Privacy Policy

1. Introduction

Quest App, Inc. ("Quest," "we," "our," or "us") operates the Quest dating app and the thequestapp.co website. This Privacy Policy explains how we collect, use, and protect your information when you use our services, including our AI matchmaker, Rumi.

By using Quest, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our services.

2. Information We Collect

A. Information You Provide

When you create an account or use Quest, you may provide us with the following information:

• Account data: name, email address, phone number, date of birth, and gender.
• Profile data: photos, bio, and survey or prompt responses, which may include sensitive information such as dating preferences.
• Rumi conversations: your interactions with our AI matchmaker, Rumi, including messages, questions, and responses.
• User-generated content: messages sent to other users, photos shared within the app, and feedback you submit.
• Payment information: payment details are processed by third-party payment processors. We do not store your credit card numbers or full payment account details on our servers.

B. Automatically Collected Information

When you use Quest or visit our website, we automatically collect certain information, including:

• Device data: device type, operating system, and browser type.
• Usage data: pages visited, features used, and time spent on the app or website.
• IP address and approximate location: derived from your IP address.
• Cookies and similar technologies: as described in our Cookie Policy.

C. Information from Third Parties

We may receive information about you from third-party sources, including:

• Identity verification providers: if you opt into identity verification, we may receive verification results from third-party providers.
• App store data: information provided by Apple or Google when you download or purchase through their platforms.
• Analytics providers: aggregated usage and performance data from third-party analytics services.

D. Sign-In Providers

You can sign in to Quest using Sign in with Apple, Sign in with Google, or your phone number (via SMS one-time passcode). When you choose a third-party sign-in option, we receive a limited set of information from the provider to create and authenticate your Quest account.

Sign in with Google. When you sign in with Google, we request only the basic OpenID profile and email scopes. From these, we receive your Google account email address, name, and profile picture. We do not request access to your Google contacts, calendar, drive, or any other Google service. We use this information solely to create and authenticate your Quest account — we do not share it with third parties and we do not use it for advertising. You can revoke Quest's access to your Google account at any time at myaccount.google.com/permissions. Google's own handling of your data is governed by the Google Privacy Policy.

Sign in with Apple. When you sign in with Apple, we receive an Apple-issued user identifier and your name (only the first time you sign in). For your email, you can choose to share your real Apple ID email or use Apple's “Hide My Email” feature, in which case we receive an Apple-generated relay address ending in @privaterelay.appleid.com. We use this information solely to create and authenticate your Quest account — we do not share it with third parties and we do not use it for advertising. You can revoke Quest's access at any time on your device under Settings → Apple ID → Sign in with Apple → Quest.

Phone sign-in. If you sign in with your phone number, we send a one-time passcode by SMS to verify that you control the number. Phone verification is described in more detail in our Security Statement.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To operate, maintain, and improve the Quest app and website.
• To facilitate matching between users based on preferences and compatibility.
• To enable Rumi AI features, including personalized matchmaking recommendations and conversations.
• To verify your identity and prevent fraud.
• To send you service-related communications, updates, and promotional messages (with your consent where required).
• To analyze usage patterns and improve our services.
• To enforce our Terms of Service and other policies.
• To comply with legal obligations and respond to lawful requests.
• To develop and improve our AI models, subject to the controls described in Section 4 below.

4. How We Use AI

Quest's matchmaker, Rumi, is powered by artificial-intelligence services from Anthropic, PBC (its Claude model) and OpenAI, OpCo, LLC (its GPT models). When you use Rumi, certain content from your account is sent to those providers so they can return Rumi's response. We believe in being transparent about exactly what we send, what we don't, and on what terms.

What We Send

• Messages you send directly to Rumi in the Rumi tab of the app.
• Content from a match chat that you explicitly share with Rumi using the “Share with Rumi” button — never automatically.
• Stated facts you've told Rumi (favorite restaurants, dealbreakers, what kind of dates you like, etc.) so its suggestions can personalize.
• Anonymized behavioral signals derived from your app activity (for example, who you've liked or skipped) so Rumi can prioritize matches.

What We Don't Send

• Match-chat content, unless you explicitly share it.
• Your photos.
• Your contact information (phone number, email address).
• Information about other users beyond what's needed for a specific match suggestion.

Training Posture

Anthropic and OpenAI do not train their AI models on your content under the commercial terms we use. API inputs and outputs are not fed back into model training by default for commercial customers. You can read the providers' own statements:

• Anthropic Commercial Terms
• OpenAI API data usage policies

Retention

Anthropic and OpenAI retain API request data for up to 30 days for abuse and safety monitoring; after that it is deleted on their end. Quest does not store the AI's responses beyond what is needed to render Rumi's reply to you (typically a few seconds), except where the response is part of an ongoing Rumi conversation that you can scroll back to in the app.

