3 Legal Requirements

We may disclose your Personal Information if we believe in good faith that such disclosure is necessary to: (a) comply with applicable law, regulation, legal process, or enforceable governmental request; (b) enforce our Terms of Use or other agreements; (c) detect, prevent, or address fraud, security, or technical issues; or (d) protect the rights, property, or safety of iollo, our users, or the public. Where legally permitted, we will provide you with notice of such disclosure.

4.4 With Your Consent or at Your Direction

We may share your Personal Information with third parties when you have provided your explicit consent or at your direction.

4.5 Affiliates

We may share your Personal Information with our current and future parents, subsidiaries, and affiliates under common control and ownership for the purposes described in this Policy.

4.6 Aggregated and De-Identified Data

We may share aggregate or de-identified data that cannot reasonably be used to identify any individual with third parties for any purpose, including research, analytics, marketing, and product development.

4.7 No Sale of Personal Information

iollo does not sell your Personal Information, as "sell" or "sale" is defined under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), or under any other applicable data protection law. iollo does not share your Personal Information for cross-context behavioral advertising purposes as defined under the CCPA/CPRA.

5. Data Retention

We retain Personal Information only for as long as reasonably necessary to fulfill the purposes for which it was collected, as described in this Policy, or as required or permitted by applicable law. Specific retention practices include:

  • Account and dashboard data: Retained for the duration of your account and for a reasonable period following account closure for legal and compliance purposes.
  • Website analytics data: Generally retained for up to twenty-six (26) months from the date of collection, unless a longer period is required for litigation holds, regulatory requirements, or compliance purposes.
  • Business contact and inquiry data: Retained for the duration of the business relationship and for a reasonable period thereafter for follow-up, business continuity, and compliance purposes.
  • Marketing data: Retained until you opt out of marketing communications, and for a reasonable period thereafter to process the opt-out and maintain suppression lists.
  • Evaluation Access data: Upon expiration or termination of Evaluation Access, iollo may delete User Data and User Content associated with the account in accordance with the Terms of Use. Outputs generated by the Platform during Evaluation Access are iollo's property and may be retained or deleted at iollo's discretion. iollo has no obligation to retain, return, or migrate evaluation data.
  • Client Data (under MSA): Retained and handled in accordance with the applicable MSA.

When Personal Information is no longer needed, we will securely delete, anonymize, or de-identify it. Data may persist in backup and archival systems for a limited period in accordance with our standard retention cycles; such data remains subject to the protections set forth in this Policy.

6. Cookies and Tracking Technologies

6.1 What Are Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites and applications work more efficiently and to provide information to operators. We also use similar technologies such as web beacons, pixel tags, session tokens, and local storage.

6.2 Types of Cookies We Use

  • Strictly Necessary Cookies. These cookies are essential for the Service to function properly. They enable authentication, session management, and access to secure areas of the dashboard. The Service cannot function properly without these cookies, and they cannot be disabled.
  • Functionality Cookies and Local Storage. The Service may use cookies and browser local storage to remember your preferences and to provide enhanced, personalized features.

6.3 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies, limit cookies to specific websites, or receive notifications when a new cookie is set. Please note that disabling or blocking strictly necessary cookies will prevent the dashboard from functioning properly.

For more information about managing cookies in specific browsers, visit your browser's help or support page.

6.4 Do Not Track

The Service does not currently respond to "Do Not Track" browser signals. If a universally accepted standard for responding to such signals is established, we will assess and provide an appropriate response.

7. Data Security

iollo implements appropriate administrative, physical, and technical safeguards designed to protect the security, confidentiality, and integrity of your Personal Information, including:

  • encryption of data in transit and at rest;
  • access controls, authentication mechanisms, and least-privilege access practices;
  • session management controls;
  • incident response and notification procedures; and
  • regular security assessments and monitoring.

While we take commercially reasonable steps to protect your Personal Information, no method of transmission over the Internet and no method of electronic storage is completely secure. We cannot guarantee the absolute security of your Personal Information. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

In the event of a confirmed security breach involving your Personal Information, iollo will notify affected individuals and relevant supervisory authorities in accordance with applicable data breach notification laws.

8. International Data Transfers

iollo is based in the United States. Personal Information collected through the Service is processed and stored in the United States. If you access the Service from outside the United States, your Personal Information will be transferred to, processed, and stored in the United States, which may not provide the same level of data protection as the laws of your jurisdiction.

Where required by applicable law (such as the GDPR or UK GDPR), we rely on appropriate transfer mechanisms to lawfully transfer Personal Information from the European Economic Area (EEA), the United Kingdom, or Switzerland to the United States, including:

  • Standard Contractual Clauses approved by the European Commission;
  • adequacy decisions by the European Commission or the UK Secretary of State; or
  • other lawful transfer mechanisms recognized under applicable data protection law.

By using the Service, you acknowledge that your Personal Information may be transferred to, processed, and stored in the United States as described in this Policy. Where required by applicable law, iollo will ensure that appropriate safeguards are in place prior to any such transfer.

9. Your Privacy Rights

Depending on your jurisdiction, you may have certain rights with respect to your Personal Information, as described below.

9.1 General Rights

Where applicable under law, you may have the right to:

  • Access your Personal Information and obtain a copy of the Personal Information we hold about you.
  • Correct inaccurate or incomplete Personal Information.
  • Delete your Personal Information, subject to certain exceptions.
  • Portability -- receive your Personal Information in a structured, commonly used, machine-readable format and, where technically feasible, transmit it to another controller.
  • Object to the processing of your Personal Information for certain purposes, such as direct marketing.
  • Restrict the processing of your Personal Information under certain circumstances.
  • Withdraw consent where processing is based on your consent, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at privacy@iollo.com. We will respond to your request in accordance with applicable law. We may request additional information to verify your identity before fulfilling your request.

9.2 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • Right to Know. You have the right to request that we disclose the categories and specific pieces of Personal Information we have collected about you, the categories of sources from which the information was collected, the business or commercial purposes for collecting the information, and the categories of third parties with whom we have shared the information.
  • Right to Delete. You have the right to request that we delete Personal Information we have collected from you, subject to certain exceptions.
  • Right to Correct. You have the right to request that we correct inaccurate Personal Information that we maintain about you.
  • Right to Opt Out of Sale or Sharing. iollo does not sell your Personal Information, and does not share your Personal Information for cross-context behavioral advertising purposes, as those terms are defined under the CCPA/CPRA.
  • Right to Limit Use of Sensitive Personal Information. To the extent we collect sensitive Personal Information as defined under the CCPA/CPRA (such as account login credentials), we use such information only as necessary to provide the Service and as permitted by applicable law.
  • Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.

You may exercise your CCPA/CPRA rights by contacting us at privacy@iollo.com or by submitting a request through the contact information set forth in Section 15. You may designate an authorized agent to submit a request on your behalf; we may require written proof of the agent's authorization and may require you to verify your identity directly.

9.3 European Privacy Rights (GDPR / UK GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the rights described in Section 9.1 above, as well as the right to:

  • Lodge a Complaint. You have the right to lodge a complaint with your local data protection supervisory authority if you believe that our processing of your Personal Information violates applicable law.
  • Legal Basis. Information about the legal basis for our processing of your Personal Information is provided in Section 3.

For inquiries or requests related to your GDPR or UK GDPR rights, please contact us at privacy@iollo.com.

9.4 Other Jurisdictions

Data protection laws in other jurisdictions may provide additional rights to individuals. iollo will respond to verifiable requests in accordance with applicable law. If you have questions about your rights under the data protection laws of your jurisdiction, please contact us at privacy@iollo.com.

10. Your Choices

10.1 Marketing Communications

You may opt out of receiving marketing and promotional communications from iollo at any time by: (a) following the unsubscribe instructions included in the communication; or (b) contacting us at privacy@iollo.com. Please note that even if you opt out of marketing communications, we may continue to send you transactional, service-related, and other non-promotional communications (such as account notifications, security alerts, and platform updates).

10.2 Cookies

The Service currently uses only strictly necessary cookies for authentication and session management. These cookies are required for the dashboard to function and cannot be disabled while using the Service.

10.3 Account Information

If you have an account on the Service, you may access, update, or delete your account information by logging into your account settings or by contacting us at privacy@iollo.com. If you wish to close your account, contact support@iollo.com.

11. Client Data and Platform Data

This Privacy Policy governs Personal Information collected through the Service and in iollo's marketing and business development activities. Data submitted to or processed through the Quinn Platform by clients under executed MSAs is governed by the applicable MSA and, where required, by a Data Processing Addendum -- not by this Privacy Policy. For details regarding iollo's data handling commitments under an MSA, please refer to the applicable MSA or contact us at legal@iollo.com.

For Evaluation Access users without an executed MSA, data submitted through the Service is governed by the Terms of Use and this Privacy Policy. Outputs generated by the Platform during Evaluation Access are iollo's property, as described in the Terms of Use.

12. Children's Privacy

The Service is not directed to individuals under the age of eighteen (18). We do not knowingly collect Personal Information from children under 18. If we become aware that we have collected Personal Information from a child under 18, we will take steps to promptly delete such information. If you believe that a child under 18 has provided Personal Information to us, please contact us at privacy@iollo.com.

13. Third-Party Links and Services

The Service may contain links to third-party websites, services, or applications that are not operated or controlled by iollo. This Policy does not apply to the privacy practices of such third parties. We encourage you to review the privacy policies of any third-party service before providing Personal Information to or through them. iollo is not responsible for the privacy practices, content, or security of any third-party website or service.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this Policy and use reasonable efforts to notify you through the Service, by email, or by other reasonable means. Your continued use of the Service after any such update constitutes your acknowledgment of and agreement to the updated Policy. We encourage you to review this Policy periodically for any changes.

15. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

iollo, inc. 2261 Market Street, #4822 San Francisco, CA 94114

Email: privacy@iollo.com

For requests related to the processing of Client Data under the Quinn Platform, please contact us at the address specified in the applicable MSA or at legal@iollo.com.

This Privacy Policy is effective as of the "Last Updated" date set forth above.