Privacy Policy
Last updated: April 29, 2026
Qore (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.
What We Collect
Account data: When you sign up, we collect your email address via Google OAuth, Facebook OAuth, or magic link. We do not store passwords.
Quiz responses: Your answers to the thinking quiz and daily scenarios. These are used to compute your thinking profile. Your thinking profile data (alignment and dimension scores) may constitute data revealing beliefs about how to live and decide — a special category under GDPR Article 9. We process this data based on your explicit consent when you take the quiz.
Usage analytics: We collect anonymous usage data (pages visited, quiz completion rates, feature usage) via our first-party analytics system. This data is identified only by an ephemeral session identifier that resets when you close your browser tab and is never linked to your identity. We process this data under the legitimate interest legal basis (GDPR Article 6(1)(f)) to understand product usage and improve the service.
Push notification data: If you opt in to push notifications, we store your browser push endpoint and encryption keys. This data is only collected with your explicit permission and is deleted if you revoke notification access.
How We Use Your Data
- To provide and improve the Qore service
- To compute and display your thinking profile
- To maintain your streak and challenge history
- To generate anonymous aggregate statistics
We never sell your data to third parties.
Third-Party Services
We use the following services to operate Qore:
- Supabase(EU region) — database and authentication
- Vercel— hosting and performance monitoring
- PostHog(EU region) — product analytics, only active after you accept cookies via our consent banner
- ZeptoMail— transactional email delivery (e.g. login links, notifications). Your email address is shared with ZeptoMail solely for the purpose of delivering these messages.
- Meta (Facebook) Pixel— advertising and conversion measurement, only active after you accept cookies via our consent banner. The pixel records page views and key actions (e.g. account creation, quiz completion) and shares them with Meta to help us reach relevant audiences and measure ad performance. If you reject cookies, the pixel collects no data.
Cookies & Local Storage
Necessary cookies: Authentication session cookies (Supabase). These are required for the app to work and do not require consent.
First-party analytics (no consent required):We store an ephemeral session identifier in your browser's session storage. This is not a cookie — it is automatically cleared when you close the tab and cannot be used to identify you across sessions or devices. No personal data is collected through this mechanism.
Analytics cookies (consent required): PostHog analytics cookies are only set after you accept cookies via our consent banner. You can reject or change your preference at any time. If you reject, PostHog collects no data.
Marketing cookies (consent required):The Meta (Facebook) Pixel sets cookies and uses local identifiers only after you accept cookies via our consent banner. These are used to measure ad effectiveness and reach similar audiences on Meta platforms. If you reject, the pixel does not fire and no data is shared with Meta. You can withdraw consent at any time by clearing this site's local storage or contacting us at the address below.
Preference storage: We use local storage to remember your cookie consent choice and notification preferences. These do not track you and are stored only on your device.
Your Rights
Under GDPR and similar regulations, you have the right to:
- Access the data we hold about you
- Request correction of inaccurate data
- Request deletion of your account and data
- Withdraw consent for analytics or marketing cookies at any time
- Object to processing based on legitimate interest
- Request a portable copy of your data
Legal Basis for Processing
We process your data under the following GDPR legal bases:
- Consent(Article 6(1)(a)) — quiz responses, thinking profile computation, PostHog analytics cookies, Meta Pixel marketing cookies, push notifications
- Contract(Article 6(1)(b)) — providing the Qore service, authentication, transactional emails
- Legitimate interest(Article 6(1)(f)) — anonymous first-party usage analytics using ephemeral session identifiers, service improvement, and security
Data Retention
We retain your account data for as long as your account is active. If you delete your account, your personal data is erased immediately, along with any active subscription. Anonymous aggregate data may be retained indefinitely.
Contact
For privacy-related questions or data requests, email us at adam.visual.plus@gmail.com.