Last Updated: March 28, 2026
Account Information. When you sign up, we collect your email address and password. During onboarding, you provide your display name, age, gender, and aura selection.
Profile Information. Your bio, vibe tags, profile photos, and any other details you add to your profile.
Goals and Missions. Your personal goals, mission descriptions, daily win responses, side quest activity, and related progress data ("User DNA").
Messages. Direct messages between you and other users, group chat messages, and your conversations with Krew AI.
Location. Your city, state, and approximate location, collected through browser geolocation (with your permission) or address information you enter, processed via the Google Places API.
Payment Information. When you subscribe, your payment details are collected and processed directly by Stripe. We do not store your credit card number, CVV, or full payment details on our servers. We receive only a confirmation of payment status and subscription details from Stripe.
Contact Form Submissions. Your name, email, subject, and message when you submit a contact form.
Identity Verification Data. If identity verification is required, you may submit a government-issued photo ID and live selfie through our third-party provider, Veriff. This data is processed by Veriff and is not stored on our servers.
Usage Data. Pages you visit, features you use, actions you take within the app, timestamps, and session duration.
Device Information. Browser type, operating system, screen size, and device identifiers.
Cookies and Authentication Tokens. We use cookies and similar technologies to maintain your login session and remember your preferences. We use Supabase for authentication, which stores session tokens in your browser.
We use your information to:
• Operate, maintain, and improve the Service
• Create and manage your account
• Process your subscription and payments through Stripe
• Generate personalized missions, daily wins, and side quests using AI
• Match you with other users based on your goals, interests, and location
• Create and curate community events relevant to your area and interests
• Send ice-breaker messages and facilitate connections between matched users
• Provide Krew AI companion features, including coaching-style support and motivational messages
• Moderate content and enforce our Terms of Service, including keyword filtering and safety rules
• Respond to your contact form submissions and support requests
• Send you notifications related to your activity (matches, messages, quests, events)
• Verify your identity when required
• Analyze usage patterns to improve the Service
• Protect against fraud, abuse, and unauthorized access
We do not sell your personal information. We share your information only in the following circumstances:
• Your display name, bio, vibe tags, aura, city, age range, and profile photos are visible to other users
• Your goals and mission descriptions may be shared with matched users to facilitate connections
• Your messages are visible to the recipients of those messages
• Your precise address is never shared with other users
We use the following third-party services to operate KrewQuest:
• Supabase — database hosting, authentication, and backend infrastructure. Your account data, profile, messages, and app data are stored on Supabase servers.
• Stripe — payment processing. Stripe receives your payment information directly and is subject to Stripe's privacy policy.
• Vercel — application hosting and deployment. Vercel processes web requests and may collect basic request logs.
• Moonshot AI — artificial intelligence services. Your goals, DNA profile, and contextual information are sent to Moonshot AI's API to generate personalized missions, matches, events, and Krew AI responses.
• Google Places API — location services. Address information you provide is sent to Google for geocoding and place suggestions.
• Veriff — identity verification (when enabled). Your photo ID and selfie are processed by Veriff.
• Resend — email delivery. Your email address is used to deliver contact form confirmations and transactional emails.
• Cloudflare — DNS, CDN, and security services. Web traffic passes through Cloudflare's network.
We may disclose your information if required by law, legal process, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account:
• Your profile, messages, goals, DNA, side quests, matches, and all associated data are permanently deleted from our active database
• Deletion is processed promptly, typically within 48 hours of your request
• Some data may be retained in encrypted backups for up to 30 days before being permanently purged
• We may retain anonymized, aggregated data that cannot be used to identify you for analytical purposes
• We may retain certain information as required by law or to resolve disputes
We take reasonable measures to protect your personal information, including:
• Encrypted data transmission (HTTPS/TLS) for all connections
• Row Level Security (RLS) policies on our database to ensure users can only access their own data
• Secure authentication through Supabase with encrypted password storage
• API route protection requiring authentication for all private endpoints
• Content moderation and safety filters to protect against harmful content
However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.
Access and Update. You can view and update your profile information, location, and preferences at any time through your account settings.
Delete Your Account. You can permanently delete your account and all associated data through your account settings. This action is irreversible.
Location. You can update or change your location at any time. Browser geolocation is only collected with your explicit permission.
Notifications. You can manage your notification preferences in your account settings.
Contact Us. You can request information about your data by contacting us at krewquest.com/contact.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion of your personal information, and the right to opt out of the sale of your personal information. We do not sell personal information. To exercise your rights, contact us at krewquest.com/contact.
KrewQuest is not intended for anyone under the age of 18. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected personal information from someone under 18, we will take steps to delete that information promptly. If you believe a minor has provided us with personal information, please contact us at krewquest.com/contact.
The Service may contain links to third-party websites or services that are not owned or controlled by KrewQuest. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the updated policy on the Service and updating the "Last Updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.
If you have questions about this Privacy Policy or our data practices, please contact us at krewquest.com/contact.