Skip to main content
Sign InSign Up
← Back to Home

Privacy Policy

Last Updated: January 22, 2026

1. Introduction

Queel ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our video-first professional networking platform ("Platform" or "Service").

This policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), UAE Personal Data Protection Law (PDPL), Saudi Arabia Personal Data Protection Law (PDPL), and other applicable data protection laws. By using Queel, you agree to the collection and use of information in accordance with this policy.

2. Data Controller Information

Queel is the data controller responsible for your personal data.

Contact Information:
Email: privacy@queel.com
Data Protection Officer: dpo@queel.com
Address: Dubai, United Arab Emirates

3. Information We Collect

3.1 Information You Provide Directly

  • Account Information: Email address, password, full name
  • Profile Information: Bio, headline, location, current role, industry
  • Professional Information: Work experience, education history, skills, certifications
  • Video Content: Video introductions, application videos, company videos, and related metadata
  • Resume/CV: Professional documents you upload
  • Communication Data: Messages, comments, job applications, and platform interactions

Note: Queel does not currently collect payment or credit card information. All features are provided free of charge today. When paid plans launch, this policy will be updated to describe the payment processor used and the data collected for billing.

3.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent, search queries, click patterns
  • Device Information: IP address, browser type, operating system, device type, screen resolution
  • Location Data: Approximate geographic location based on IP address
  • Cookies and Tracking: Session cookies, analytics cookies, preference cookies (see Cookie Policy)
  • Log Data: Server logs, access times, error reports, security events

3.3 Information from Third Parties

  • OAuth Providers: If you sign up via Google or LinkedIn, we receive your email and basic profile information
  • Public Sources: Publicly available professional information to verify profiles and prevent fraud

4. How We Use Your Information

We process your personal data for the following purposes under applicable legal bases:

Contract Performance (GDPR Art. 6(1)(b))

  • Provide and maintain the Platform and its features
  • Process job applications and connect you with employers
  • Enable video uploads, streaming, and professional networking
  • Facilitate messaging between users and companies

Legitimate Interests (GDPR Art. 6(1)(f))

  • Improve and optimize the Platform through usage analytics
  • Prevent fraud, abuse, and enhance security
  • Analyze usage patterns and performance metrics
  • Personalize your experience and provide relevant job recommendations
  • Conduct research and development for new features

Consent (GDPR Art. 6(1)(a))

  • Send marketing communications (you can opt out anytime)
  • Use analytics and advertising cookies (configurable)
  • Share your profile with third-party recruiters (opt-in only)

Legal Obligation (GDPR Art. 6(1)(c))

  • Comply with legal requirements and regulations
  • Respond to law enforcement requests
  • Maintain records for tax and accounting purposes
  • Report data breaches to authorities when required

5. Data Sharing and Disclosure

We do not sell your personal information to third parties.

We share your data only in the following circumstances:

5.1 With Your Consent

  • Employers: When you apply to jobs, your application materials (video, resume, profile) are shared with the hiring company
  • Public Profile: Information you choose to make public is visible to other users and search engines
  • Third-Party Recruiters: Only if you explicitly opt-in to sharing your profile

5.2 Service Providers

We share data with trusted service providers who assist us in operating the Platform:

  • Cloud Hosting: Amazon Web Services (AWS) for data storage and infrastructure
  • Email Service: SendGrid/AWS SES for transactional and notification emails
  • Analytics: Google Analytics (anonymized IP) for usage statistics
  • Video Processing: FFmpeg and cloud transcoding services for video optimization
  • Customer Support: Intercom or Zendesk for support ticket management

All service providers are bound by Data Processing Agreements (DPAs) and comply with GDPR, CCPA, and other applicable regulations.

5.3 Legal Requirements

We may disclose your data if required by law, court order, or governmental authority, or to:

  • Enforce our Terms of Service
  • Protect the safety, rights, and property of Queel, our users, or the public
  • Prevent fraud, security threats, or illegal activities
  • Comply with regulatory investigations

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred to the acquiring entity. You will be notified via email and/or a prominent notice on the Platform of any such change in ownership or control of your personal information.

6. Data Storage and Security

6.1 Where We Store Your Data

Your data is stored on secure servers operated by Amazon Web Services (AWS) in the following regions:

  • European Union Users: EU-West (Ireland)
  • GCC Users (UAE, Saudi Arabia): Middle East (Bahrain)
  • United States Users: US-East (Virginia)

International data transfers comply with GDPR requirements through Standard Contractual Clauses (SCCs) approved by the European Commission.

6.2 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access, multi-factor authentication for staff
  • Regular Audits: Security audits, penetration testing, vulnerability scanning
  • Monitoring: 24/7 security monitoring and automated threat detection
  • Data Minimization: We collect only necessary data and delete when no longer needed
  • Secure Development: Secure coding practices, regular security training for developers
  • Incident Response: Documented breach notification procedures

6.3 Data Retention

We retain your data for as long as necessary to provide our services:

  • Active Accounts: Data retained until you delete your account
  • Deleted Accounts: Complete removal within 30 days of deletion request
  • Messages: Retained for 2 years by default (configurable in settings: 30d, 90d, 180d, 365d, 2 years, or forever)
  • Videos: Retained until you delete them or your account
  • Job Applications: Retained for 1 year after application
  • Audit Logs: Security logs retained for 7 years for compliance purposes
  • Backups: Backup data deleted within 90 days of account deletion

7. Your Privacy Rights

Depending on your location, you have the following rights regarding your personal data:

Right to Access (GDPR Art. 15, CCPA)

Request a copy of all personal data we hold about you. Available via Settings → Privacy → Data Export. You'll receive a ZIP file with all your data in JSON format within 48 hours.

Right to Rectification (GDPR Art. 16, CCPA)

Correct inaccurate or incomplete data. Edit your profile, work experience, and education at any time in Settings → Profile.

Right to Erasure / Right to Delete (GDPR Art. 17, CCPA)

Request deletion of your account and all associated data. Available via Settings → Privacy → Delete Account. Your account will be permanently deleted after a 30-day grace period.

Right to Data Portability (GDPR Art. 20, CCPA)

Receive your data in a machine-readable format (JSON) to transfer to another service. Available via Data Export feature.

Right to Restriction of Processing (GDPR Art. 18)

Request that we temporarily stop processing your data while maintaining storage. Contact privacy@queel.com or use the account restriction feature in Settings.

Right to Object (GDPR Art. 21, CCPA)

Object to processing based on legitimate interests. You can opt out of marketing emails, analytics cookies, and third-party data sharing in Settings → Privacy.

Right to Opt-Out of Sale (CCPA)

We do not sell your personal information. However, you can enable "Do Not Sell My Personal Information" in Settings → Privacy for additional assurance.

Right to Human Review (GDPR Art. 22)

You can request human review of any automated decision that materially affects you (e.g. recommendation ranking, job matching). See section 7.bis for what is automated and how the score is calculated; email privacy@queel.com to request review or to disable personalization.

How to Exercise Your Rights

To exercise any of these rights:

Response Time: We will respond to your request within 30 days (GDPR) or 45 days (CCPA).

You also have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

7.bis Automated Decision-Making & Recommendations (GDPR Article 22)

Queel uses automated systems to rank which videos, jobs, and people we surface to you. Under Article 22 of the GDPR you have the right to know that this profiling happens, what signals feed it, and to request human review of any meaningful outcome.

7.bis.1 What is automated

  • Video recommendations in your feed and the “next up” queue.
  • People suggestions in Discover and on the home screen.
  • Job matches shown on your dashboard and via email.

7.bis.2 How the score is calculated

Each candidate item is scored with a weighted combination of:

  • Collaborative filtering — what users with similar viewing or hiring history have engaged with.
  • Content scoring — your stated skills, role, and headline matched against the item’s tags and metadata.
  • Profile match — explicit preferences you set (location, industry, connection goals).
  • Trending signals — recent engagement (views, likes, applications) on the item, decayed over time.

The system does not consider race, religion, political opinions, sexual orientation, or other special-category data under Article 9.

7.bis.3 Your rights

  • See why something was recommended. Tap the “Why am I seeing this?” action on any recommended video, person, or job for a plain-language explanation of the primary signals that contributed to the score.
  • Request human review of any automated decision that has a meaningful impact on you (for example, being filtered out of a job match). Email privacy@queel.com — we respond within 30 days.
  • Turn off personalization. In Settings → Privacy → Personalization you can disable algorithmic ranking; we’ll fall back to reverse-chronological listings.
  • Object or correct inputs. Updating your profile (headline, skills, preferences) directly changes the inputs the model uses, so corrections take effect on the next refresh.

We do not use automated decisions to make legally binding determinations about you, and recommendations are advisory only — humans make the final hiring, messaging, and connection decisions.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. You can manage cookie preferences at any time in Settings → Privacy → Cookie Preferences.

