Odd Events LLC DBA SkeletonKey.Quest ("SkeletonKey," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SkeletonKey software and services.

This policy applies to:

• SkeletonKey desktop application (free version)
• SkeletonKey cloud services (premium subscription)
• Our website and related services
• Customer support interactions

2.1 Personal Information

We may collect the following personal information:

2.2 Usage Data

We collect information about how you use SkeletonKey:

• Feature usage patterns and frequency
• Performance metrics and error logs
• Software version and operating system
• Session duration and interaction data
• Crash reports (anonymized)

2.3 Project Data (Cloud Services Only)

For users of our cloud services, we store:

• Timeline projects and associated data
• Knowledge base entries and relationships
• Maps, narratives, and exported content
• Collaboration settings and shared projects
• AI interaction history and generated content

We use collected information for the following purposes:

3.1 Service Provision

• Providing and maintaining SkeletonKey software and services
• Processing payments and managing subscriptions
• Synchronizing data across devices (cloud users)
• Providing AI analysis and generation features
• Customer support and technical assistance

3.2 Service Improvement

• Analyzing usage patterns to improve functionality
• Identifying and fixing software bugs and issues
• Developing new features and capabilities
• Optimizing performance and user experience

3.3 Communication

• Sending service-related notifications and updates
• Providing customer support responses
• Sharing important policy or service changes
• Marketing communications (with your consent)

3.4 Legal and Security

• Complying with legal obligations and requests
• Protecting against fraud and abuse
• Enforcing our terms and policies
• Securing our systems and user data

We may share your information in the following limited circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist in operating our business:

• Cloud Infrastructure: AWS, Google Cloud, or similar providers for data storage and processing
• Payment Processing: Stripe, PayPal, or similar services for handling payments
• AI Services: OpenAI and other AI providers for advanced analysis features
• Analytics: Usage analytics services to improve our software
• Customer Support: Help desk and communication tools

4.2 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes or government requests
• Protect the rights, property, or safety of SkeletonKey, users, or others
• Investigate potential violations of our terms
• Prevent fraud or security threats

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction. We will provide notice before your information becomes subject to different privacy practices.

4.4 Consent

We may share information with your explicit consent for specific purposes not covered in this policy.

5.1 Security Measures

We implement comprehensive security measures to protect your information:

5.2 Data Locations

Your data is stored in secure facilities:

• Local Data: Free software data remains on your device
• Cloud Data: Stored in enterprise-grade data centers in the United States
• Backups: Encrypted backups stored in geographically distributed locations
• AI Processing: May be temporarily processed by third-party AI services

5.3 Data Breach Response

In the unlikely event of a data breach, we will:

• Promptly investigate and contain the incident
• Notify affected users within 72 hours when required
• Provide clear information about what happened and what we're doing
• Take steps to prevent future incidents
• Cooperate with law enforcement and regulatory authorities

SkeletonKey integrates with various third-party services. Each has its own privacy practices:

Important: We carefully select third-party partners with strong privacy and security practices. However, we are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies.

You have the following rights regarding your personal information:

9.1 Desktop Application

The SkeletonKey desktop application does not use cookies or web tracking technologies. All data is processed locally on your device.

9.2 Website and Web Services

Our website and web-based services may use:

9.3 Managing Cookies

You can control cookies through:

• Browser settings to block or delete cookies
• Cookie consent banners on our website
• Opting out of analytics tracking
• Using private/incognito browsing modes

Note: Disabling essential cookies may affect website functionality.

We retain your information for as long as necessary to provide services and comply with legal obligations:

Data Minimization: We regularly review and delete data that is no longer necessary, following data minimization principles.

SkeletonKey is based in the United States. Your information may be transferred to and processed in countries other than your own:

11.1 Data Transfer Locations

• Primary Storage: United States (enterprise data centers)
• Backup Storage: Multiple geographic regions for redundancy
• AI Processing: May be processed by providers in various countries
• Support Services: May involve international team members

11.2 Transfer Safeguards

When transferring data internationally, we ensure appropriate safeguards:

11.3 Your Rights

For users in the EU, UK, and other regions with data protection laws:

• You have the right to know about international transfers
• You can request information about transfer safeguards
• You may object to transfers in certain circumstances
• Local data protection authorities can provide guidance

12.1 COPPA Compliance

We comply with the Children's Online Privacy Protection Act (COPPA):

• We do not knowingly collect personal information from children under 13
• If we discover we have collected such information, we will delete it promptly
• Parents can contact us to review, delete, or stop collection of their child's information

12.2 Parental Rights

Parents and guardians have the right to:

• Review personal information collected from their child
• Request deletion of their child's personal information
• Refuse to allow further collection of their child's information
• Contact us with questions about our children's privacy practices

12.3 Educational Use

For educational institutions using SkeletonKey:

• Schools may provide consent on behalf of students for educational purposes
• We work with schools to ensure FERPA compliance when applicable
• Student data is used only for educational purposes
• Enhanced privacy protections apply to student accounts

13.1 Updates and Modifications

We may update this Privacy Policy from time to time to reflect:

• Changes in our data practices or services
• New legal requirements or regulatory changes
• Improvements to our privacy protections
• Feedback from users and privacy authorities

13.2 Notification Process

When we make changes to this policy, we will:

13.3 Your Options

When we make material changes:

• Continued use of our services indicates acceptance of the updated policy
• You may contact us with questions or concerns about changes
• You can close your account if you disagree with material changes
• Some changes may require your explicit consent

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: