SideQuests+ Privacy Policy

Last updated: April 17, 2026 · Effective: launch day

SideQuests+ is built by JoogSzn LLC (DBA Coding Crazy) as a productivity and wellness app for neurodivergent people. This policy explains what we collect, why, and who can see it. Plain English only.

The short version

We don't sell your data. Ever.
We don't show you ads.
We don't track you across other apps or websites.
Most of your data lives on your device. Some is synced to your account so it survives a reinstall.
You can export or delete everything from inside the app.

What we collect

When you sign in, we store:

Email address — so you can recover your account on a new device.
An opaque user ID — ties your quests, habits, and progress to your account.

As you use the app, we store (on your device, optionally synced to your account):

Quests, habits, goals, notes, meal logs, shopping list, saved recipes, workout history — core app function.
Voice captures (if you use brain-dump or voice input) — transcribed on-device; raw audio is not uploaded unless you explicitly share a clip.
Health and fitness data (if you grant HealthKit access) — steps, workouts, and active energy shown in the Workouts tab. Read from Apple Health; not sent to our servers.
Approximate location (only if you turn on location-aware features) — used for context like weather on your dashboard. Not shared with third parties.
Photos you attach to meals or notes — stored on your device.

What we don't collect

Identifiers for advertising (IDFA, etc.).
Browsing history outside the app.
Contacts, calendar events, or other apps' data — unless you explicitly connect an integration, and then only what that integration needs.
Biometric data beyond what HealthKit surfaces with your permission.

Third-party services

We use the minimum number of outside services required to run the app:

Supabase — database + auth provider. Stores your account and synced quests. Located in the US.
Apple services — iCloud backup, HealthKit, EventKit, Notifications. Governed by Apple's privacy policy.
Optional AI providers — when you use the in-app AI coach, the prompt you type is sent to the AI provider you've chosen (OpenAI, Anthropic, or local). We do not log the prompt ourselves.
Optional HeyGen — only if you connect your own HeyGen account for AI recipe narration. Your API key is stored on your device. We are not a HeyGen processor.

Children

SideQuests+ is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has given us data, contact us and we will delete it.

Your controls

Export — Settings → Data → Export your data. You get a readable JSON of everything we store for you.
Delete account — Settings → Account → Delete account. Wipes your account and synced data from our servers within 30 days.
Revoke integrations — HealthKit, location, notifications, and calendar can all be revoked from iOS Settings at any time.

Data retention

We keep your account data for as long as you have an account. When you delete your account we purge synced data within 30 days. Anonymized error logs may be retained for up to 12 months for debugging.

Security

Synced data is encrypted in transit (TLS) and at rest (Supabase default encryption). On-device data uses iOS's standard protections. No system is perfectly secure; if we learn of a breach that affects you, we will notify you.

Changes to this policy

If we meaningfully change what we collect or how we use it, we will update the "Last updated" date above and, for material changes, notify you in the app.

Contact

Questions, requests, or complaints: privacy@codingcrazy.com