8.1 Types of Cookies

Cookie TypePurposeDurationConsent
EssentialSession management, authentication, securitySessionNot required
FunctionalRemember preferences, language settings1 yearNot required
AnalyticsUsage statistics, performance monitoring2 yearsYes (opt-out)
AdvertisingPersonalized ads (currently not used)N/AYes (opt-in)

8.2 Cookie Declaration

The table below lists every cookie set on queel.com, the third party (if any) that issues it, what it is used for, and how long it persists. We refresh this list as our cookie usage changes; the “Last reviewed” date below the table reflects the most recent audit.

Cookie NamePurposeDurationTypeThird Party
access_tokenAuthenticated session (JWT). Required to keep you logged in.~15 minutesEssentialNo (first-party, HttpOnly)
refresh_tokenRe-issues your access token without re-login. Required for session continuity.7 days (rotated)EssentialNo (first-party, HttpOnly)
csrftokenCSRF protection for state-changing requests (Django).1 yearEssentialNo (first-party)
sessionidServer-side session tracking for active devices and security audit.SessionEssentialNo (first-party)
queel_cookie_consentStores your cookie banner choices so we don't ask again on every visit.12 monthsEssentialNo (first-party)
themeRemembers your light/dark mode preference.1 yearFunctionalNo (first-party)
localeStores your language preference.1 yearFunctionalNo (first-party)
_ga, _ga_*Google Analytics 4 visitor and session identification (IP-anonymized).2 yearsAnalyticsYes — Google LLC
_gidGoogle Analytics short-term user distinction.24 hoursAnalyticsYes — Google LLC

Last reviewed: 20 May 2026. If you spot an undeclared cookie set by Queel, email privacy@queel.com.

8.3 Managing Cookies

You can control cookies through:

  • Our Cookie Preferences Center: Settings → Privacy → Cookie Preferences
  • Your browser settings (may limit platform functionality)
  • Browser extensions like Privacy Badger or uBlock Origin

8.4 Third-Party Tracking

We use Google Analytics with anonymized IP addresses to understand platform usage. We do not use cross-site tracking or share data with advertising networks. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

9. Children's Privacy

Queel is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe we have inadvertently collected data from a child, please contact us immediately at privacy@queel.com, and we will delete it promptly.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure all international transfers comply with applicable data protection laws:

  • EU to US Transfers: Standard Contractual Clauses (SCCs) approved by the European Commission
  • GCC Transfers: Adequacy assessments and appropriate safeguards
  • Service Providers: All data processors sign Data Processing Agreements (DPAs)

11. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify relevant supervisory authorities within 72 hours (GDPR, UAE PDPL, KSA PDPL)
  • Notify affected users without undue delay if the breach poses a high risk
  • Provide information about the nature of the breach, potential consequences, and mitigation measures
  • Maintain a record of all data breaches for compliance purposes

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes via:

  • Email to your registered email address
  • A prominent notice on the Platform
  • Push notification (if you've enabled notifications)

Continued use of Queel after changes to this policy constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: privacy@queel.com

Data Protection Officer: dpo@queel.com

Support: support@queel.com

Address: Dubai, United Arab Emirates

Response Time: We respond to privacy requests within 30 days (GDPR) or 45 days (CCPA)

Appendix: Data Processing Summary

This summary is provided for transparency and GDPR Article 30 compliance:

Data Controller: Queel

DPO Contact: dpo@queel.com

Data Subjects: Job seekers, employers, platform users

Processing Purposes: Job matching, networking, communication

Data Categories: Contact details, professional info, videos, usage data

Recipients: AWS, SendGrid, Google Analytics

Transfers: EU-US (SCCs), GCC (adequacy)

Retention: Active: indefinite; Deleted: 30 days; Logs: 7 years

Security: TLS 1.3 encryption in transit, AES-256 encryption at rest, role-based access controls, 24/7 monitoring, regular security audits

Regulatory Authorities

You have the right to lodge a complaint with your local data protection authority:

  • European Union: Your local supervisory authority (find your authority)
  • United Kingdom: Information Commissioner's Office (ICO) - ico.org.uk
  • California: California Attorney General - oag.ca.gov/privacy/ccpa
  • UAE: Office for the Regulation of Data Protection (OCPD) - privacy@tdra.gov.ae
  • Saudi Arabia: Saudi Data & AI Authority (SDAIA) - sdaia.gov.sa

This Privacy Policy was last updated on January 22, 2026.
Previous versions are available upon request at privacy@queel.com.

Privacy Policy | Queel | Queel