QuestionCraft™ Privacy Policy

Last Updated: 12/06/2025 Effective Date: 12/06/2025

Introduction

QuestionCraft LLC ("QuestionCraft™," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service at https://questioncraft.ai (the "Service," "Platform").

By using QuestionCraft™, you agree to the collection and use of information in accordance with this Privacy Policy.

If you do not agree with this Privacy Policy, please do not access or use the Service.

1. Information We Collect

1.1 Information You Provide Directly

Account Information:

Email address (required for account creation)
Full name
Password (encrypted and never stored in plain text)
Billing information (processed by Stripe; we store only last 4 digits of card)
Company name and role (optional)

Content You Create:

Questions you submit to the Question Engine
Optimized questions generated through our Service
AI comparison results and responses
Saved frameworks and templates
Notes, tags, and custom categories
Feedback and support communications

Communications:

Messages you send to our support team
Survey responses and feedback
Email correspondence

1.2 Information Collected Automatically

Usage Data:

Pages visited and features used
Time spent on platform and session duration
Clicks, scrolls, and interaction patterns
Question optimization frequency and patterns
AI model preferences and selection history
Subscription tier and feature usage
API calls and rate limit consumption

Technical Data:

IP address
Browser type and version
Device type (desktop, mobile, tablet)
Operating system
Referring website or source
Date and time stamps
Cookies and similar tracking technologies

Performance Data:

Error logs and diagnostic information
Response times and latency metrics
API performance and uptime statistics
Service availability and reliability metrics

1.3 Information from Third Parties

AI Provider Data:

When you use our Service, your questions are sent to third-party AI providers (OpenAI, Anthropic, Google, etc.)
These providers process your questions according to their own privacy policies
We receive AI-generated responses which we display to you and may store
AI providers typically retain API request data for 30 days for abuse monitoring

Payment Processor Data:

Stripe processes your payment information
We receive transaction confirmations and subscription status
We do NOT see or store your full credit card details

Analytics Services:

We use analytics tools (e.g., Google Analytics, Mixpanel) to understand usage patterns
These services collect aggregated, anonymized data
You can opt-out of analytics tracking in your account settings

1.4 Information We Do NOT Collect

We do NOT intentionally collect:

Sensitive personal information (health data, biometric data, genetic data)
Social Security numbers or government-issued ID numbers
Financial account numbers (except last 4 digits of card via Stripe)
Information from children under 13 (see Section 11)
Location data beyond general IP-based location

2. How We Use Your Information

2.1 To Provide and Improve the Service

We use your information to:

Create and manage your account
Authenticate your identity and prevent fraud
Process your questions through the Question Engine
Facilitate AI comparison requests to third-party providers
Display AI responses and comparison results
Store your question history and analytics
Provide API access for Master/Architect/Enterprise tiers
Generate usage insights and improvement recommendations
Troubleshoot technical issues and bugs
Develop new features and improve existing functionality

2.2 To Process Payments and Subscriptions

We use your billing information to:

Process subscription payments through Stripe
Manage free trials and subscription renewals
Handle refunds and billing disputes
Send payment confirmations and receipts
Enforce usage limits based on subscription tier
Monitor for fraudulent payment activity

2.3 To Communicate With You

We use your contact information to:

Send transactional emails (account creation, password resets, payment confirmations)
Provide customer support and respond to inquiries
Send service announcements and important updates
Notify you of Terms of Service or Privacy Policy changes
Share product updates and new features (you can opt-out)
Request feedback and conduct user research (optional)

2.4 For Analytics and Research

We use aggregated, anonymized data to:

Understand how users interact with QuestionCraft
Identify popular features and pain points
Measure the effectiveness of question optimization
Analyze AI model performance and quality
Improve our algorithms and recommendation systems
Conduct research on questioning techniques and AI interaction patterns
Generate industry insights and benchmarks

Important: We anonymize and aggregate data before using it for research. Individual users are not identifiable in aggregated datasets.

