Privacy Policy

Last updated: February 17, 2026.

Policy version: 2026-02-17

Quick summary

We operate accounts and workspaces, serve quizzes and API requests, and run background jobs for generation, moderation, exports, and storage cleanup.
Approved contribution submissions can be published into the shared question library and reused across quizzes, exports, and API responses.
We do not sell personal information and we do not run targeted advertising based on your activity.
Optional client-side product analytics (PostHog) is disabled by default and only runs after you opt in. We disable PostHog autocapture.
Backend LLM analytics for generation, moderation, and representative image workflows runs in production and records operational metadata with prompt/output content excluded.
You can manage analytics consent below in Analytics & cookies.
For privacy requests, contact us via /contact or email support@questionstock.com.

This Privacy Policy is a general description of how QuestionStock handles data. It is provided for transparency and is not legal advice.

Scope

This policy applies to the QuestionStock website, quiz workspace, and developer API (including /api/v1/*).

QuestionStock is the controller for the personal information described in this policy.

Some QuestionStock content is accessible by direct link (for example,/quizzes/<id> and /questions/<id>). If you share a direct link, anyone with that link may be able to view the page.

Information we collect

Account and workspace information (via Clerk)

Identifiers such as your Clerk user ID, organization/workspace ID, and workspace role/membership.
Account fields we may access, such as email address and name (used for account communications, optional client-side analytics identify after opt-in, and backend LLM analytics workflow attribution).
Workspace entitlement metadata (for example plan access) used to gate features like private quizzes, exports, and API access.

Content you create or provide

Quiz content: quiz names, settings (such as image preferences), category selections, persisted question selections, and question-level difficulty values.
Contribution content: category suggestions/proposals, custom questions, and edits/drafts submitted for moderation. Accepted contributions can become canonical shared-library content, even if the source quiz is private.
API-provided identifiers: deliveryKey and other request values you send to the API.

Do not include sensitive personal information in free-form fields (like messages, delivery keys, or custom question text). QuestionStock is built for trivia content, not sensitive data.

Usage and operational data

API key data: API keys are shown once and stored hashed; we track last-used time and store per-minute and per-day aggregated request counts for rate limiting and quota enforcement.
Serve history used for repeat-avoidance (for example, how many times a question has been served to a given workspace/consumer scope).
Question delivery event records used for analytics, trending, and operational visibility.
Audit logs and operational workflow records stored for operational and admin visibility.

Communications

Contact form submissions (name, email, organization, optional workspace ID, subject, message, and consent to be contacted).
Support emails you send to our support address.

Device and technical data

Essential cookies and technical signals used for authentication, security, and service delivery.
Error monitoring data (for example, via Sentry) may include request context and identifiers you provide in API requests.

How we use information

Provide and secure the service (auth, access control, abuse prevention).
Operate shared-library workflows (generation, validation, moderation, and deduplication).
Publish and maintain accepted contribution content in the shared question library.
Operate API functionality (rate limiting, repeat avoidance, and question delivery analytics).
Generate exports and representative images.
Provide support and respond to requests.
Run optional client-side product analytics when you opt in.
Run backend LLM analytics in production for generation, moderation, and image workflows using operational metadata with prompt/output content excluded.
Compliance, troubleshooting, and reliability improvements.

How we share information (service providers)

We use service providers to run QuestionStock. They process data on our behalf to provide the service:

Clerk (authentication): handles sign in and sign up plus workspace identity; we may retrieve your primary email to send product workflow emails.
Vercel (hosting): hosts the web application and may provide platform logs/metrics.
Neon (database hosting): hosts our Postgres database that stores the application records described in this policy.
Trigger.dev (background jobs): orchestrates background tasks like generation, validation, exports, image generation, and storage cleanup.
Cloudflare R2 (storage): stores export artifacts and representative images; downloads are provided via expiring links.
PostHog (analytics): receives optional client-side product analytics events after you opt in. It also receives backend LLM analytics events from production generation/moderation/image workflows with user/workspace identifiers and operational metadata; prompt/output content is excluded.
Sentry (error monitoring): receives error reports and traces to help us debug and improve reliability; this may include request context and identifiers.
Resend (email delivery): sends contact form emails and certain product workflow emails.
OpenAI (AI processing): may process trivia content in background tasks for question generation, moderation, category proposal validation, and representative image generation.
Google (AI processing): may process trivia content in background tasks for question generation, moderation, category proposal validation, and representative image generation when selected in system settings.

AI features

QuestionStock uses AI primarily in background workflows (not in inline request/response chat). This includes generation and validation of trivia questions, moderation of question drafts, and generation of representative images.

Inputs can include category descriptions, question drafts, and prompts built from trivia content. Outputs can include generated questions, validation results, representative images, and export documents.

Do not include sensitive personal data in prompts, drafts, or API metadata fields.

Public and shared content

Direct-link pages (for example, /quizzes/<id> and /questions/<id>) can be viewed by anyone with the link.
Categories are available via canonical slugs (for example, /categories/<slug>).
Accepted contribution submissions can become part of the shared canonical question library and may be surfaced across product and API experiences.
My Quizzes, admin, and profile routes are access-controlled.

Data retention

We retain data as needed to operate and secure the service. This can include quizzes, question delivery events, serve history, usage counters, audit logs, moderation records, and workflow status records.

We store certain artifacts (like export files and representative images) in Cloudflare R2. Older or unneeded objects may be cleaned up by background jobs. Database records may persist unless deleted.

If you request deletion, we will evaluate and act on the request where applicable. Deleting a quiz or account does not automatically remove already-published canonical contribution content from the shared library where retention is needed for service integrity, security, compliance, or legal obligations.

Security

API keys are displayed once and stored hashed (HMAC) in our database.
We use access controls and standard technical measures appropriate for a modern web product. No method of transmission or storage is 100% secure.

Your rights and choices

Depending on your location, you may have rights to access, correct, delete, or receive a copy of your information, and to object or restrict certain processing. You can submit requests using /contact or by emailing support@questionstock.com.

Client-side analytics opt-out: you can disable analytics cookies at any time in Analytics & cookies.
US privacy disclosures: we do not sell personal information and we do not share it for cross-context behavioral advertising.
Authorized agents and appeals: where required by law, you may be able to designate an authorized agent to make a request on your behalf or appeal certain decisions.
Legal bases (EEA/UK-style): we generally process data to provide the service (contract), to operate and secure the product (legitimate interests), to comply with law, for optional client-side analytics when you consent, and for backend LLM analytics needed to operate AI workflows.
Some requests may be limited where removing shared canonical contribution content would conflict with legal obligations, security, fraud prevention, or system-integrity needs.

Children

QuestionStock is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

Changes to this policy

We may update this policy from time to time. We will update the “Last updated” date above when changes are made. If a change is material, we may provide additional notice (for example, in-app or by email).

Analytics & cookies

QuestionStock uses essential cookies for authentication and security. We also offer optional client-side product analytics via PostHog. Client-side analytics is disabled by default and only enabled on production deployments after you opt in.

When enabled, we use a cookie preferences cookie qs_cookie_preferences (stored for about 180 days) to remember your client-side analytics choice.

Separately, in production we send backend LLM analytics events for generation, moderation, and representative image workflows to PostHog using user/workspace identifiers and operational metadata (for example model, latency, token, and error fields). Prompt and completion content is excluded from these backend LLM analytics events.

Cookie settings

Current setting: loading

Essential cookies are always on. Analytics cookies are optional and help us improve QuestionStock.