RISING TRANSFERS®
Lie Detector

Privacy Policy

Last updated: 23 February 2026

1. Data Controller

The data controller for personal data collected through Rising Transfers (risingtransfers.com) is:

  • Company name: QUANTUM ERA LTD
  • Company number: 16751985 (registered in England and Wales)
  • Registered office: Suite 34708-5, 61 Bridge Street, Kington, United Kingdom, HR5 3DJ
  • Privacy contact: [email protected]

In this policy, “we”, “us”, and “our” refer to Quantum Era Ltd.

2. Data We Collect

2.1 Account Data

When you create an account, we collect your email address and display name. Authentication is handled via secure third-party providers (e.g. Google, GitHub). We do not store passwords.

2.2 Usage Data

We collect anonymised usage analytics (page views, feature usage) via Vercel Analytics, subject to your cookie consent preferences. This data is aggregated and cannot identify individual users.

2.3 Payment Data

Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account details, or other financial credentials on our servers. We only receive confirmation of successful transactions.

3. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract — Processing necessary to provide the Rising Transfers service (Article 6(1)(b))
  • Consent — Analytics cookies are only loaded after you give explicit consent via our cookie banner (Article 6(1)(a))
  • Legitimate interests — Platform security, fraud prevention, and service improvement (Article 6(1)(f))

4. How We Use Your Data

  • To provide and maintain the Rising Transfers service
  • To manage your account and credit balance
  • To improve our AI analysis and platform features
  • To communicate service updates (opt-in only)

We do NOT sell your personal data to third parties. We do NOT use your data for targeted advertising.

5. Cookies & Third-Party Services

We categorise cookies into the following types:

CategoryPurposeConsent Required
EssentialAuthentication, session management, securityNo (strictly necessary)
AnalyticsVercel Analytics & Speed Insights (anonymised performance metrics)Yes

We do not use third-party advertising trackers, retargeting pixels, or social media tracking cookies. Analytics scripts are loaded only after you accept cookies via our consent banner. You can withdraw consent at any time by clearing your browser cookies.

Third-Party Service Providers

  • Supabase — Authentication and database hosting (data encrypted at rest and in transit)
  • Vercel — Frontend hosting and anonymised analytics
  • Stripe — Payment processing (PCI DSS Level 1 compliant)

6. International Data Transfers

Your data may be processed and stored in data centres located in the United States and the European Economic Area (EEA) through our service providers (Vercel, Supabase). Where data is transferred outside the UK, we rely on:

  • The UK Extension to the EU-US Data Privacy Framework (UK-US Data Bridge) for transfers to certified US organisations
  • Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO) where applicable

7. Data Storage & Security

Your data is stored securely using Supabase (PostgreSQL) with encryption at rest (AES-256) and in transit (TLS 1.2+). We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction.

8. Your Rights

Under UK GDPR and CCPA, you have the following rights:

  • Access — Request a copy of your personal data (Subject Access Request)
  • Rectification — Correct inaccurate personal data
  • Erasure — Request deletion of your personal data (“right to be forgotten”)
  • Portability — Receive your data in a structured, machine-readable format
  • Restriction — Request restriction of processing in certain circumstances
  • Objection — Object to processing based on legitimate interests
  • Withdraw consent — Withdraw previously given consent at any time
  • Opt-out of Sale (CCPA) — We do not sell personal data, but you may exercise this right regardless

We will respond to valid requests within 30 calendar days, as required by UK GDPR. To exercise any of these rights, email us at [email protected].

Right to Complain

If you are unsatisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

9. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, your personal data will be permanently removed within 30 days. Anonymised analytics data may be retained indefinitely as it cannot be linked to an individual.

10. Age Requirement

Rising Transfers is not directed at individuals under 18 years of age. We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected data from a person under 18, please contact us immediately at [email protected].

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or in-app notification. Continued use of the platform constitutes acceptance of the updated policy.

12. Contact

For privacy-related enquiries, contact us at [email protected] or via X (Twitter) at @RisingAI_.