2.5 For Security and Fraud Prevention

We use your information to:

Detect and prevent fraudulent accounts and payments
Monitor for abusive usage patterns and API abuse
Enforce Fair Use Policy and rate limits
Investigate security incidents and breaches
Comply with legal obligations and law enforcement requests
Protect our intellectual property and business interests

2.6 For Legal Compliance

We may use your information to:

Comply with applicable laws and regulations
Respond to legal process (subpoenas, court orders)
Enforce our Terms of Service and other policies
Protect the rights, property, and safety of QuestionCraft, our users, and the public
Resolve disputes and investigate complaints

3. How We Share Your Information

3.1 With Third-Party AI Providers

When you use QuestionCraft, your questions are sent to third-party AI providers:

OpenAI (ChatGPT models)
Anthropic (Claude models)
Google (Gemini models)
Perplexity, xAI, Mistral AI, DeepSeek, Meta, and others

What they receive:

The questions you submit (after optimization by QuestionCraft)
Our API key (not your QuestionCraft account information)
Technical metadata required for API functionality

What they do NOT receive:

Your QuestionCraft account details (name, email)
Your subscription tier or payment information
Your question history or usage patterns within QuestionCraft

Their data practices:

Each AI provider has its own privacy policy and data retention practices
Most providers retain API request data for 30 days for abuse monitoring
Some providers may use API data to improve their models (check their policies)
We recommend reviewing the privacy policies of AI providers you use

Links to AI Provider Privacy Policies:

OpenAI: https://openai.com/privacy
Anthropic: https://www.anthropic.com/privacy
Google: https://policies.google.com/privacy
[Other providers as applicable]

3.2 With Service Providers

We share your information with trusted third-party service providers who help us operate the Service:

Payment Processing:

Stripe (payment processing and subscription management)
We share billing information necessary to process transactions
Stripe's privacy policy: https://stripe.com/privacy

Hosting and Infrastructure:

Vercel (application hosting)
Supabase (database and authentication)
AWS/Google Cloud (backup storage and infrastructure)
These providers have access to data necessary to host and maintain the Service

Analytics and Monitoring:

Google Analytics (usage analytics)
Mixpanel (product analytics)
Sentry (error tracking and monitoring)
These services receive anonymized, aggregated usage data

Communication Services:

Email service providers (transactional and marketing emails)
Customer support platforms (support ticket management)

All service providers:

Are contractually obligated to protect your data
May only use your information to provide services to us
Are selected based on their security and privacy practices
Process data in accordance with applicable laws (GDPR, CCPA, etc.)

3.3 For Legal Reasons

We may disclose your information if required by law or in good faith belief that such action is necessary to:

Comply with legal obligations (subpoenas, court orders, regulatory requests)
Protect and defend our rights or property
Prevent fraud or investigate suspected illegal activity
Protect the safety of users, employees, or the public
Respond to government requests and law enforcement inquiries

We will:

Notify you of legal requests unless prohibited by law
Review requests carefully and provide only information legally required
Challenge overbroad or inappropriate requests where possible

3.4 Business Transfers

If QuestionCraft is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction:

Your information may be transferred to the acquiring entity
We will notify you via email and/or prominent notice on our Service
You will have an opportunity to delete your account before transfer
The acquiring entity must honor this Privacy Policy unless you consent to changes

3.5 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

Participating in user research or case studies
Being featured in testimonials or success stories
Integrating with third-party tools you authorize
Sharing data with partners for co-marketing initiatives

3.6 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify you individually:

Industry benchmarks and research findings
Usage statistics and trends
Public reports about questioning effectiveness and AI performance
Marketing materials demonstrating QuestionCraft's value

This data cannot be traced back to individual users and is not considered personal information.

3.7 What We Do NOT Do

We do NOT:

Sell your personal information to third parties for marketing purposes
Share your individual questions or AI responses publicly
Provide your email address to advertisers or data brokers
Share your account information with AI providers
Use your data to train our own AI models without explicit opt-in
Share your data with competitors or unrelated third parties

4. Data Retention

4.1 Active Accounts

While your account is active, we retain:

Your account information (email, name, profile)
All questions and AI comparison history
Usage analytics and performance data
Subscription and billing history
Support communications and feedback

Purpose: To provide the Service and improve your experience.

