Privacy policy

Octolet is operated by [Legal entity name to be confirmed] ("we", "us"), a sole-trader / company based in the United Kingdom. We're the data controller for the personal data described in this policy.

For privacy questions, email hello@octolet.com.

We collect the following categories of personal data:

• Account information. Your name, email address, and avatar URL — created when you sign up via Clerk. We also receive a Clerk-issued user identifier.
• App content you create. The items, rooms, memories, scheduled drop-offs, and goals you log. This includes any free-text descriptions, attachment reasons, and stories you write, plus the photos you upload.
• Onboarding answers. The motivations, barriers, and emotional context you share during onboarding. These shape the AI features.
• AI conversation history. Messages you exchange with the "Help me decide" AI. Stored against your account so you can revisit them.
• Connected-people details. The names, email addresses, optional phone numbers, and relationships of people you invite as connected partners.
• Usage data. Streak history, daily summary totals, milestone unlocks, challenge progress, decision queue activity.
• Sell-prep data. If you mark items as "sell": AI valuations, listing copy, asking and sold prices. If you connect eBay, your eBay OAuth tokens are stored server-side only.
• Device data. Your Expo push notification token (if you grant notification permissions) and your device timezone.
• Crash and analytics data. If we have Sentry configured, anonymised crash traces. If we have PostHog configured, anonymised event metadata. Both can be turned off entirely from our backend at any point.

We do not collect: location data, contacts list, calendar entries, browsing history, files outside the photo picker, health data, or financial information beyond eBay tokens and item sale prices.

We use your data to:

• Provide the app's features (storing items, rooms, memories, etc.).
• Personalise the daily morning message and AI-companion conversations.
• Send notifications you've enabled.
• Deliver progress summaries to people you've invited.
• Diagnose crashes and improve the app.
• Comply with legal obligations.

Our lawful bases under UK GDPR are:

• Contract — most processing is necessary to provide the service you signed up for.
• Consent — for push notifications, optional analytics, and any future marketing emails.
• Legitimate interests — for crash reporting and service improvement, balanced against your privacy.

We do not use your data for behavioural advertising and we never sell it.

The app uses Anthropic's Claude API for several features:

• Photo recognition when you log an item — your photo and a system prompt are sent.
• Help me decide conversations — your messages, onboarding context, and item details are sent.
• Daily reflection and morning message — your activity stats and onboarding context are sent.
• Sell valuation — your photo, item name, and description are sent.
• Connected-person summaries — your activity stats (no item names or photos) are sent.

Anthropic's commercial terms include zero data retention by default, meaning your inputs are not used to train their models. See Anthropic's privacy policy for the canonical statement.

Our infrastructure providers (sub-processors) are:

• Convex — primary database and file storage. Most of your data lives here. Convex hosts in the US.
• Clerk — authentication and account identity.
• Anthropic — AI processing (see above).
• Resend — transactional email delivery.
• Expo — relays push notifications via Apple/Google push services.
• eBay — only if you connect eBay for selling.
• Sentry (optional) — crash reports.
• PostHog (optional) — anonymised analytics.
• Google Analytics 4 (marketing site only) — aggregate page-view and traffic-source statistics. Loaded with Consent Mode v2 in "denied" state by default; no measurement is collected unless you accept analytics cookies via the banner. IP anonymisation is enabled.

Each of these processors is bound by their own data-protection terms. Where data leaves the UK / EEA, we rely on standard contractual clauses or each provider's own adequacy mechanism.

Data is encrypted in transit (HTTPS / WSS) and at rest by our infrastructure providers. We use industry-standard access controls and authenticate every server-side request.

We keep your data for as long as your account exists. When you delete your account from inside the app, we delete every record and every photo within seconds. Your Clerk authentication identity is also removed at that time. Deletion is irreversible.

AI conversation history is kept for as long as the related item exists; deleting an item also deletes its conversation. Crash reports and analytics events have separate retention windows managed by Sentry and PostHog respectively (typically 30 to 90 days).

We share data only with people you explicitly invite as connected people, and only to the extent of the permissions you set for each one (e.g. progress summaries vs. specific item review requests). AI conversations are private to your account and are never shown to connected people.

We don't sell, rent, or otherwise commercialise your data. We don't use it for marketing without your explicit consent.

Under UK GDPR you have the right to:

• Access the personal data we hold about you. The in-app "Download my data" button on your Profile gives you a JSON export of everything; you can also email us.
• Rectify inaccurate data. Most fields are editable in the app; for anything else, email us.
• Erase your data. The in-app "Delete my account" flow does this immediately; you can also email us.
• Restrict or object to processing in certain circumstances.
• Data portability — the JSON export covers this.
• Withdraw consent at any time, where consent was the basis (e.g. notifications can be turned off in Profile).
• Complain to the UK Information Commissioner's Office (ICO) at ico.org.uk if you think we've handled your data unlawfully.

To exercise any of these rights, email hello@octolet.com. We aim to respond within 30 days.

Octolet is intended for adults. We do not knowingly collect personal data from anyone under 13. If you believe a child has created an account, please email us and we'll delete it.

The app itself does not use cookies. The marketing site (www.octolet.com) uses a small number of strictly-necessary cookies to remember your dark-mode preference and your cookie choices.

If you accept analytics via the cookie banner, the site loads Google Analytics 4 with IP anonymisation enabled, which sets first-party _ga cookies to count unique visitors and pages. No analytics cookies are set, and no events are sent, until you accept. You can change your mind at any time via "Manage cookies" in the footer — declining immediately stops further measurement.

When we make material changes, we'll notify you via the app or by email at the address on your account. The "last updated" date at the top of this page always reflects the current version.