Privacy Policy
This Privacy Policy describes how Questify (“we”, “us”, “our”) collects, uses, shares, and protects information when you use the Questify mobile application (the “App”). We've written it to be readable. Where law requires technical legal terms, we use them; where it doesn't, we use plain English.
If you have questions, email rtrivv@gmail.com.
1. Who we are
Questify is a hyperlocal marketplace where people post real-world quests (tasks, favors, errands) and others nearby accept and complete them. The App is operated by Vladimir Rakočević, a sole operator based in Montenegro (contact details in §14). Questify is not (yet) incorporated as a separate legal entity; the operator is the responsible data controller.
We act as the data controller for the personal information you provide while using the App.
2. What we collect, and why
We collect the minimum information needed to make the App work. Categories below, grouped by purpose.
2.1 Account and profile data
| Data | Source | Why |
|---|---|---|
| Email address | You (signup) or Apple/Google SSO | Authentication, account recovery, important notices |
| Display name (handle) | You | Public identifier so others can recognize you |
| Avatar image | You (uploaded) or built-in selection | Public identifier |
| Apple / Google user identifier | Apple / Google during SSO | Sign-in mechanism |
| Push notification token (FCM) | Your device | Sending you notifications about quests and messages |
| Account creation date, last sign-in | Automatic | Account management, fraud prevention |
| Date of birth (month and year) | You (age screen at sign-up) | Confirming you meet our 18+ age requirement; evidencing the age check |
2.2 Quest activity
| Data | Why |
|---|---|
| Quests you post (title, description, category, photos, location) | Operating the marketplace |
| Quests you accept, complete, or cancel | Operating the marketplace, reputation |
| Chat messages and attachments inside quest chats | Communication between participants |
| Coin balance and transaction history (rewards, transfers, gifts) | Operating the in-app economy |
| Ratings you give and receive | Reputation system |
| Reports and disputes you file or are involved in | Safety, moderation |
2.3 Location
We process location data only when you choose to share it: when posting a quest with a location, when filtering quests by distance on the map, or when proving completion with a location proof. We never track your location passively or in the background.
2.4 Identity verification (optional)
Identity verification is entirely optional and is not required to use the core marketplace. If you choose to verify, the check is carried out by an independent third-party identity-verification provider. The provider inspects a government-issued identity document and a live selfie on its own systems and returns to us only the outcome (verified / not verified) plus minimal confirmation data — such as a verification reference and confirmation that you are over 18.
We do not receive or store your identity document, your selfie, or any biometric template. Those are held and processed by the provider, under its own privacy terms, on infrastructure located in the EU. Identity/biometric data is special category data under Article 9 GDPR and is processed only with your explicit consent, given to the provider when you start the flow. You can decline verification with no loss of core functionality.
2.5 Device and technical data
| Data | Source | Why |
|---|---|---|
| Device model and operating system version | Your device | Compatibility, debugging |
| App version | Your device | Compatibility, debugging |
| Crash reports (anonymized stack traces, device class) | Firebase Crashlytics | Diagnosing and fixing crashes |
| IP address (transient) | Your network | Required for any internet connection; not stored |
We do not collect: contacts, photos outside of those you explicitly upload, microphone audio, calendar events, browsing history outside the App, advertising identifiers, biometric data (any biometric check during optional identity verification is performed by the third-party provider and never reaches us — see §2.4), or your device's other apps.
We do not use cookies (this is a native mobile app, not a website).
3. Legal basis for processing (GDPR)
We process your data on these legal bases:
| Activity | Legal basis |
|---|---|
| Running your account, completing quests you initiated | Contract — necessary to provide the service you signed up for |
| Confirming you are 18+ (date of birth at the age screen) | Legitimate interest / legal obligation — preventing minors from using an adults-only service |
| Sending essential service notifications | Contract |
| Optional identity verification | Explicit consent (Art. 9 GDPR) — you opt in; the verification provider acts as a separate controller for the document and biometric check, and we receive only the result |
| Reputation system (ratings, trust score, cancellation flags) | Legitimate interest — required for marketplace safety; balanced against your interests |
| Crash diagnostics | Legitimate interest — required to keep the App working |
| Optional marketing or promotional notifications | Consent — you opt in, and can withdraw at any time in Settings |
| Compliance with legal obligations (e.g. responding to court orders) | Legal obligation |
You can withdraw consent for any consent-based processing at any time. Withdrawal doesn't affect processing already done in reliance on your consent.
