Effective date: March 18, 2026 · Last updated: March 18, 2026
Sally Forth! is a location credentialing platform operated by Flightdeck Ventures, LLC. This policy describes how we collect, use, and protect information when you use Sally Forth! at sallyforth.quest or any associated services.
Sally Forth! was designed so we don’t have your personal data in the first place. Our database contains random identifiers, not people. We do not sell, rent, license, or trade your data to anyone, for any reason, ever. We do not use your data for advertising, profiling, or marketing. Your data belongs to you and you alone.
When you sign in, authentication is handled by Clerk (clerk.com), a third-party identity provider. Clerk collects and stores your email address, name, profile image, and login credentials on their servers. If you choose to add a phone number for account security, Clerk may send one-time passcodes (OTP) via SMS for verification. Your phone number is stored by Clerk, not by Sally Forth!.
Sally Forth! displays your name and profile image within the app (for example, in your settings page and group member lists), but this information is fetched directly from Clerk each time you use the app. We do not save your name, email address, phone number, profile image, or any other personal information in our database. If you update your name or photo on Clerk, it updates everywhere in Sally Forth! automatically, because we never stored a copy.
Clerk maintains your account information for login and account support purposes. However, your personal identity is never bridged into your activity within Sally Forth!. Your name, email, and profile are kept entirely separate from your quests, credentials, check-ins, and location data. We cannot look up who completed a quest or earned a credential by examining account information — those systems are architecturally isolated from each other.
From the authentication process, we store only an opaque identifier (a random string) confirming you are authenticated. We use this to create an internal, randomly generated account ID that has no connection to your real identity.
Your device’s GPS coordinates are used at specific moments: when you check in at a quest location (to confirm you are within range) and when you join a group (to confirm both members are physically present in the same place). These are the only times your location is accessed.
Sally Forth! does not contain any tracking software. We do not monitor your location in the background. We do not build location profiles. We do not use analytics or advertising trackers of any kind.
When you earn a credential, your GPS coordinates are sealed inside a digitally signed credential — a tamper-proof token that proves where you were and when. Our database stores the credential itself, but your precise coordinates are not stored separately in our database. The only place your exact check-in position exists is inside the signed credential, which belongs to you.
For each credential, we store:
The credential identifies you with an anonymous, irreversible code that cannot be traced back to your account or your real identity.
We store your timezone, distance unit preference (metric or imperial), and notification preferences. These are functional settings, not personal information.
If you join a group, your quest activity within that group is visible to other group members. This includes quests you complete, posts you make, photos you share, mood check-ins, and reactions. Wherever you go within the context of a group quest is shared with that group.
Your first and last name (from your login provider) are displayed to other group members so that everyone in the group knows who they are sharing with. This name is fetched from your login provider each time and is not stored in our database.
Groups require in-person joining — both the inviting member and joining member must be physically present in the same location at the same time using a short-lived QR code. This ensures group members know each other in the real world. You cannot be added to a group remotely or without your knowledge.
If you create a group, you are required to provide an email address. This email is used to deliver important product updates, security notices, and technical information related to your group. Group members are not required to provide an email address.
Group creators may also opt in to receive Sally Forth! news and communications. This is entirely optional and can be changed at any time. We will never share your email address with third parties or use it for purposes other than those described here.
You may upload photos and write journal entries associated with your quests. Photos are stored on our hosting infrastructure. We do not analyze, scan, or use your photos or journal content for any purpose other than displaying them to you and, where applicable, to your group members.
If you opt in to push notifications, we store a technical subscription endpoint and encryption keys necessary to deliver notifications to your device. You can unsubscribe at any time through your device settings or the Sally Forth! settings page. We do not use push notifications for marketing or advertising.
When you earn a credential, we may enrich it with weather data (temperature, conditions) and a general location name (city, state). Weather data is fetched from Open-Meteo using reduced-precision coordinates. Location names are fetched from OpenStreetMap’s Nominatim service using coordinates truncated to approximately 100-meter precision for your privacy. Neither service receives your identity or account information.
Sally Forth! may generate collectible marker images using AI image generation services. The generation process uses quest metadata (not your personal information). Generated images are stored on our hosting infrastructure and displayed in your wallet.
We use the information described above to:
We do not use your information for advertising, profiling, marketing, or any purpose other than operating the credentialing service.
We do not sell, rent, or trade any user information to third parties. Period.
When you share a credential, you choose to share the information it contains. Credentials contain an anonymous, irreversible identifier (a one-way hash that cannot be reversed to determine your identity), the quest location, your confirmed position, and a timestamp. Credentials do not contain your name, email, or any personal information.
Activity within a group is visible to group members. This is inherent to the group feature and you consent to this sharing when you join a group. Group membership requires in-person QR code scanning, so you always know who you are sharing with.
We use the following service providers to operate Sally Forth!:
| Provider | Purpose | Data access | Certifications |
|---|---|---|---|
| Clerk | Authentication | Email, passwords, OAuth | SOC 2 Type II, HIPAA |
| Neon | Database | Database contents (pseudonymized) | SOC 2 Type II, ISO 27001, ISO 27701 |
| Vercel | Hosting & storage | Application code, images | SOC 2 Type II |
| Open-Meteo | Weather data | Reduced-precision coordinates | Free, no auth required |
| Nominatim / OSM | Reverse geocoding | Truncated coordinates (~100m) | Free, no auth required |
Each provider has its own privacy policy and is independently certified for security compliance where applicable.
We may disclose information if required by law, legal process, or governmental request. Given that our database does not contain personal information, such disclosures would consist of random identifiers, credentials, and quest data — not personally identifiable information.
You can view all credentials in your wallet at any time. You can export your credentials as files.
You may request deletion of your account and associated data by contacting us at legal@sallyforth.quest. Upon deletion:
You can export your credentials at any time in standard Quest Protocol format. Credentials are portable and not locked to Sally Forth!.
You can control push notification categories (activity, group, reminders) independently through the Sally Forth! settings page or disable them entirely through your device settings.
You can stop using Sally Forth! at any time. We do not send marketing communications. There is no data collection to opt out of beyond the core service functionality.
Sally Forth! is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe a child under 13 has used Sally Forth!, please contact us at legal@sallyforth.quest and we will delete the associated account.
For educational use involving minors over 13, our privacy architecture (no personal data collection, anonymous credentials, no location tracking) is designed to minimize privacy concerns. Educational institutions should evaluate Sally Forth! against their own FERPA and student privacy obligations.
Sally Forth! is built on infrastructure that carries independent compliance certifications:
We will update this policy if our data practices change. Material changes will be communicated through the application. The “last updated” date at the top reflects the most recent revision.
Questions about this privacy policy or our data practices: