Privacy Policy

This Privacy Policy describes how StarMonkey Games LLC (“Company,” “we,” “us,” or “our”) processes personal information in connection with the QuestForge mobile application and the website available at starmonkeygames.com (collectively, the “Service”). By using the Service, you acknowledge this Policy.

• Account & Contact Information. Email address, username, and profile metadata provided during account creation and management. (Firebase Authentication)
• User-Provided Content. Content you voluntarily submit, including journal entries, quests, goals, progress notes, and in-app messages for AI features.
• Usage, Diagnostic & Device Data. Device and app identifiers, app version, performance, crash reports, and event analytics to improve reliability and quality. (Firebase Analytics, Crashlytics)
• Calendar Data (optional). If you grant permission, we read/write calendar events to assist with scheduling. We do not copy your full calendar to our servers and access is limited to features you use.
• Transaction & Subscription Data. Purchase status, purchase tokens, and other billing metadata to administer entitlements. (Google Play Billing)
• AI Processing Data. Prompts and related context you choose to send for generation are transmitted to third-party AI services (OpenAI API) to return responses.
• Network & Security Signals. IP address, network status, and similar technical data used for security, fraud prevention, and Service functionality.

Declared permissions include: INTERNET, ACCESS_WIFI_STATE, ACCESS_NETWORK_STATE, READ_CALENDAR, WRITE_CALENDAR, USE_CREDENTIALS, VIBRATE.

• Provide, operate, and support the Service and its features.
• Authenticate users; sync and store data securely via Firebase services.
• Create and manage calendar events with your permission.
• Process prompts and deliver AI-generated content or suggestions (OpenAI API).
• Monitor performance, troubleshoot issues, and improve quality (Analytics, Crashlytics).
• Administer purchases, subscriptions, and eligibility (Google Play Billing).
• Maintain security and prevent fraud, abuse, or unlawful activity.
• Communicate Service notices, updates, and respond to support requests.
• Comply with applicable legal obligations.

• Contract. Processing necessary to provide the Service you request.
• Legitimate Interests. Securing and improving the Service; understanding usage.
• Consent. Where required for optional permissions (e.g., Calendar) or certain analytics/AI processing.
• Legal Obligations. Compliance with laws and regulations.

We do not sell personal information. We disclose information only as reasonably necessary to operate the Service and as described below:

• Service Providers & Processors. Firebase (Authentication, Realtime Database/Firestore, Analytics, Crashlytics), Google Play Billing, hosting, security, analytics, and support vendors under appropriate contractual safeguards.
• AI Providers. OpenAI API receives prompts and context you choose to send for generation; returned outputs are made available in the app.
• Legal & Safety. To comply with law, legal process, or protect rights, property, users, or the public.
• Business Transfers. In connection with a merger, acquisition, or asset transfer; we will notify you of material changes as required by law.

The app may request READ_CALENDAR and WRITE_CALENDAR permissions solely to create and manage quest-related events on your device calendar. You can revoke access at any time via device settings. We do not upload your full calendar to our servers.

We retain personal information for as long as necessary to provide the Service, fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion (see Section 9).

We implement reasonable administrative, technical, and organizational measures (including Firebase security features) designed to safeguard personal information. No method of transmission or storage is fully secure; we continuously improve protections against unauthorized access, loss, misuse, or alteration.

We may process information in jurisdictions other than your own (including the United States). Where required, we rely on appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

• Access and Updates. You can review and update certain profile details in-app.
• Permissions. You may revoke optional permissions (e.g., Calendar) in device settings; related features may become unavailable.
• Communications. If we send non-transactional emails, you may opt out via the provided mechanism.
• Deletion Requests. You may request deletion of your account and associated personal information, subject to lawful exceptions (e.g., fraud prevention, legal obligations).
• EEA/UK/Swiss Users. You may have rights to access, rectify, erase, restrict, port, or object. Contact us to exercise these rights.
• California Residents. We do not “sell” personal information as defined by CCPA/CPRA. You may request access or deletion by contacting us.

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us and we will take appropriate steps to remove it.

We may update this Policy from time to time. We will post the updated version here and revise the “Last Updated” date above. Where legally required, we will provide additional notice.

If you have questions, concerns, or requests regarding privacy, please contact:

Email: questforged@gmail.com
Owner: StarMonkey Games LLC

For account or data-deletion requests, include the email associated with your QuestForge account so we can verify ownership.