Your stuff is yours.

The 60-second version: Ezra has two modes. Personal mode (default) — Ezra only reads what you ask. Business mode (opt-in) — when you ask Ezra to manage your affiliate program or find offers, Ezra polls the data needed for that job, and only that job. Both modes share the same floor: no data sold, no training on your data, full audit log on demand, deletable in one message.

Personal mode (default)

This is what Ezra does for you when you haven't enabled any business activity. Email, calendar, reminders, life management. The original commitments.

• We collect only what's needed. Your name, phone, the conversations between you and Ezra, and the data from services you connect.
• We do not sell your data. Not to anyone, ever.
• We do not train AI models on your data. Yours or anyone else's. We use Anthropic's Claude API, which doesn't train on inputs by default.
• Ezra only reads what you ask him to. He doesn't browse your inbox in the background.
• Delete everything with one text. "Delete me" wipes your account within 24 hours.
• Security incidents: 72-hour notification. Policy changes: iMessage notice 7 days before they take effect.

Business mode (opt-in only)

When you ask Ezra to manage business activities for you — running an affiliate program, finding offers, tracking conversions — Ezra needs ongoing access to track what's happening. Personal-mode commitments above still apply; business mode is additive, not an exception:

• Each activity is opt-in. Enabling "manage my Shopify affiliate program" doesn't enable Ezra to read your personal email. You turn on each thing separately, by name. We tell you exactly what's being enabled before we enable it.
• You can pause monitoring any time. Text "pause business" and Ezra stops all background monitoring immediately. Resume with "resume business". You don't lose any data — Ezra just stops checking until you say so.
• Ezra never acts without confirming. Detecting a new conversion or fraud signal is fine — sending a message, signing a contract, adjusting a payout, or pausing a partner all require an explicit yes from you per action. No auto-execution.
• Full audit log visible on demand. Text "what did you check today" and Ezra returns every monitor that ran and every action taken. Same applies to "what did you check this week" or "show me last month's actions".
• Business data deletes when you cancel. Turn off business mode and Trcker erases your offers, partners, and conversion data within 24 hours. Same protections as personal-mode "delete me".
• Trcker is the engine. Behind the scenes, Ezra uses Trcker (your trcker.io account, created automatically when you enable business mode) to handle tracking, attribution, and payouts. You can log into trcker.io directly any time. Your data lives there with the same protections as everywhere else Ezra works.
• OAuth scopes minimized per activity. When you connect Shopify, Ezra asks for the minimum scope to install tracking — not your customer list, not your inventory, not unrelated data. Same for Stripe, Meta, Google, etc. Each scope is named in the OAuth screen before you authorize.

The short version (both modes)

• You explicitly turn on what Ezra can do. Personal mode reads only on request. Business mode adds named, opt-in monitoring activities.
• We do not sell your data. Not to anyone, ever, in either mode.
• We do not train AI models on your data. Anthropic's Claude API, no-training mode. Voice models for caption drafting (business mode) are user-scoped — your patterns never inform anyone else's account.
• Ezra never acts without confirming. Both modes — every consequential action requires your yes.
• Delete everything with one text. "Delete me" wipes your account, conversation history, business data, and Trcker records within 24 hours.
• Security incidents: 72-hour notification. Policy changes: iMessage notice 7 days before they take effect.

1. What we read and why

From you

• Your name and phone. So we know who's talking to Ezra.
• Your messages to Ezra. Every iMessage you send to his number, plus the timezone we infer from your area code (you can override).
• Anything you paste in. Links, content, anything you choose to share.
• Photos you send Ezra. Forwarded to Claude's vision API for that turn so Ezra can read or describe them, then dropped. We don't store images.
• Subscription/billing info, when paid features ship. Handled by Stripe; we never see your full card.

From services you connect

• Only the specific data Ezra needs to do the task you asked
• Only at the moment you ask him to do it (personal mode) or on the cadence you opted in to (business mode)
• Read with the permissions you authorized. Never broader

What we don't collect

• Browsing history outside our service
• Your contact list (unless you explicitly share contacts)
• Location data beyond country-level
• Microphone or camera data
• Anything from connected services beyond what you authorized

