Privacy Policy
DRAFT - This policy is a placeholder pending legal review.
Last updated: July 05, 2026
1. What We Collect
Deepen collects information you provide directly, including:
- Account information (email address, password)
- Diary-style entries (text and voice recordings)
- Contact details parsed from your entries (names, relationships, activities)
- Location data if you choose to tag entries
- Payment information processed through Stripe
2. How We Use Your Data
Your data is used to:
- Provide the core Deepen service: parsing entries, building your contact database, and surfacing relationship insights
- Process voice recordings into text via AI transcription
- Parse names, places, and activities from your entries using AI
- Send you notifications and reminders about your relationships
- Process payments and manage your subscription
3. Data Encryption & Security
We take the security of your personal information seriously. All sensitive data is encrypted at rest using Active Record Encryption. This includes your entry text, contact names, phone numbers, email addresses, and notes. Data is also encrypted in transit using TLS.
Your password is securely hashed and stored separately from your account data. We enforce strong password requirements and provide account lockout protection against brute-force attacks.
4. Third-Party Services
Deepen uses the following third-party services to provide its functionality:
- Anthropic (Claude) - AI-powered parsing of your diary entries to extract contacts, activities, and relationships. Entry text is sent to Anthropic's API for processing.
- OpenAI (Whisper) - Voice-to-text transcription of audio entries. Audio recordings are sent to OpenAI's API for transcription.
- Stripe - Payment processing for subscriptions. We do not store your credit card details; Stripe handles all payment data.
- Sentry - Error tracking and monitoring to maintain service reliability. No personally identifiable information is intentionally sent to Sentry.
5. Data Retention
Your data is retained for as long as your account is active. When you delete your account, we will delete all associated data, including entries, contacts, interactions, and any uploaded files. Some data may be retained in encrypted backups for up to 30 days after deletion.
Soft-deleted records (entries, contacts) are retained for 30 days to allow recovery, after which they are permanently removed.
6. Your Rights
You have the right to:
- Access - Export all your data at any time through the Data Export feature
- Correct - Edit your entries, contacts, and profile information
- Delete - Delete individual entries, contacts, or your entire account
- Port - Download your data in a standard format via Data Export
7. Data Isolation
Deepen uses row-level security and application-level tenant isolation to ensure your data is completely separated from other users' data. No user can access another user's entries, contacts, or any other personal information.
8. Contact
If you have questions about this privacy policy or your data, please contact us at privacy@deeepen.com.