4.2 Deleted Accounts

When you delete your account:

Within 30 days: We delete your personal information (name, email, questions, AI responses)
Backup systems: May retain data for up to 90 days for disaster recovery
Aggregated data: Anonymized, non-identifiable data may be retained indefinitely
Legal obligations: We retain data longer if required by law, legal hold, or ongoing dispute

What persists after deletion:

Anonymized usage statistics (not linked to you)
Aggregated analytics data
Payment transaction records (required for tax and accounting, 7 years)
Data required for fraud prevention and security

4.3 Specific Data Types

Questions and AI Responses:

Retained while your account is active
Deleted within 30 days of account deletion
May be retained longer if flagged for abuse investigation

Payment Information:

Transaction history retained for 7 years (tax and legal requirements)
Full credit card details never stored (Stripe handles this)
Last 4 digits of card retained for subscription management

API Logs:

Retained for 90 days for debugging and abuse monitoring
Older logs are deleted or aggregated into anonymized statistics

Support Communications:

Retained for 3 years to improve customer service
Email addresses may be retained to prevent duplicate support tickets

4.4 AI Provider Retention

Third-party AI providers have their own retention policies:

Most retain API request data for 30 days for abuse monitoring
Some may retain data longer for model improvement (check their policies)
You can contact AI providers directly to request deletion of your data
We do not control third-party retention practices

5. Your Privacy Rights

Depending on your location, you may have specific privacy rights under laws like GDPR (Europe), CCPA (California), and other regulations.

5.1 Access and Portability

Right to Access:

You can request a copy of your personal information
We will provide data in a structured, machine-readable format (JSON/CSV)
Access requests are typically fulfilled within 30 days

Right to Data Portability:

You can export your question history, analytics, and comparison results
Use the "Export Data" feature in account settings
Or request a complete data export by contacting privacy@questioncraft.ai

5.2 Correction and Update

Right to Rectification:

You can update your account information anytime in account settings
Contact us to correct inaccurate data we hold about you
We will update information within 30 days of your request

5.3 Deletion

Right to Erasure (Right to be Forgotten):

You can delete your account anytime through account settings
We will delete your personal information within 30 days
Some data may persist as described in Section 4.2
Note: Deletion is permanent and cannot be reversed

To request deletion:

Use the "Delete Account" option in settings, OR
Email privacy@questioncraft.ai with your account email and deletion request

5.4 Restrict or Object to Processing

Right to Restriction:

You can request that we limit how we use your information
For example, stop using your data for analytics or marketing
Contact privacy@questioncraft.ai to request restrictions

Right to Object:

You can object to certain uses of your information
Opt-out of marketing emails (link in every marketing email)
Opt-out of analytics tracking in account settings
Object to automated decision-making (we don't use this currently)

5.5 Withdraw Consent

If we process your data based on consent (e.g., marketing emails), you can:

Withdraw consent anytime
Opt-out of marketing emails via unsubscribe links
Change consent preferences in account settings
Withdrawing consent does not affect prior processing

5.6 Lodge a Complaint

If you believe we have violated your privacy rights:

Contact us first: privacy@questioncraft.ai (we want to resolve issues!)
File a complaint with supervisory authority:
- EU residents: Contact your national Data Protection Authority
- UK residents: Information Commissioner's Office (ICO)
- California residents: California Attorney General
- Other jurisdictions: Contact your local data protection authority

5.7 How to Exercise Your Rights

To exercise any privacy right:

Email: privacy@questioncraft.ai
Subject line: "Privacy Right Request - [Type of Request]"
Include:
- Your full name and account email
- Specific right you're exercising (access, deletion, correction, etc.)
- Detailed description of your request
- Any supporting documentation

We will:

Respond within 30 days (may extend to 60 days for complex requests)
Verify your identity before fulfilling requests
Provide requested information or action free of charge
Explain if we cannot fulfill your request and why

6. Data Security

6.1 Security Measures

We implement industry-standard security measures to protect your information:

Encryption:

TLS/SSL encryption for data in transit (HTTPS)
AES-256 encryption for sensitive data at rest
Passwords hashed using bcrypt (never stored in plain text)
API keys encrypted and securely stored

Access Controls:

Role-based access control (RBAC) for employee access
Multi-factor authentication (MFA) for admin accounts
Principle of least privilege (employees access only necessary data)
Regular access audits and permission reviews

Infrastructure Security:

Hosting with SOC 2 compliant providers (Vercel, Supabase)
Regular security patches and software updates
Firewall protection and intrusion detection systems
DDoS protection and rate limiting

Application Security:

Input validation and sanitization to prevent injection attacks
CSRF protection and secure session management
Regular security audits and penetration testing
Dependency scanning for known vulnerabilities

Monitoring and Response:

Real-time monitoring for suspicious activity
Automated alerts for security incidents
Incident response plan and security team
Regular backups (encrypted and geographically distributed)

6.2 Security Limitations

No system is 100% secure. Despite our best efforts:

Cyber attacks and breaches can occur
Human error or insider threats are possible
Third-party services we rely on could be compromised
Advanced persistent threats may evade detection

You acknowledge that:

You provide information at your own risk
We cannot guarantee absolute security
You are responsible for maintaining the security of your password
You should use strong, unique passwords and enable MFA if available

6.3 Data Breach Response

If a data breach occurs that affects your personal information:

Within 72 hours, we will:

Notify you via email to your registered address
Describe the nature and scope of the breach
Explain what data was potentially accessed or disclosed
Outline steps we are taking to address the breach
Advise on steps you can take to protect yourself

We will also:

Notify relevant regulatory authorities as required by law
Conduct a thorough investigation to prevent future breaches
Provide updates as more information becomes available
Offer credit monitoring or identity protection services if appropriate

What you should do if notified of a breach:

Change your QuestionCraft password immediately
Monitor your accounts for suspicious activity
Enable MFA if not already active
Review our breach notification for specific guidance
Contact us with questions: security@questioncraft.ai

7. Cookies and Tracking Technologies

7.1 What Are Cookies?

Cookies are small text files stored on your device when you visit websites. They help websites remember your preferences, authenticate sessions, and track usage patterns.

7.2 Types of Cookies We Use

Essential Cookies (Required):

Authentication cookies (keep you logged in)
Session management cookies
Security cookies (CSRF protection)
Load balancing cookies (distribute traffic)

These cookies are necessary for the Service to function and cannot be disabled.

Analytics Cookies (Optional):

Google Analytics (usage patterns, popular features)
Mixpanel (product analytics, feature engagement)
Help us understand how users interact with QuestionCraft
Can be disabled in account settings

Preference Cookies (Optional):

Remember your settings and preferences
Theme selection (light/dark mode)
Language preferences
Dashboard customization

Marketing Cookies (Optional):

Track effectiveness of marketing campaigns
Retargeting for advertising (if applicable)
Conversion tracking
Can be disabled in account settings or opt-out tools

7.3 Third-Party Cookies

Some cookies are set by third-party services we use:

Stripe (payment processing)
Google Analytics (usage tracking)
Social media platforms (if you interact with social sharing features)

We do not control third-party cookies. Refer to their privacy policies for details.

7.4 Managing Cookies

You can control cookies through:

Account settings (disable analytics and marketing cookies)
Browser settings (block all cookies, though this may break functionality)
Opt-out tools:
- Google Analytics: https://tools.google.com/dlpage/gaoptout
- Network Advertising Initiative: https://optout.networkadvertising.org
- Digital Advertising Alliance: https://optout.aboutads.info

Note: Disabling essential cookies may prevent you from using QuestionCraft.

7.5 Do Not Track

Some browsers have "Do Not Track" (DNT) settings. Currently, there is no industry standard for how to respond to DNT signals. We do not currently respond to DNT signals, but we provide cookie controls in account settings.

8. International Data Transfers

8.1 Where Your Data Is Stored

QuestionCraft operates from the United States. Your information may be transferred to and processed in:

United States (primary data centers)
European Union (backup and redundancy)
Other countries where our service providers operate

Data protection laws vary by country. Some countries may not have the same level of data protection as your home country.

8.2 European Economic Area (EEA) Users

If you are located in the EEA, UK, or Switzerland:

We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers
Our service providers are contractually obligated to provide adequate data protection
You have the rights described in Section 5 under GDPR

8.3 Safeguards for International Transfers

When transferring data internationally, we ensure:

Contracts with service providers include data protection clauses
Technical and organizational security measures are maintained
Compliance with applicable data protection laws (GDPR, CCPA, etc.)
Regular audits of service provider security practices

9. Third-Party Links and Services

9.1 Links to External Websites

QuestionCraft may contain links to third-party websites, services, or resources:

AI provider websites (OpenAI, Anthropic, Google, etc.)
Payment processor (Stripe)
Social media platforms
Educational resources and documentation

We are not responsible for:

The privacy practices of third-party websites
Content on external sites
Security of third-party services
Accuracy of information on linked sites

We recommend: Reading the privacy policies of any third-party service you use.

