Privacy Policy

1. Introduction

Welcome to SideQuestDeals ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website sidequestdeals.com and use our services.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

• Register for an account
• Subscribe to our service
• Contact us with inquiries

This information may include:

• Email Address: Used for account authentication, notifications, and communication
• Password: Securely hashed using bcrypt; we never store plaintext passwords
• Two-Factor Authentication Data: TOTP secrets (encrypted) if you enable 2FA

2.2 Payment Information

We do not store payment card information. All payment processing is handled by Stripe, our third-party payment processor. We only store a Stripe Customer ID to manage your subscription. Stripe's privacy policy can be found at stripe.com/privacy.

2.3 Automatically Collected Information

When you visit our website, we automatically collect certain information, including:

• IP address
• Browser type and version
• Pages visited and time spent
• Device information
• Referring website

This information is collected through Azure Application Insights for performance monitoring and security purposes.

2.4 User Activity

We collect information about your interactions with our service, including:

• Deals you vote on (upvotes/downvotes)
• Deals you report as expired
• Filter and sorting preferences

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our services
• Process your subscription and manage billing
• Send you service-related communications
• Respond to your inquiries and provide customer support
• Improve our website and services
• Monitor and analyze usage patterns
• Detect, prevent, and address technical issues or fraud
• Comply with legal obligations

4. How We Share Your Information

We may share your information in the following situations:

4.1 Service Providers

We share information with third-party vendors who perform services on our behalf:

• Stripe: Payment processing
• Microsoft Azure: Cloud hosting and infrastructure
• OpenAI: AI-powered deal extraction (no personal data shared)

4.2 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests by public authorities.

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We do not sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational security measures, including:

• Encryption of data in transit (HTTPS/TLS 1.2+)
• Encryption of sensitive data at rest
• Secure password hashing with bcrypt
• Azure Key Vault for secrets management
• Regular security audits and monitoring
• Two-factor authentication option

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Specifically:

• Account data: Retained until you delete your account
• Voting history: Retained for 30 days after deals expire
• Subscription records: Retained for 7 years for tax/legal purposes
• Server logs: Retained for 30 days

You may request deletion of your account and personal data at any time.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Portability: Request a copy of your data in a portable format
• Objection: Object to processing of your personal data
• Withdraw Consent: Withdraw consent where we rely on it

To exercise any of these rights, please contact us at privacy@sidequestdeals.com.

8. Cookies and Tracking

8.1 Essential Cookies

We use cookies that are strictly necessary for the website to function, including:

• Authentication cookies to keep you logged in
• Anti-forgery tokens for security
• Your consent preference (stored in localStorage as ga_consent)

These cookies cannot be disabled as they are required for the site to operate correctly.

8.2 Analytics Cookies (Optional — Requires Consent)

With your permission, we use Google Analytics 4 (Measurement ID: G-8EKRFW5QN7) to understand how visitors interact with our site. Google Analytics may set cookies to distinguish users and track sessions. All data collected is anonymized (IP anonymization is enabled) and no personally identifiable information is transmitted to Google.

Google Analytics is only loaded after you click "Accept Analytics" on the consent banner that appears on your first visit.

Google's privacy policy: policies.google.com/privacy. You can also opt out of Google Analytics at any time using the Google Analytics Opt-out Browser Add-on.

8.3 Managing Your Consent

You can change your analytics consent at any time by clearing your browser's localStorage for this site, which will cause the consent banner to reappear on your next visit.

To do this in most browsers: DevTools → Application → Local Storage → sidequestdeals.com → delete the ga_consent entry.

8.4 Application Performance Monitoring

We use Azure Application Insights for server-side performance monitoring and error tracking. This collects anonymized technical data (response times, error rates, server-side telemetry) and does not set cookies in your browser.

9. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. International Data Transfers

Our servers are located in the United States (Azure East US region). If you are accessing our service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email.

12. Contact Us

If you have questions or concerns about this privacy policy, please contact us at:

• Email: privacy@sidequestdeals.com
• Website: Contact Form