Trust Center

Welcome to the QCarder Trust Center.

Your digital identity is one of your most important assets. At QCarder (owned by ASTROSIST Inc.), trust isn’t a feature – it’s the foundation of everything we build: virtual profiles, digital business cards, and the tools your team uses every day.

This page explains how we approach security, privacy, reliability, and compliance across the QCarder platform.

1. Our Commitment to Trust

We design QCarder with three core principles:

• Secure by default – Strong controls, modern infrastructure, and defence-in-depth.
• Privacy-first – You stay in control of your data. We never sell your personal data.
• Reliable for business – Built to support teams and organisations that depend on QCarder daily.

2. Security by Design

2.1 Governance and Responsibility

• Security is a shared responsibility across the company, not just a single team.
• Access to production systems is limited and role-based, granted only to staff who need it for their work.
• Employees receive regular training on security, privacy, and acceptable use of data.

• QCarder is hosted on reputable, industry-leading cloud providers with strong physical and network security controls.
• We use network segregation, firewalls, and access controls to protect internal systems and environments.
• Production and test environments are logically separated to reduce risk.

• We follow secure software development practices, including code review and testing before deployment.
• Authentication uses industry-standard practices (such as hashed passwords, and where supported, multi-factor authentication (MFA)).
• We monitor for abnormal activity and errors to detect and respond to issues quickly.

• Data is encrypted in transit using HTTPS/TLS.
• Data is encrypted at rest using encryption provided by our infrastructure providers.

3. Privacy & Data Protection

3.1 Privacy by Design

• QCarder is built with privacy by design and privacy by default in mind.
• We collect only the data we need to operate and improve the service, and we provide clear information in our Privacy Notice and Data Processing Agreement (DPA).

• When we process personal data on behalf of our customers, we do so under a Data Processing Agreement (DPA) that defines our roles and obligations.
• We support customers in the EEA, UK, and Switzerland by using appropriate safeguards for international data transfers, as described in the DPA.

• We rely on carefully selected subprocessors to provide hosting, analytics, email delivery, and related services.
• We maintain a public Subprocessors page that lists these providers and their roles, and we contractually require them to implement suitable data protection and security measures.

4. Reliability & Availability

• QCarder is provided as a cloud-based service, designed for continuous operation.
• We use redundant infrastructure components (where available) to reduce single points of failure.
• Regular backups are performed for key service data to support recovery in case of an incident.
• Planned maintenance is scheduled to minimize impact, and we communicate significant changes or maintenance where appropriate.

5. Compliance & Best Practices

• Our security and privacy controls are aligned with industry best practices for modern SaaS platforms.
• We regularly review and improve our technical and organisational measures to stay current with evolving threats and regulatory expectations.
• Where relevant, we may collaborate with external experts (e.g. security professionals or legal counsel) to review our controls and obligations.

6. Responsible Data Use

• We do not sell your personal data.
• We use data to operate, secure, and improve QCarder and to support you (for example, troubleshooting, analytics, and product development) as described in our Privacy Notice and Cookie Policy.
• Customers maintain control over their own Customer Data (such as profile and business card content) and can request deletion or export according to our product capabilities and legal obligations.

• Privacy Notice
• Data Processing Agreement (DPA)
• Subprocessors
• Cookie Policy

7. Your Controls & Responsibilities

Trust is a partnership. While QCarder provides a secure and reliable platform, customers also play an important role:

• Configure access controls, roles, and permissions for your team.
• Use strong, unique passwords and enable MFA where available.
• Review your organisation’s data classification, retention, and privacy policies and configure QCarder accordingly.
• Keep your contact and billing details up to date for security and account notifications.

8. Reporting Security Issues

If you believe you have discovered a security vulnerability or issue affecting QCarder:

• 1. Please contact us as soon as possible at:
• 2. 📧security@qcarder.com(placeholder – use your real inbox)
• 3. Provide a clear description of the issue, steps to reproduce if possible, and any relevant screenshots or logs.
• 4. Do not publicly disclose the issue before we’ve had a reasonable opportunity to investigate and address it.

• acknowledge receipt of your report,
• investigate the issue, and
• work to remediate any verified vulnerabilities.

9. Key Resources

For more detailed information, you can review:

• Privacy Notice
• Terms of Service
• Data Processing Agreement (DPA)
• Subprocessors
• Acceptable Use Policy
• Cookie Policy
• Refund Policy
• Shipping & Delivery Policy

10. Contact

If you have questions about security, privacy, or compliance at QCarder, you can reach us at:

• 📧 General inquiries: support@qcarder.com
• 📧 Privacy & data protection: privacy@qcarder.com
• 📧 Security issues: security@qcarder.com