9.2 Third-Party Integrations

If you integrate QuestionCraft with third-party tools or services:

You authorize data sharing with those services
Third-party privacy policies apply to data they collect
We are not responsible for third-party data practices
You can revoke integrations anytime in account settings

10. Marketing and Communications

10.1 Types of Communications

Transactional Emails (Cannot Opt-Out):

Account creation and verification
Password resets and security alerts
Payment confirmations and billing issues
Subscription renewal reminders
Terms of Service or Privacy Policy updates
Critical service announcements

Marketing Emails (Can Opt-Out):

Product updates and new features
Tips and best practices for question-crafting
Special offers and promotions
Newsletter and content updates
User research invitations

10.2 Marketing Preferences

To opt-out of marketing emails:

Click "Unsubscribe" link in any marketing email
Update preferences in account settings
Email support@questioncraft.ai with "Unsubscribe" in subject

Note: Opting out of marketing does not stop transactional emails.

10.3 Data Used for Marketing

We may use your information for marketing purposes:

Email address (to send marketing emails if you haven't opted out)
Usage patterns (to personalize recommendations)
Subscription tier (to tailor content to your needs)

We do NOT:

Sell your email to third-party marketers
Share your information with advertisers for their use
Send unsolicited emails (we honor opt-outs promptly)

11. Children's Privacy

11.1 Age Restriction

QuestionCraft is not intended for children under 13 years old (or 16 in some jurisdictions like the EU).

We do not knowingly:

Collect personal information from children under 13
Market our Service to children
Allow children to create accounts

11.2 Parental Consent

If you are under 18 but at least 13 (or 16 in the EU):

You must have parental or guardian consent to use QuestionCraft
Your parent/guardian should review this Privacy Policy
We may request verification of parental consent

11.3 If We Learn We Have Child Data

If we discover we have collected information from a child under 13 without parental consent:

We will delete the information as quickly as possible
We will terminate the account
We will notify parents if we have contact information

Parents: If you believe your child has provided information to QuestionCraft, contact us immediately at privacy@questioncraft.ai.

12. California Privacy Rights (CCPA)

12.1 California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know:

What personal information we collect
Sources of personal information
Purposes for collecting or sharing personal information
Categories of third parties we share data with

Right to Delete:

Request deletion of personal information we have collected
Subject to exceptions for legal obligations and fraud prevention

Right to Opt-Out:

We do NOT sell your personal information, so no opt-out is necessary
If this changes, we will provide a "Do Not Sell My Personal Information" link

Right to Non-Discrimination:

We will not discriminate against you for exercising CCPA rights
No denial of service, different pricing, or reduced quality for exercising rights

12.2 "Sale" of Personal Information

We do NOT sell your personal information as defined by the CCPA.

We DO share information with:

Service providers (for business purposes, not "sales")
AI providers (to provide the Service you requested)
Analytics services (for improving the Service)

These are not considered "sales" under CCPA because they are necessary service providers.

12.3 How to Exercise CCPA Rights

To exercise your CCPA rights:

Email: privacy@questioncraft.ai
Subject: "CCPA Request - [Type of Request]"
Include: Your name, account email, and specific request

We will:

Respond within 45 days (may extend to 90 days for complex requests)
Verify your identity before fulfilling requests
Provide requested information free of charge (up to 2 requests per year)

12.4 Authorized Agents

California residents may designate an authorized agent to make requests on their behalf:

Provide written authorization from you
Verify the agent's identity and authority
We may still require direct communication with you to verify identity

13. European Privacy Rights (GDPR)

13.1 Legal Basis for Processing

If you are located in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on the following legal grounds:

Contractual Necessity:

Creating and managing your account
Providing the QuestionCraft Service
Processing payments and subscriptions
Delivering customer support

Legitimate Interests:

Improving the Service and user experience
Detecting and preventing fraud and abuse
Analyzing usage patterns (anonymized)
Marketing our services (with opt-out option)

Consent:

Marketing communications (you can withdraw consent anytime)
Optional analytics tracking
Sharing data with third parties for non-essential purposes

