Privacy Policy

Quitiq is designed and deployed with rigorous research governance at its core. The platform supports institutions, investigators, and research teams in managing participant data responsibly while aligning with established ethical frameworks and regulatory obligations. All data activities conducted through Quitiq should adhere to institutional review board (IRB) requirements, informed consent standards, and applicable local and international privacy regulations, including but not limited to GDPR, HIPAA, and other relevant data protection laws where applicable.

Our governance model emphasizes accountability, transparency, and participant autonomy. Researchers retain responsibility for ensuring that study protocols, recruitment processes, and data handling practices meet the ethical thresholds defined by their institutions and oversight bodies. Quitiq provides the infrastructure to operationalize these requirements securely and efficiently.

Data Minimization

Quitiq follows the principle of data minimization by design. Researchers are encouraged—and technically enabled—to collect only the data strictly necessary to address predefined research objectives and hypotheses.

By limiting unnecessary data capture, studies can:

• Reduce participant privacy risk
• Improve data security posture
• Streamline storage and processing requirements
• Maintain regulatory compliance more easily

Customizable survey logic, selective field deployment, and scoped data schemas ensure that superfluous personally identifiable information (PII) or sensitive attributes are not collected without clear justification. This approach aligns with global best practices in ethical research and privacy engineering.

Participant Consent

Ethical research begins with informed, voluntary participation. Quitiq supports robust consent management workflows that prioritize clarity, transparency, and participant comprehension.

Key consent considerations include:

• Plain-language disclosures explaining study purpose, procedures, and risks
• Explicit data usage statements outlining how information will be stored, analyzed, and shared
• Withdrawal rights allowing participants to opt out where legally and operationally feasible
• Documentation records of consent capture for audit and compliance review

Researchers can embed consent forms directly within study flows, ensuring participants review and affirm consent before contributing data. This structured approach strengthens ethical defensibility and institutional compliance.

Secure Architecture

Quitiq is built on a security-first architectural framework designed to safeguard research data across its lifecycle—from collection to storage to analysis.

Security controls include:

• Role-based access controls (RBAC) to restrict data access to authorized personnel only
• Encrypted data transmission using industry-standard protocols (e.g., TLS)
• Secure data storage environments with monitored infrastructure
• Audit logging to track access and administrative actions
• Environment segregation to protect production datasets

These measures help mitigate risks such as unauthorized access, data leakage, and interception during transmission. Security practices are continuously reviewed and updated to align with evolving cybersecurity standards and threat landscapes.

Ethical Data Stewardship

Beyond technical safeguards, Quitiq promotes a culture of ethical data stewardship. Researchers are expected to evaluate not only what data can be collected, but what data should be collected. Respect for participant dignity, confidentiality, and contextual sensitivity remains paramount—particularly when working with vulnerable populations or stigmatized health conditions.