How to Withdraw Your Consent

Rumi is the core of how Quest works, so you cannot keep using Quest with Rumi turned off. To withdraw your consent for AI processing, delete your account: in the app, go to Settings → AI & Data → Delete account & AI memory. We will remove your account and every byte of data we hold about you within 14 days.

Private 1:1 Chats

Messages between you and other users are encrypted. Quest does not read or use the content of private chats for AI processing or training. We only access metadata (e.g., number of messages exchanged, timestamps) to operate the service and detect abuse. Match-chat content reaches Rumi only when you tap “Share with Rumi” yourself.

Quest's Own Model Training

In the future, anonymized and aggregated Rumi conversation data may also be used to train and improve Quest's own AI models. This is separate from the third-party providers above. You can opt out of having your data used for Quest's model training at any time in your app settings. Opting out will not affect Rumi's ability to personalize your experience — personalization happens in real-time and is separate from model training.

Sensitive Data

We do not use your dating preferences, sexual orientation, or relationship history for advertising or marketing purposes. This information is used solely to provide and improve the matchmaking experience within Quest.

Questions About AI Specifically

Email us at privacy@thequestapp.co with subject “AI question.” You can also read our AI Principles for a plain-language overview of how Rumi works.

5. Data Sharing

We may share your information with the following categories of recipients:

• Service providers: third parties that help us operate our services, including hosting, analytics, AI, and payment processing providers.
• Identity verification providers: if you opt into identity verification, your information may be shared with verification service providers.
• Other users: your profile information (such as your name, photos, bio, and age) is visible to other users as controlled by your settings.
• Law enforcement and legal authorities: when required by law, subpoena, court order, or other legal process, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers: in connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

We do not sell your personal data.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. After you delete your account, we will delete your personal data within a reasonable period, except where we are required to retain it by law (for example, for legal, tax, or regulatory purposes).

Anonymized and aggregated data that can no longer be used to identify you may be retained indefinitely for analytics, research, and service improvement purposes.

7. Your Rights and Choices

Depending on your location and applicable law, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Correction: request that we correct inaccurate or incomplete personal data.
• Deletion: request that we delete your personal data, subject to certain exceptions.
• Opt out of Rumi AI training: you can opt out of having your Rumi conversation data used for AI model training at any time in your app settings.
• Opt out of marketing communications: you can unsubscribe from marketing emails by clicking the "unsubscribe" link in any marketing email, or by adjusting your notification settings in the app.
• Cookie preferences: you can control cookie preferences through your browser settings or as described in our Cookie Policy.
• Data export: request a copy of your data in a portable format.

To exercise any of these rights, please contact us at privacy@thequestapp.co. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

8. Cookies and Tracking

We use cookies and similar tracking technologies to operate our website, analyze usage, and improve your experience. Cookies are small text files stored on your device that help us recognize you and remember your preferences.

For detailed information about the types of cookies we use, how we use them, and how you can control your cookie preferences, please see our Cookie Policy.

9. Security

We implement reasonable technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security assessments.

Private messages between users are encrypted in transit and at rest to protect their confidentiality.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. For more information, please see our Security Statement.

10. Children

Quest is not intended for anyone under the age of 18. We do not knowingly collect personal data from individuals under 18. If we become aware that we have collected personal data from a minor, we will take steps to delete that information promptly. If you believe that a minor has provided us with personal data, please contact us at privacy@thequestapp.co.

11. International Data Transfers

Quest is operated from the United States. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located and our central database is operated. By using Quest, you consent to the transfer of your information to the United States and acknowledge that data protection laws in the United States may differ from those in your country of residence.

12. Consumer Health Data

Certain jurisdictions, including Washington and Nevada, have enacted consumer health data privacy laws that may broadly define "consumer health data." While Quest does not believe it collects consumer health data as traditionally understood, we recognize that some information you provide (such as dating preferences or gender identity) could be classified as consumer health data under these broad definitions.

Quest does not use any such information to infer health status, and we do not sell consumer health data. Any information that may be considered consumer health data is collected and used solely for the purpose of providing our dating and matchmaking services. If you are a resident of a jurisdiction with consumer health data protections, you may exercise your privacy rights by contacting us at privacy@thequestapp.co.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page. If we make material changes, we will notify you by email or through a prominent notice within the app prior to the changes becoming effective.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Privacy inquiries: privacy@thequestapp.co
• General support: support@thequestapp.co

Quest App, Inc.
A Delaware corporation