Finding problems worth solving
Legal

Privacy Policy

Last updated 2026-05-24

How What's Your Problem? collects, uses, and protects your information.

On this page
  1. 01Who we are
  2. 02Scope of this policy
  3. 03Information we collect
  4. 04Why we collect this information
  5. 05How contact details are shown
  6. 06How we store and secure information
  7. 07How long we keep your information
  8. 08Sharing with third parties
  9. 09Your rights and choices
  10. 10Children
  11. 11Changes to this policy
  12. 12Contact

Last updated: 2026-06-17

"What's Your Problem?" is a free, public problem showcase run as an initiative by ProCreator, an Indian-incorporated entity. This Privacy Policy explains what personal information we collect when you use the platform, why we collect it, how it is stored and shared, and what choices you have. By using the platform you confirm that you have read and understood this policy.

If anything below is unclear, please reach out to us at problem-support@procreator.in and we will respond within two business days.

Who we are

The platform is operated by ProCreator, an Indian product company headquartered in Mumbai, Maharashtra. References to "we", "us", and "our" in this document mean ProCreator. References to "you" or "your" mean any person who creates an account, submits a problem, votes on a problem, marks interest in solving a problem, or interacts with the platform in any other way.

Scope of this policy

This policy covers the public showcase at our domains (whatyourproblem.com and whats-your-problem.com), the marketing site, the logged-in dashboard, the admin tools used by our internal team, and any related communications we send you by email.

This policy does not cover third-party sites linked from the platform. If you click through to an external site (for example a source link for a listed problem), that site has its own privacy practices and we recommend you read them.

Information we collect

We collect only the information we need to operate the platform and improve it. The categories are:

Account information

  • Your name as you provide it during sign-up.
  • Your email address (used as your unique login identifier, your primary communication channel, and, when you submit a problem, shown publicly so people can reach out to you).
  • A password hash if you sign up with email and password. We never store the plain text password.
  • Authentication provider details if you use Google sign-in. We receive your name, email, and avatar URL from the provider; we do not receive your Google password.
  • Your role on the platform (problem submitter or admin).
  • Email verification status and any unique tokens used to verify or reset your account. These tokens are time-limited and single-use.

Business profile information

If you sign up as a business problem submitter we may also collect your company name, a business email address on a corporate domain, an optional company website, your role inside the company, and an approximate company size band (1 to 10, 11 to 50, 51 to 200, 201 to 500, 500 or more).

We block free webmail domains such as gmail.com, yahoo.com, outlook.com, and hotmail.com from being used as business email addresses, so that business identities are verifiable.

Submitted problems and votes

  • Every problem you publish on the platform, including its title, description, category, tags, platform needed, pain level, and the status you set.
  • Every upvote or downvote you cast. We store one vote per user per problem and the timestamps when you placed or switched the vote.

Interest in solving a problem

  • When you mark "I want to solve this" on a problem, we record that you are interested, together with the timestamp. The submitter of that problem, and our admins, can see the name and email of people who have marked interest so they can reach out to you.

Reports and moderation actions

  • Reports filed against a problem, the reason, and the action taken by an admin.
  • Issues you report about the website itself through the "Report an issue" page, including the category, your message, an optional email, and the page you were on.

Logs and operational data

  • IP address, user agent, and basic device information, used to detect abuse and rate-limit sensitive actions.
  • Application logs that capture errors and performance metrics. These logs may incidentally contain identifiers needed to debug an issue.

Cookies and sessions

  • A first-party session cookie used by Auth.js (NextAuth) to keep you signed in.
  • A session-state cookie used to support OAuth login redirects.
  • A first-party preference value (stored in your browser) that records your analytics consent choice, so we do not ask you again on every visit.
  • Google Analytics cookies (such as _ga), set only after you accept analytics in the consent banner. See the "Analytics" section below.
  • We do not use third-party advertising trackers, ad-retargeting pixels, or fingerprinting scripts on the platform. The only third-party analytics we use is Google Analytics, in a privacy-protective configuration with advertising signals turned off, as described under "Analytics".

Analytics

We use Google Analytics 4 (a service provided by Google) to understand, in aggregate, how visitors use the showcase: which pages are viewed, which features are used, and how people move through the site. This helps us improve the platform. Analytics is configured to protect your privacy:

  • Consent first. Analytics is off by default. We load it using Google Consent Mode v2 with all storage denied until you choose. No analytics cookie is set and no analytics data is sent until you click "Accept" in the cookie-consent banner. If you decline, analytics stays off.
  • No advertising use. Ad storage, ad personalization, and ad user-data signals are kept denied at all times. We do not use Google Analytics for advertising, remarketing, or to build advertising profiles.
  • IP anonymization. We enable IP anonymization, so your IP address is truncated before it is stored by Google.
  • No personal identifiers. We never send your name, email, or other directly identifying information to Google Analytics. We track anonymous behaviour only.
  • Staff excluded. Sessions belonging to our own team (admins and staff) are excluded from analytics so internal usage does not skew the data.
  • Cookies used. When you accept, Google Analytics sets first-party cookies (such as _ga and _ga_<id>) in your browser to distinguish anonymous visitors and sessions.

How to opt out or change your mind:

  • Decline analytics in the consent banner, or simply do not accept it.
  • Clear the analytics consent preference and cookies in your browser to be asked again.
  • Use your browser's "Do Not Track" or cookie controls, or install Google's official browser opt-out add-on.

Google processes this data as described in Google's own privacy policy. Because Google is a non-Indian provider, accepting analytics may involve a transfer of anonymous usage data outside India.

Why we collect this information

We use the information above to:

  • Create and authenticate your account.
  • Display your name and submitter type on a problem card after you publish it.
  • Show your email publicly on a problem you submit, so that people can reach out to you about it.
  • Aggregate votes to rank problems for the public showcase.
  • Record when you mark interest in solving a problem, and show that interest to the problem's submitter and to our admins so they can contact you.
  • Rank people on the public leaderboard by how many problems they have marked interest in solving.
  • Detect and prevent abuse, spam, and vote manipulation.
  • Communicate operational notices, account safety updates, and material changes to this policy.

We do not charge any fees, we do not process payments, and we do not sell your personal information to third parties.

How contact details are shown

This is a free, open showcase. When you submit a problem, the email on your account is shown publicly on that problem so that anyone can reach out to you directly. If you do not want your email shown publicly, do not submit a problem.

When you mark interest in solving someone else's problem, your name and email become visible to that problem's submitter and to our admins, so they can contact you. They are not shown to the general public.

How we store and secure information

  • Our primary database is PostgreSQL hosted in an Indian region. We use Prisma as the ORM and run schema migrations through a tracked pipeline.
  • Passwords are hashed with bcrypt at a cost factor of 10 or higher. Reset tokens are random 32-byte values, hashed at rest, and expire within a short window.
  • Sessions use industry-standard signed JWTs or database sessions, configured per Auth.js (NextAuth v5) defaults.
  • We rate-limit login, signup, and password reset endpoints to make automated abuse harder.
  • We restrict admin access to a small set of named ProCreator employees.

No system is perfectly secure. If we ever discover an incident that materially affects your data, we will tell you what happened, what we did, and what you should do.

How long we keep your information

  • Account information stays as long as your account is active. If you delete your account, we soft-delete personal identifiers (name, email) within thirty days and retain only the aggregated, non-identifying signal needed for showcase integrity (vote counts and interest counts without your identity).
  • Logs are retained for ninety days unless they relate to an active investigation.

Sharing with third parties

We share information only with service providers we need to operate the platform. The current list is short:

  • The Indian cloud provider that hosts our PostgreSQL database.
  • The Indian cloud provider that hosts the application servers.
  • The OAuth provider you choose at sign-in time (currently Google for individual users).
  • Google Analytics, but only if you accept analytics in the consent banner, and only anonymous usage data with advertising signals disabled (see "Analytics" above).

We will publish updates to this list when it changes.

We may also disclose information when we are required to by law, when a court directs us to, or when we reasonably believe disclosure is necessary to protect users from imminent harm.

Your rights and choices

You can:

  • View and edit your account information from the dashboard at any time.
  • Change your password or your business details.
  • Delete your account from the dashboard. We will confirm before processing the deletion.
  • Request a copy of the personal information we hold about you by emailing problem-support@procreator.in. We will respond within thirty days.
  • Object to a specific use of your data. We will assess every request individually.

If you are based in a jurisdiction that grants you additional data rights, please write to us and we will treat your request in line with the applicable rules.

Children

The platform is not intended for users below the age of eighteen. If you are below eighteen, please do not create an account. If you believe a minor has created an account on the platform, please write to us and we will close it.

Changes to this policy

We may update this Privacy Policy from time to time. If we make a material change we will email registered users at the email on file and update the "Last updated" date at the top of this document. Continued use of the platform after a material change means you accept the updated policy.

Contact

Questions about this policy, requests for data access, or anything privacy related:

ProCreator Email: problem-support@procreator.in Address: Mumbai, Maharashtra, India

We aim to respond within two business days.