Legal

Privacy Policy

This policy explains how Crux Interactive collects, uses, shares, and protects information across Crux ID, CruxAI, Connect, Crux Cloud, developer APIs, games, websites, mobile apps, and related services.

Effective: June 17, 2026 Contact: admin@cruxinteractive.com

1. Scope

This Privacy Policy applies to Crux Interactive services that link to it, including cruxinteractive.com, id.cruxinteractive.com, account.cruxinteractive.com, ai.cruxinteractive.com, connect.cruxinteractive.com, cloud.cruxinteractive.com, CruxAI apps, CruxAI APIs, and game integrations that use Crux ID.

Some services include links to third-party websites, platforms, stores, or sign-in providers. Their privacy practices are governed by their own policies.

This policy is meant to be readable and practical. It does not limit any privacy rights you may have under applicable law.

2. Information we collect

Account and profile information

When you create or manage a Crux ID, we collect information such as username, email address, password hash, verification status, profile picture, date of birth or age information where requested, linked Google or Apple account identifiers, and account settings.

Authentication, security, and device information

We collect information used to secure your account and operate the services, including session cookies, CSRF tokens, IP address, user agent, login/session activity, last IP, two-factor authentication settings, hashed backup codes, email verification or 2FA code records, and security logs.

User content and social activity

We collect content you create or upload, such as posts, comments, bookmarks, reactions, direct messages, guild messages, friend requests, blocked-user settings, reports, profile bios, status messages, game stats, game saves, wallet or reward records, and Discord linking data if you connect Discord.

Crux Cloud files

If you use Crux Cloud, we collect uploaded files and file metadata, including original filenames, stored filenames, MIME type, size, folder names, tags, visibility, share tokens, thumbnails or image indexing data when enabled, storage quota data, and access logs for viewing, downloading, sharing, editing, or deleting files.

CruxAI chats, images, and app data

CruxAI may collect prompts, messages, generated responses, conversation titles, attachments, image prompts, generated images, app/system prompts you create, canvas data, sandbox files, model selections, web-search settings, sources, usage counts, and optional memory/profile fields such as display name, pronouns, interests, preferred tone, and saved memories.

Device permissions in CruxAI

CruxAI may request camera, microphone, speech recognition, photo library, reminders, and location permissions. These are used only for features you enable, such as attaching photos, saving generated images, live voice or camera mode, speech-to-text, creating reminders, weather, nearby places, and local recommendations.

Developer API and payment information

If you use the CruxAI developer API, we collect API key metadata and hashes, workspaces, data-sharing settings, usage logs, token and image counts, credit balances, free-usage counters, and payment/top-up records. Payment processing may be handled by Stripe, Apple, or another payment provider; we do not need to store full payment card details in our own application database.

3. How we use information

  • To create accounts, authenticate users, keep users signed in, and secure sessions across Crux Interactive subdomains.
  • To operate core features such as CruxAI chats, image generation, cloud storage, social posting, messaging, friends, guilds, game progress, and developer APIs.
  • To personalize CruxAI responses when you enable profile or memory features.
  • To process uploads, generate thumbnails, index files for search, create share links, and maintain cloud storage quotas.
  • To prevent abuse, debug errors, rate limit requests, protect accounts, enforce policies, and investigate reports.
  • To send transactional email such as verification, password, security, 2FA, and deletion-confirmation messages.
  • To process purchases, credits, subscriptions, refunds, chargebacks, and billing records.
  • To comply with legal obligations and preserve evidence where necessary for security, fraud prevention, or dispute resolution.

4. AI, apps, and connected services

CruxAI processes the prompts, chat history, attachments, images, location context, and settings needed to generate a response. Depending on the feature, that information may be processed by Crux Interactive model infrastructure or by third-party AI providers and services used to deliver AI responses, image generation, vision, speech, text-to-speech, web search, or file tools.

When you enable web search, search queries and related context may be sent to search or retrieval services. When you enable location, approximate or precise location fields that the app sends may be used for local answers, weather, nearby places, or search grounding. When you connect Google Drive, Gmail, Discord, Apple, Google Sign-In, or similar services, we use the connection only to provide the feature you requested and store tokens or metadata needed to maintain that connection.

The developer API includes an optional data-sharing program. When data sharing is off, the shared-log table is not written for that program. When you turn it on, API request and response payloads may be saved for product improvement, evaluation, debugging, and model-quality work, as described in the data-sharing interface.

5. How information is shared

We do not sell personal information. We do not share personal information for cross-context behavioral advertising based on the current services represented in this codebase.

We may share information in these situations:

  • With service providers: Hosting, storage, email delivery, analytics or logs, AI/model providers, payment processors, app stores, and infrastructure providers may process information for us.
  • With other users: Content you make public or share with friends, guilds, recipients, or link holders may be visible to those audiences.
  • With connected services: If you connect Google, Apple, Discord, Google Drive, Gmail, or similar integrations, information may move between Crux Interactive and that service to complete the action you requested.
  • For legal and safety reasons: We may disclose information to comply with law, protect users, investigate abuse, prevent fraud, enforce terms, or respond to valid legal requests.
  • Business changes: If Crux Interactive is involved in a merger, acquisition, financing, restructuring, or asset transfer, information may be transferred as part of that transaction subject to appropriate protections.

6. Cookies and similar technology

We use cookies and similar storage for login sessions, security, CSRF protection, preferences, and service operation. Crux ID session cookies may work across Crux Interactive subdomains so you can move between services without signing in repeatedly.

You can control cookies through your browser settings. Blocking essential cookies may prevent login, account management, cloud storage, and other authenticated services from working correctly.

7. Your choices and rights

  • You can update account details, change your password, manage 2FA, upload or remove profile pictures, disconnect supported OAuth providers, and manage parental links in your account settings.
  • You can delete or change many posts, comments, messages, files, folders, cloud shares, generated images, API keys, app settings, and other user-created content from the relevant service interface.
  • You can request a data copy or start an account deletion workflow from the Account Actions page. The current implementation allows a new data copy request once every 14 days and blocks data-copy requests while a deletion request is pending.
  • You can turn off CruxAI memory, auto-learn, location, camera, microphone, photos, speech recognition, reminders, and similar device permissions through app settings or your operating system.
  • You can revoke connected services, such as Discord or Google integrations, through Crux settings and the third-party provider's account controls.
  • Depending on where you live, you may have rights to access, correct, delete, export, restrict, object to, withdraw consent for, or appeal decisions about personal information. You can contact us to exercise those rights.
To make a privacy request, email admin@cruxinteractive.com. We may need to verify your identity before completing certain requests.

8. Children and family controls

Some Crux Interactive services include games, social features, or account controls that may be used by younger users. We may collect age or date-of-birth information to support age checks, account eligibility, parental links, family controls, and safety workflows.

If a service requires parental consent under applicable law, a child should use that service only with a parent or guardian's permission. Parents or guardians can contact us to review, delete, or restrict a child's personal information where required by law.

9. Retention and security

We keep information for as long as needed to provide the services, maintain accounts, preserve user content, operate backups, complete purchases, secure the platform, resolve disputes, enforce policies, or comply with law. Some deleted items may remain temporarily in backups, logs, caches, moderation records, or fraud-prevention records.

We use technical and organizational safeguards such as password hashing, session protections, CSRF checks, restricted storage directories, random stored filenames, access controls, API key hashing, and security logging. No system is perfectly secure, so you should use a strong password, protect your API keys, enable 2FA where available, and contact us if you believe your account has been compromised.

Crux Interactive is based in the United States. If you access the services from another region, your information may be processed in the United States or other countries where we or our service providers operate.

10. Changes and contact

We may update this Privacy Policy as our services, codebase, providers, or legal requirements change. When we make material changes, we will update the effective date and may provide additional notice where appropriate.

Questions or privacy requests can be sent to:

Crux Interactive
admin@cruxinteractive.com
https://cruxinteractive.com