4. Who we share data with
We do not sell your personal data. Ever.
We share specific data with specific service providers acting as data processors on our behalf:
| Provider | What they receive | Purpose | Where they process it |
|---|---|---|---|
| Supabase (Supabase Inc., USA) | Account data, quest data, messages, ratings, transactions — basically everything | Backend hosting, database, authentication, file storage | Our Supabase project is hosted in the EU (Frankfurt, eu-central-1) |
| Firebase (Google LLC, USA) | Push notification tokens, anonymized crash diagnostics | Push notification delivery, crash reporting | USA |
| Apple | Apple SSO identifier | Sign in with Apple | USA |
| Google SSO identifier | Sign in with Google | USA | |
| Identity-verification provider (only if you use optional verification) | Your ID document + selfie are processed on the provider's systems; we receive only the pass/fail result | Optional identity verification | EU data residency |
If and when we enable optional identity verification, we will name the specific verification provider in this Policy, and ensure it offers EU data residency and a signed data-processing agreement, before the feature goes live.
We also share data with other Questify users only as required by the marketplace function:
- Your display name, avatar, ratings received, trust badge, and quests you post are visible to other users who can see those quests.
- Chat messages are visible to participants in that chat.
- Quest history is visible to the parties involved in each quest.
- ID verification status (verified / not verified) is visible as a badge; the underlying documents are never shared with other users.
We may disclose data in response to lawful requests by public authorities, court orders, or legal process — and only after we've verified the request is valid.
5. International data transfers
Some of our processors (Firebase, Apple, Google) are based in the United States. When data is transferred outside your country, we rely on standard contractual clauses and the providers' own data-protection commitments to ensure protection equivalent to what applies in the EU.
Our primary database (Supabase) is hosted in Frankfurt, Germany. Most of your data never leaves the EU.
6. How long we keep your data
| Data category | Retention |
|---|---|
| Account profile | While your account is active. On deletion, we immediately erase or irreversibly de-identify your profile — your email, name, phone and avatar are removed or scrubbed and your login is permanently severed — so the account can no longer identify you. Any residual backup copies roll off within 30 days. |
| Quest content (posts, completions, ratings) | Active while your account is active. On deletion, content that is yours alone is removed or de-identified; where a Quest involved another user, a de-identified record (your name and avatar shown as “Deleted User”) may be retained so the other party keeps a complete record of their own activity. |
| Chat messages | 365 days from the message timestamp, or until the account is deleted, whichever is sooner. |
| Coin transactions | 7 years (accounting and dispute-resolution requirement). |
| Identity verification | We do not store your identity document or biometric — only the result (verified / not, plus a reference), kept while your account is active. The third-party provider keeps its own records under its policy; you can ask us or the provider to delete the verification record. |
| Crash diagnostics (Crashlytics) | 90 days per Firebase default. |
| Disputes and reports | While the account exists + 2 years post-deletion (legal records). |
| Auth logs (sign-in attempts) | 90 days. |
| Date of birth (age check) | Month and year retained while your account is active, to evidence the 18+ check; removed on account deletion. |
7. Your rights
You have these rights regarding your personal data:
- Access — get a copy of the data we hold about you.
- Correction — fix anything that's wrong (you can edit most of it directly in Profile Settings).
- Deletion — delete your account and associated data, subject to the retention exceptions in §6.
- Data portability — receive your data in a machine-readable format.
- Restriction — pause specific processing while a dispute is resolved.
- Objection — object to processing based on legitimate interest.
- Withdraw consent — for any consent-based processing.
- Complaint — lodge a complaint with your local data protection authority. For Montenegro: Agencija za zaštitu ličnih podataka. For EU residents: your national supervisory authority.
To exercise any of these rights, email rtrivv@gmail.com with the email address tied to your account. We respond within 30 days. We may ask for additional verification before acting on requests involving sensitive data (e.g. ID verification documents).
