QLRO
Transparency

Data Policy

Exactly what Qlro stores when you run a recommendation, what we never collect, and why the stored row is part of the citation chain.

Effective 2026-06-05 · Methodology DOI 10.5281/zenodo.19785800

Stored

  • Workload context

    Category, goal, accuracy / response-time / scale / audit-level selections you submit through the configurator or the SDK.

  • Normalised circuit shape

    Qubit count, circuit depth, 1-qubit and 2-qubit gate counts, measurement count, and a deterministic circuit hash. We do not store the source QASM text or your Python source.

  • Recommendation output

    Top pick, runner-up, full ranking, per-axis fit scores, uncertainty, and the snapshot commit referenced for this run.

  • Outcome feedback (optional)

    Predicted vs observed fidelity, retry events, selected / rejected backends — submitted only through qlro.log_outcome() or the autolog hook. Empty if you never call them.

  • Provenance metadata

    Snapshot commit, scoring version, timestamp, qlro SDK version. Lets a third party reproduce the same ranking from the same inputs.

Never collected

  • Provider credentials

    IBM Quantum API tokens, AWS Braket keys, Azure Quantum secrets, Quantinuum / IonQ / Pasqal / Atom Computing access tokens. We never see them, by design — qlro runs locally against your provider session.

  • Generic secrets

    API keys, SSH keys, .env values, notebook secret cells, OAuth tokens for unrelated services.

  • Local file system

    Raw file paths, file contents outside the circuit you explicitly pass, working-directory listings.

  • Operating-system environment

    Environment variables, shell history, system identifiers, hardware fingerprints.

  • Personal identity beyond your sign-in email

    We use the email tied to your Google or GitHub sign-in for account and quota accounting. We do not collect a phone number, a billing address, or third-party identity beyond what oauth returns.

Learning use

  • ·Stored data may inform the next snapshot release. Snapshots are versioned and pinned by commit hash; old recommendations stay reproducible.
  • ·If an outcome you submit contradicts the prediction, that pair becomes a training signal for the next scoring revision. We never overwrite your historical recommendation — we re-rank in a future snapshot only.
  • ·We do not sell stored data, share it with vendors, or pass it to a third-party analytics provider beyond the cookie-free Vercel Analytics aggregate used to debug the site.
  • ·The stored data is what makes Qlro recommendations citable: the methodology DOI plus the snapshot commit plus the parameters you submitted let any reviewer reproduce the ranking.

Retention and deletion

  • ·Recommendation records and outcome feedback are retained for the lifetime of your account by default. We do not auto-delete because the citation chain (decision record → snapshot → paper DOI) breaks if we silently drop runs.
  • ·You can delete any individual run or your entire account via /settings → Delete account. Deletion removes the run and outcome rows; aggregate snapshot statistics already published are preserved.
  • ·If you require contractual data retention controls (custom TTL, regional storage, customer-managed key, audit log export), that is an Enterprise topic — contact us via the partner channel.
Related transparency surfaces
Independence statement →Live accuracy →Audit anatomy →Privacy policy →