2. What Ezra remembers (and what he forgets)

What we keep, and for how long

• Your conversation history with Ezra. Stored in our database (Neon, see section 3). Default retention is 90 days, then auto-deleted. You can adjust from 24 hours to 1 year by texting "set retention to N days".
• Vector embeddings of your conversations. Generated by Voyage AI (see section 3) so Ezra can semantically recall what you've talked about before. Same retention as the conversation history.
• Profile facts about you. Name, what you do, key contacts, preferences. Kept until you delete them.
• An audit log of every read or write Ezra performs on your behalf (memory access, tool calls, OAuth events, business-mode polls). Same 90-day retention as conversations.
• OAuth connection records. Just metadata (which apps you've connected, when, the email address you used). The actual access tokens live on Composio's infrastructure (see section 3), not ours.
• Business-mode data (Trcker). Brand records, offers, partners, conversions, payouts. Lives in your Trcker account. Deletable independently or as part of "delete me".
• Subscription state, when paid features exist. Kept while active, deleted within 30 days of cancellation.

What we don't keep

• The contents of emails, calendar events, or documents Ezra reads through connected services. Processed in real-time, then dropped.
• Past task details beyond what's in your conversation history.
• Anything older than your retention setting.
• Photos you send Ezra. Forwarded to Claude's vision API for that turn, then dropped.
• Voice memos. Audio is forwarded to Cloudflare's Whisper transcription service (see section 3) for that turn and dropped on their side per their AI terms. Transcript is saved into your conversation history.

Your right to delete

• "Delete me" → full account wipe within 24 hours. Propagates to: our database (cascade delete of conversations, profile, audit log), Trcker (cascade delete of brand, offers, partners, conversions, payouts), Voyage (no action needed; they don't retain submitted text), Composio (we revoke connections via their API; tokens deleted on their side), and Sentry (we strip your user_id from any captured errors). Backups are purged within 30 days.
• "Forget [topic]" → targeted removal of specific items.
• "Pause business" → stops all business-mode polling immediately, keeps existing data until you say to delete it.
• Email us at the address in section 11 for any other deletion request.

3. Who else touches your data

First, the question we get most: can Ezra read my other text messages? No. Ezra only sees the messages you send directly to his phone number. Your conversations with everyone else are between you and them. Apple's iMessage encryption protects them. Ezra is not a system-level app, not installed on your phone, and has no access to anything outside the thread you started.

Below is the complete list of third-party services that touch your data when you use Ezra. We don't share data with any other party. We don't share with advertisers, marketers, data brokers, or anyone not listed here.

Inference

Anthropic (Claude AI). What they receive: the text content of your messages to Ezra, plus relevant context from your conversation history and profile. What they retain: nothing per their API terms (no training on inputs, no retention beyond a 30-day abuse-monitoring window). Anthropic's privacy policy: anthropic.com/privacy.

Voyage AI (embeddings). What they receive: short text snippets from your messages to compute semantic search vectors. What they retain: nothing per their API terms. Voyage's privacy policy: voyageai.com/privacy.

Delivery (multi-channel)

LoopMessage (iMessage relay). What they receive: your iMessages to Ezra and Ezra's replies, while in transit. They route messages between Apple's iMessage network and our backend. Apple's end-to-end encryption applies between you and the Apple ID Ezra uses. LoopMessage: loopmessage.com/privacy.

Twilio (SMS, WhatsApp). What they receive: SMS and WhatsApp messages between you and Ezra, in transit. Used when you choose SMS or WhatsApp instead of iMessage, or as fallback. Twilio: twilio.com/legal/privacy.

Email providers (Gmail, Outlook, native SMTP). When you choose email as your channel, messages route through standard email infrastructure. Subject to your email provider's terms.

Third-party app connections

Composio (OAuth + tool routing). What they receive: your OAuth access tokens for any apps you connect (Gmail, Calendar, Slack, Notion, Shopify, Stripe, etc.), and the API calls Ezra makes against those apps. SOC 2 audited. We chose this so your tokens don't live on our infrastructure. Composio's privacy policy: composio.dev/privacy.

Connected services themselves. Once you connect a service, that service governs its own data per its own privacy policy. We only access what you explicitly ask Ezra to access.

Business-mode infrastructure

Trcker. When you enable business mode, Ezra creates a Trcker account on your behalf and uses it to track clicks, conversions, attribution, fraud, and payouts. Trcker is operated by us, runs on Neon Postgres + Vercel, and your data lives there as long as your account exists. Audit-logged via WorkOS. Deletable independently or via "delete me".

Stripe Connect. Used to disburse affiliate payouts directly from brands to creators. Stripe stores payment account info on their PCI-compliant infrastructure. We never see full card details. Stripe's privacy policy: stripe.com/privacy.

WorkOS (audit logs + organization management). Stores brand-level audit events (who created what, when). SOC 2 Type II. WorkOS: workos.com/privacy.

Hosting and infrastructure

Neon (Postgres database). Where conversation history, profile facts, audit log, and Trcker records live at rest. SOC 2 Type II audited, encrypted at rest and in transit. Neon: neon.tech/privacy.

Fly.io (Ezra runtime). Where the Ezra agent process runs. Receives webhook payloads from LoopMessage and Twilio in transit. No persistent user data on Fly's filesystem. Fly: fly.io/legal/privacy-policy.

Vercel (Trcker runtime). Where the Trcker platform runs. Receives postback and webhook events. Vercel: vercel.com/legal/privacy-policy.

Cloudflare (DNS, email routing, voice transcription). Provides DNS for textezra.com and trcker.io. Routes email sent to support addresses. Runs the Whisper speech-to-text model that transcribes voice memos: audio bytes go to Cloudflare's AI endpoint, transcript comes back, audio is dropped. Cloudflare: cloudflare.com/privacypolicy.

Operations

Sentry (error tracking). When the agent crashes, Sentry receives the traceback plus your user ID for correlation. We disable PII capture; message text and tool inputs are not sent. Sentry retains errors for 30 days. Sentry: sentry.io/privacy.

Plausible (website analytics, textezra.com only). Counts page views, no cookies, no personal data, no fingerprinting, no cross-site tracking. Does not see anything inside iMessage with Ezra. Plausible: plausible.io/data-policy.

4. What we will never do

• We will never sell your data.
• We will never use your data to train AI models.
• We will never read messages or services beyond what you explicitly ask (personal mode) or opted into (business mode).
• We will never share your data with advertisers or marketers.
• We will never collect biometric data.
• We will never sell or transfer your data in a corporate acquisition without notifying you in advance.
• We will never act on your behalf in business mode without per-action confirmation.
• We will tell you about security incidents within 72 hours of confirming them.
• We will tell you about meaningful policy changes via your channel of choice before they take effect.
• We will never penalize you for exercising any of your privacy rights.

5. Your rights

You have rights over your data. Some come from law (GDPR, CCPA/CPRA, similar). All of them, we honor for everyone, regardless of where you live.

• Right to access: "Show me my data" or "Export my data."
• Right to deletion: "Delete me" or "Forget [item]."
• Right to correction: Just tell Ezra what's wrong.
• Right to portability: Full JSON export on request, including Trcker business data.
• Right to opt out of sale: We don't sell, but the right is yours.
• Right to non-discrimination: We won't penalize you for using these rights.
• Right to pause monitoring: Business-mode users can pause all polling at any time.

6. Security

• All data encrypted in transit (TLS 1.3) and at rest (AES-256).
• OAuth tokens stored with additional encryption layers (Fernet on Ezra side, encrypted at rest on Composio side).
• iMessage messages encrypted by Apple's iMessage encryption.
• Production database access requires multi-factor auth.
• Backups encrypted, retained 30 days, then permanently deleted.
• Trcker fraud detection (Trcker Radar) screens all click and conversion events for suspicious activity.
• SOC 2 Type 1 audit on the roadmap.

7. Children

Ezra is not intended for users under 18. We do not knowingly collect data from minors. Contact us if you believe a minor signed up; we'll delete the account immediately.

8. International users

Data is stored in the United States. By using the service, you consent to this transfer. We comply with GDPR for EU/UK users and similar laws elsewhere. EU/UK users have additional rights, including the right to lodge a complaint with a supervisory authority. EU AI Act Article 50 transparency requirements apply to business mode (we disclose AI involvement in every relevant message).

9. State-specific rights

California (CCPA/CPRA): California residents have all the rights described above, plus the right to know what categories of personal information we collect, use, and share, and the right to limit use of sensitive personal information.

Other states (Virginia, Colorado, Connecticut, Utah, Texas): Residents of states with similar privacy laws have substantially the same rights, which we honor.

10. Changes to this policy

Material changes: we'll send you a message in your preferred channel at least 7 days before they take effect.

Minor changes (clarifications, typos): "last updated" date is updated.

Continued use after changes take effect means you accept the updated policy. If you don't accept, text "delete me" or email us before the effective date.

11. Contact

For privacy questions, data requests, or anything else: email privacy@textezra.com. We aim to respond within 7 days.

This policy was last updated on May 10, 2026.