You can delete your account directly from the App: Profile → Settings → Delete Account. Account deletion is irreversible.
8. Age requirement (18+)
Questify is an adults-only service. It is not directed to anyone under 18, and we do not knowingly collect personal data from anyone under 18. We apply a neutral age screen at sign-up and store only your month and year of birth to evidence the check. If we discover that an account belongs to someone under 18, we block it and delete the associated personal data.
If you believe someone under 18 is using Questify or has provided us data, email rtrivv@gmail.com and we'll act promptly.
9. Security
We take reasonable technical and organizational measures to protect your data:
- All data in transit is encrypted (HTTPS / TLS 1.2+).
- Data at rest in Supabase is encrypted using industry-standard AES-256.
- Authentication uses industry-standard tokens (JWT) with limited lifetimes.
- Access to backend systems is restricted to authorized personnel.
- Row-Level Security (RLS) policies enforce data isolation at the database level — meaning even with a server bug, you cannot accidentally see another user's private data.
No system is perfectly secure. If a data breach occurs that materially affects your rights, we'll notify you and the relevant authority within 72 hours of discovery, per applicable law.
10. Marketing and analytics
We do not currently run marketing campaigns through third-party advertising networks. We do not track you across other apps or websites.
If we add marketing notifications later, they'll require opt-in consent and you can disable them at any time in Settings.
We use Firebase Crashlytics for crash diagnostics only — never for advertising or behavioral tracking.
11. Cookies and similar technologies
The Questify mobile app does not use browser cookies. We use device storage to:
- Cache your session token (so you don't need to re-sign-in every launch).
- Store your in-app preferences (filter selections, sort order).
You can clear this data at any time by uninstalling the App or signing out.
12. Automated decision-making
We don't use automated decision-making or profiling that produces legal effects on you. Specifically:
- The trust rating system is computed algorithmically but is informational — it doesn't automatically suspend or ban accounts. Significant moderation decisions are made by human reviewers.
- Optional identity verification is performed by a third-party provider's automated checks, only if you choose to verify and only with your explicit consent; we receive only the result, and a result never automatically suspends or bans you.
- Future automation (if introduced) will be disclosed in an updated version of this Policy.
13. Changes to this Policy
When we make material changes to this Policy, we'll:
- Update the “Last updated” date at the top.
- Notify you in the App at next launch.
- For significant changes (new categories of data collected, new processors, new purposes), require you to acknowledge the update before continuing to use the App.
Minor clarifications (typo fixes, wording improvements) don't trigger notifications.
14. Contact
For any privacy question, request, complaint, or general inquiry:
Email: rtrivv@gmail.com
Operator: Vladimir Rakočević, Montenegro (full postal address available on request; to be added before public launch)
We aim to respond within 5 business days; statutory rights requests are handled within 30 days.
This document is the canonical Privacy Policy for Questify. It is shipped inside the app and also available at this URL, which is declared in Settings → Legal → Privacy Policy.
Website and waitlist (usequestify.com)
This section covers the website at usequestify.com itself. It is a website-specific addendum and is not part of the canonical in-app Policy above.
The Policy above covers the Questify mobile App. The website also processes a small amount of data:
- Waitlist email. If you request an invite on the homepage, we collect the email address you submit and use it for one purpose: contacting you about your invite and the Podgorica launch. Legal basis: your consent, given when you submit the form. No marketing lists, no sharing, no selling. We keep waitlist emails until your invite is sent or you ask us to remove you (email rtrivv@gmail.com), whichever comes first. If we use a service provider to receive and store waitlist signups, it will act as our data processor and we will name it in this section before relying on it.
- Browser local storage. When you submit the form, your browser keeps a local copy of the address you entered in its local storage. That copy stays on your device; you can clear it at any time through your browser settings.
- Google Fonts. The website loads the Cinzel display font from Google Fonts. Your browser requests the font files directly from Google's servers, and that request transmits your IP address to Google.
- No cookies, no analytics. The website sets no cookies and runs no analytics or tracking scripts.
Your rights under §7 apply equally to waitlist data.
Questify