Last Updated: June 11, 2026
Account Information. When you sign up, we collect your email address and password. During onboarding, you provide your display name, age, gender, and aura selection.
Profile Information. Your bio, vibe tags, profile photos, and any other details you add to your profile.
Goals and Missions. Your personal goals, mission descriptions, daily win responses, side quest activity, and related progress data ("User DNA").
Quest Completion Photos. Photos you choose to upload when completing quests as proof of completion.
Journal Entries. Notes, reflections, and other content you write in your journal.
Messages. Direct messages between you and other users, group chat messages, and your conversations with Krew AI.
Location. Your city, state, and approximate location, collected through browser geolocation (with your permission) or address information you enter, processed via the Google Places API.
Payment Information. When you subscribe, your payment details are collected and processed directly by Stripe. We do not store your credit card number, CVV, or full payment details on our servers. We receive only a confirmation of payment status and subscription details from Stripe.
Contact Form Submissions. Your name, email, subject, and message when you submit a contact form.
Identity Verification Data. If identity verification is required, you may submit a government-issued photo ID and live selfie through our third-party provider, Veriff. This data is processed by Veriff and is not stored on our servers.
Usage Data. Pages you visit, features you use, actions you take within the app, timestamps, and session duration.
Device Information. Browser type, operating system, screen size, and device identifiers.
Cookies and Authentication Tokens. We use cookies and similar technologies to maintain your login session and remember your preferences. We use Supabase for authentication, which stores session tokens in your browser.
We use your information to:
• Operate, maintain, and improve the Service
• Create and manage your account
• Process your subscription and payments through Stripe
• Generate personalized missions, daily wins, and side quests using AI
• Match you with other users based on your goals, interests, and location
• Display your community activity in the Discover feed (see "With Other Users" below)
• Generate AI-written community posts from Krew, such as welcoming new members by name or celebrating completed quests
• Create and curate community events relevant to your area and interests
• Send ice-breaker messages and facilitate connections between matched users
• Provide Krew AI companion features, including coaching-style support and motivational messages
• Moderate content and enforce our Terms of Service, including keyword filtering and safety rules
• Respond to your contact form submissions and support requests
• Send you notifications related to your activity (matches, messages, quests, events)
• Verify your identity when required
• Analyze usage patterns to improve the Service
• Protect against fraud, abuse, and unauthorized access
We do not sell your personal information. We share your information only in the following circumstances:
• Your display name, bio, vibe tags, aura, city, age range, and profile photos are visible to other users
• Your goals and mission descriptions may be shared with matched users to facilitate connections
• Your messages are visible to the recipients of those messages
• Your precise address is never shared with other users
The Discover feed shows recent community activity to other signed-in users. By default, the following may appear in the feed with your display name:
• When you join KrewQuest (along with your vibe tags)
• When you start a new mission (the mission title is shown only if your mission is set to public; otherwise only the category is shown)
• When you complete a quest, including any quest completion photo you uploaded
• When you match with another user for a shared quest — match activity is shown anonymously, without names, profile photos, or links to either person
• Krew AI may also post to the feed referencing your display name and activity, such as welcoming you when you join or celebrating a quest you completed
Feed visibility is on by default. You can turn it off at any time in Settings ("Show my activity in Discover"), which also hides your past activity from the feed. Other users can react to your feed activity ("hype"), add you as a friend, and view a profile card showing your display name, profile photo, aura, city, bio, and vibe tags.
We use the following third-party services to operate KrewQuest:
• Supabase — database hosting, authentication, and backend infrastructure. Your account data, profile, messages, and app data are stored on Supabase servers.
• Stripe — payment processing. Stripe receives your payment information directly and is subject to Stripe's privacy policy.
• Vercel — application hosting and deployment. Vercel processes web requests and may collect basic request logs.
• Moonshot AI — artificial intelligence services. Your goals, DNA profile, journal entries, and contextual information are sent to Moonshot AI's API to generate personalized missions, matches, events, ice-breaker messages, community feed posts, and Krew AI responses.
• Google Places API — location services. Address information you provide is sent to Google for geocoding and place suggestions.
• Veriff — identity verification (when enabled). Your photo ID and selfie are processed by Veriff.
• Resend — email delivery. Your email address is used to deliver contact form confirmations and transactional emails.
• Cloudflare — DNS, CDN, and security services. Web traffic passes through Cloudflare's network.
We may disclose your information if required by law, legal process, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account:
• Your profile, messages, goals, DNA, side quests, matches, and all associated data are permanently deleted from our active database
• Deletion is processed promptly, typically within 48 hours of your request
• Some data may be retained in encrypted backups for up to 30 days before being permanently purged
• We may retain anonymized, aggregated data that cannot be used to identify you for analytical purposes
• We may retain certain information as required by law or to resolve disputes
We take reasonable measures to protect your personal information, including:
• Encrypted data transmission (HTTPS/TLS) for all connections
• Row Level Security (RLS) policies on our database to ensure users can only access their own data
• Secure authentication through Supabase with encrypted password storage
• API route protection requiring authentication for all private endpoints
• Content moderation and safety filters to protect against harmful content
However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.
Access and Update. You can view and update your profile information, location, and preferences at any time through your account settings.
Export Your Data. You can download a copy of your personal data as a JSON file at any time from your account settings.
Delete Your Account. You can permanently delete your account and all associated data through your account settings. This action is irreversible.
Location. You can update or change your location at any time. Browser geolocation is only collected with your explicit permission.
Activity Feed. You can stop your activity from appearing in the Discover feed at any time using the "Show my activity in Discover" toggle in Settings. Turning it off also hides your previously posted activity from the feed.
Notifications. You can manage your notification preferences in your account settings.
Contact Us. You can request information about your data by contacting us at krewquest.com/contact.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion of your personal information, and the right to opt out of the sale of your personal information. We do not sell personal information. To exercise your rights, contact us at krewquest.com/contact. You can also exercise your rights to access and deletion directly: download a copy of your data or delete your account at any time from your account settings.
KrewQuest is operated from the United States. If you are located in the European Economic Area, the United Kingdom, or Switzerland, your personal data is transferred to and processed in the United States, and you have the following rights under the General Data Protection Regulation (GDPR) and equivalent laws:
• Access and portability — download a copy of your personal data at any time from your account settings
• Rectification — correct your information through your profile and account settings
• Erasure — permanently delete your account and associated data from your account settings
• Restriction and objection — limit how your data is used, including turning off activity feed visibility in Settings, or contact us to object to other processing
• Complaint — lodge a complaint with your local data protection authority
We process your personal data on the following legal bases: performance of our contract with you (operating the Service, generating your missions and matches), our legitimate interests (safety, moderation, and improving the Service), and your consent where we ask for it (such as browser geolocation). Where processing is based on consent, you may withdraw it at any time. To exercise any right you cannot complete through your settings, contact us at krewquest.com/contact.
KrewQuest is not intended for anyone under the age of 18. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected personal information from someone under 18, we will take steps to delete that information promptly. If you believe a minor has provided us with personal information, please contact us at krewquest.com/contact.
The Service may contain links to third-party websites or services that are not owned or controlled by KrewQuest. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the updated policy on the Service and updating the "Last Updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.
If you have questions about this Privacy Policy or our data practices, please contact us at krewquest.com/contact.