Project 9 Technologies ("we," "us," "our," or "Company") respects your privacy and is committed to transparency about how we collect, use, and protect your personal information. This Privacy Policy explains our data practices for the Project 9 Technologies website (project9tech.com), the HQ Adventure Intelligence application (hq.project9tech.com), and any related services or applications we operate (collectively, the "Services").
Project 9 Technologies is a sole proprietorship based in California.
By using our Services, you consent to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not use our Services.
The short version: We collect only what we need to provide your adventure intelligence Briefings and manage your account. We do not sell your data. We do not share it with advertisers. Your payment information is handled entirely by Stripe and never touches our servers.
| Category | Data Collected | Purpose |
|---|---|---|
| Account Registration | Email address, name, password (encrypted) | Create and manage your account |
| Subscription & Billing | Subscription plan, billing frequency, payment transaction history | Process payments and manage your subscription |
| Payment Method | Credit/debit card details (processed by Stripe; we never store full card numbers) | Charge your subscription |
| Briefing Requests | Trip destinations, dates, activity interests, vehicle type, group size, accessibility needs, and other preferences you enter | Generate personalized adventure intelligence Briefings |
| Communications | Emails and messages you send to us | Respond to inquiries and provide support |
| Category | Data Collected | Purpose |
|---|---|---|
| Log Data | IP address, browser type, operating system, pages visited, referring URL, date/time of access | Security monitoring, service improvement |
| Usage Analytics | Features used, Briefings generated, device type, screen resolution | Understand usage patterns and improve the product |
| Cookies | Authentication tokens, session cookies, preference cookies | Keep you logged in and remember settings |
| Approximate Location | City/region level, derived from IP address | Analytics and content relevance |
We do NOT collect GPS or precise device location unless you explicitly grant permission through your browser or device settings.
| Source | Data Received | Purpose |
|---|---|---|
| Google OAuth | Email, name, profile picture, Google user ID | Account creation and sign-in |
| Stripe | Transaction confirmation, subscription status | Payment processing |
We use the information we collect for the following purposes:
What we do NOT do: We do not send marketing emails without your consent. We do not sell your email or data to third parties. We do not share your browsing data with advertisers. We do not use your data for behavioral advertising or profiling for ad targeting.
We do not sell, rent, lease, or trade your personal information to third parties for monetary consideration or for marketing, advertising, or profiling purposes. This applies under the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and all other applicable law.
We share information with the following third-party service providers who process data on our behalf to deliver the Services. Each operates under contractual obligations to handle your data securely and confidentially:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Payment method, billing address, transaction amounts |
| Supabase | Authentication and database | Email, name, profile data, Briefing preferences, usage logs. Your data is stored on Supabase servers in the United States (us-west-1, North California). |
| Anthropic (Claude API) | Briefing generation | Trip destinations, dates, vehicle details, activity interests, group size, accessibility needs, and gear inventory. Anthropic may use prompts and outputs to train and improve its AI models, including analysis of user preferences and trip patterns. This data is transmitted via API for each Briefing request. See Anthropic's Privacy Policy for full details on how they process and retain data. |
| Resend | Transactional email delivery | Email address (for sending account-related emails) |
| Netlify | Website hosting and analytics | IP address, page views, device type (analytics) |
| Nominatim (OpenStreetMap) | Geocoding (destination name → coordinates) | Destination name or area you enter. Free service, no API key. See OSM Foundation Privacy Policy. |
| OpenWeather | Weather forecasts and air quality | Latitude and longitude of your destination (derived from geocoding). Used to fetch current conditions, UV index, moon phase, forecasts, and AQI/PM2.5 data. |
| USGS Water Services | Real-time stream gauge data | Latitude and longitude of your destination. Returns stream discharge and water level readings for nearby waterways. Free U.S. government API, no API key. |
| National Park Service (NPS) | Park alerts, closures, and conditions | Park name or location coordinates. Returns current alerts, road closures, trail conditions, fire restrictions. |
| NIFC (National Interagency Fire Center) | Active wildfire data | Latitude and longitude of your destination. Returns active fires within approximately 55 miles, including fire name, acreage, and containment. Free U.S. government GeoJSON feed, no API key. |
| Recreation.gov (RIDB) | Campground and facility data | Destination name or area. Returns campground names, reservation requirements, fees, and facility types. |
A note on Stripe Link and saved payment methods. Stripe offers an optional consumer wallet called Stripe Link that remembers payment cards across every website that uses Stripe Checkout. If you have previously saved a card to Stripe Link on any other Stripe-powered site, that card may appear pre-populated on our checkout page when you sign up. Project 9 Technologies never receives, sees, or stores your card details — Stripe Link operates entirely between you and Stripe. To manage cards saved in Stripe Link, visit link.com.
We may disclose your information if required to do so by law, court order, or government request, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Project 9 Technologies, our users, or the public. We will provide notice of legal requests where legally permitted.
If Project 9 Technologies is acquired, merges with another entity, or sells substantially all of its assets, your information may be transferred as part of that transaction. We will provide notice and obtain consent where required by law.
We may share aggregate or anonymized data that cannot reasonably be used to identify you, such as general usage statistics or trend analysis.
While your account is active, we retain your personal information, Briefing history, and usage data to provide and improve the Services.
When you request account deletion:
Per California law, we retain records of your consent to auto-renewal subscription terms for 3 years, or 1 year after account termination, whichever is longer. These records include date, time, and IP address of consent.
Data may persist in backup systems for up to 90 days after deletion for disaster recovery purposes.
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes of collection, and the categories of third parties with whom we share it.
You may request that we delete your personal information, subject to certain exceptions (e.g., data we must retain for tax, billing, or legal compliance). We will process deletion requests within 45 days of verification.
You may request correction of inaccurate personal information. We will process correction requests within 45 days of verification.
You have the right to opt out of the "sale" or "sharing" of your personal information. We do not sell your personal information for monetary consideration. We do share certain data with service providers to deliver our Services (see Section 6A below). You may exercise your opt-out rights as described in Your Privacy Choices.
Project 9 Technologies does not collect sensitive personal information as defined under the CPRA (Social Security numbers, financial account details, precise geolocation, health data, etc.).
We will not discriminate against you for exercising any of your privacy rights. We will not deny services, charge different prices, or provide lower quality service based on privacy requests.
To exercise any of these rights, contact us:
We will verify your identity by confirming your email and account access, and respond within 45 days. If we need additional time, we will notify you by day 45 with an explanation.
If we deny your request, you may appeal by emailing go@project9tech.com with "Privacy Request Appeal" in the subject line. You may also file a complaint with the California Privacy Protection Agency or the California Attorney General.
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
To generate your adventure intelligence Briefings, we transmit certain data to third-party service providers. This sharing is necessary to provide the core functionality of the Services — without it, we cannot generate Briefings. The data shared includes:
None of these providers pay us for your data. None of these providers use your data for advertising or behavioral profiling on our behalf.
Under CCPA/CPRA, you have the right to direct us to stop sharing your personal information with third parties. If you exercise this right:
Email go@project9tech.com with the subject line "Do Not Share My Data" and include your account email. We will process your request within 15 business days and confirm by email.
You may designate an authorized agent to submit a request on your behalf. We will require verification of both the agent's identity and their written authorization from you.
We send transactional emails that are necessary to operate your account. These include: subscription confirmations, billing receipts, password reset requests, security alerts, and policy change notices. These emails are required for service operation and cannot be opted out of while your account is active.
We may occasionally send emails about new features, product launches, or special offers. You can opt out of these emails at any time by:
We will process unsubscribe requests within 10 business days as required by the CAN-SPAM Act. Opting out of marketing emails does not affect transactional emails.
All emails from Project 9 Technologies are sent from go@project9tech.com. We will never send email from any other address. If you receive a suspicious email claiming to be from Project 9 Technologies from a different address, do not click any links and report it to us.
We implement industry-standard technical and organizational measures to protect your personal information, including:
Payment information is processed exclusively by Stripe, which is PCI-DSS Level 1 certified — the highest level of payment security compliance. We do not store, process, or have access to full credit card numbers.
No system is 100% secure. While we use reasonable measures to protect your data, we cannot guarantee absolute security. Internet transmission is inherently subject to risk.
You are responsible for keeping your password confidential, not sharing your login credentials, logging out on shared devices, and reporting unauthorized access to us immediately.
In the event of a data breach affecting your personal information, we will notify you by email without unreasonable delay, describe the nature of the breach and information affected, and comply with California's breach notification requirements (California Civil Code § 1798.82).
We use essential cookies that are required for the Services to function properly. These include authentication tokens (to keep you logged in) and security tokens (to prevent cross-site attacks). These cookies cannot be disabled without breaking core functionality.
Our HQ application uses your browser's localStorage to store your authentication session token and guest brief usage count. Unlike cookies, localStorage data persists indefinitely until you manually clear your browser data. If you delete your account, we cannot remotely clear your browser's localStorage — you must clear it from your browser settings. The data stored is limited to session authentication and a numeric brief counter; no trip details, destinations, or personal preferences are stored in localStorage.
Netlify, our hosting provider, may collect basic analytics data including page views, device type, and approximate geographic location (city level). This data is used solely for service improvement and is not sold to or shared with advertisers.
Third-party services may set their own cookies during authentication (Google OAuth) and payment processing (Stripe). These are governed by their respective privacy policies.
You can manage or disable cookies through your browser settings. Note that disabling essential cookies may affect your ability to log in and use the Services.
Our Services may contain links to third-party websites, applications, or resources (weather services, park websites, booking platforms, etc.). This Privacy Policy does not apply to those third-party services. We encourage you to review their privacy policies before providing any personal information.
Links to third-party sites do not constitute endorsement or warranty. We are not responsible for the privacy practices or content of external sites.
Project 9 Technologies is based in the United States. If you access our Services from outside the U.S., your information will be transferred to and processed in the United States. By using the Services, you consent to this transfer.
If you are located in the European Union or European Economic Area, we process your data under the following legal bases: contractual necessity (to provide the subscription services you requested), your consent (via account registration), legitimate interests (service improvement, fraud prevention, security), and legal obligation (tax, payment compliance). You may exercise your rights under the General Data Protection Regulation (GDPR) by contacting us at go@project9tech.com.
Project 9 Technologies is not intended for anyone under the age of 16. We do not knowingly collect personal information from individuals under 16. If we become aware that we have collected information from someone under 16, we will promptly delete that information and terminate the associated account.
If you are a parent or guardian and believe your child has created an account, please contact us immediately at go@project9tech.com.
Some browsers include a "Do Not Track" (DNT) feature that sends signals to websites. Project 9 Technologies does not currently respond to DNT signals, as there is no industry-standard protocol for DNT compliance. We treat all users the same regardless of DNT settings. If you prefer not to be tracked by analytics, you may use your browser's private browsing mode or disable cookies.
We may update this Privacy Policy to reflect changes in our practices, Services, or applicable law. When we make material changes, we will notify registered users by email at least 30 days before the changes take effect and update the "Last Updated" date at the top of this page.
Your continued use of the Services after the effective date of changes constitutes acceptance of the updated policy. We encourage you to review this page periodically.
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Project 9 Technologies
Project 9 Technologies
Email: go@project9tech.com
Website: project9tech.com
For privacy rights requests, include "Privacy Request" in your email subject line. We will respond within 10 business days for general inquiries, and within 45 days for formal CCPA/CPRA requests.
You may also file complaints with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office.