short version.

What we collect. Account info (email, first name, time zone), the messages, photos, and voice notes you choose to send, and city-level location if you opt in to Sky Window. Never your street. Never your precise GPS.

Who we share with. No one. We use Supabase as our database processor and Anthropic to run the Cooling Filter on messages you choose to rephrase. Your original plaintext is retained encrypted for ninety days, then purged.

Your rights.Export your full data or delete your account at any time from Settings. Deletion removes every letter, photo, and day you’ve logged together — your partner keeps their copy.

Changes.If we materially change how we handle your data, we’ll email you before the change takes effect. No quiet rewrites.