Legal Obligations:

Complying with tax and accounting laws
Responding to legal requests and court orders
Protecting intellectual property rights

13.2 GDPR Rights

As an EEA, UK, or Swiss resident, you have the following rights:

Right of Access: Obtain a copy of your personal data
Right to Rectification: Correct inaccurate data
Right to Erasure: Delete your data ("right to be forgotten")
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to certain types of processing
Right to Withdraw Consent: Withdraw consent for consent-based processing
Right to Lodge a Complaint: File a complaint with your Data Protection Authority

13.3 Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer:

Email: dpo@questioncraft.ai
Or: privacy@questioncraft.ai with "GDPR Request" in subject

13.4 International Data Transfers

We transfer EEA personal data to the United States and other countries using:

Standard Contractual Clauses (SCCs) approved by the European Commission
Contracts with service providers requiring GDPR-level data protection
Adequate safeguards to protect your data during international transfers

13.5 Supervisory Authority

If you are unsatisfied with our response, you can lodge a complaint with:

Your national Data Protection Authority (DPA)
UK: Information Commissioner's Office (ICO) - https://ico.org.uk
EU: Find your DPA at https://edpb.europa.eu/about-edpb/board/members

14. Changes to This Privacy Policy

14.1 Right to Modify

We may update this Privacy Policy from time to time to reflect:

Changes to our data practices
New features or services
Legal or regulatory requirements
Feedback from users and regulators
Industry best practices

14.2 Notice of Changes

For material changes:

We will notify you at least 30 days in advance
Notice sent to your registered email address
Prominent notice posted on QuestionCraft website and in your dashboard
Updated "Last Updated" date at the top of this policy

For minor changes:

We may update the policy without prior notice
Changes reflected in updated "Last Updated" date
Continued use of the Service constitutes acceptance

14.3 Reviewing Changes

We encourage you to:

Review this Privacy Policy periodically
Check the "Last Updated" date for changes
Contact us with questions: privacy@questioncraft.ai

14.4 Disagreeing With Changes

If you do not agree with changes to this Privacy Policy:

Stop using the Service
Delete your account through account settings
Export your data before deletion
Contact us to discuss concerns

14.5 Version History

Previous versions of this Privacy Policy are available at:

https://questioncraft.ai/privacy/history
Or by requesting archived versions via email

15. Contact Us

15.1 Privacy Questions and Requests

For privacy-related questions, concerns, or requests:

Email: privacy@questioncraft.ai
Subject line: "Privacy Inquiry - [Brief Description]"

Response time: We aim to respond within 5 business days for general inquiries and 30 days for formal privacy rights requests.

15.2 Data Protection Officer

For GDPR or data protection matters:

Email: dpo@questioncraft.ai
Alternative: privacy@questioncraft.ai with "GDPR Request" in subject

15.3 General Support

For non-privacy questions:

Email: support@questioncraft.ai
Website: https://questioncraft.ai/support

15.4 Mailing Address

QuestionCraft LLC
Attn: Privacy Department
3 Fruit St Newburyport, MA 01950 United States

15.5 Security Issues

To report security vulnerabilities:

Email: security@questioncraft.ai
Subject: "Security Vulnerability Report"

Please do NOT disclose security issues publicly until we have had time to address them.

16. Acceptance of This Privacy Policy

BY USING QUESTIONCRAFT, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO THIS PRIVACY POLICY.

If you do not agree with this Privacy Policy, please do not use our Service.

END OF PRIVACY POLICY

Additional Resources

Related Documents:

Terms of Service: https://questioncraft.ai/terms
Acceptable Use Policy: https://questioncraft.ai/acceptable-use
Cookie Policy: https://questioncraft.ai/cookies
Security Practices: https://questioncraft.ai/security

External Resources:

Learn about GDPR: https://gdpr.eu
Learn about CCPA: https://oag.ca.gov/privacy/ccpa
Google Analytics Opt-Out: https://tools.google.com/dlpage/gaoptout
Your Privacy Choices: https://optout.aboutads.info

Contact Information:

Privacy: privacy@questioncraft.ai
Security: security@questioncraft.ai
Support: support@questioncraft.ai
Legal: legal@questioncraft.ai

This Privacy Policy is effective as of 11/17/2025 and applies to all users of QuestionCraft.