Your stuff is yours.

The 60-second version: We read what you ask us to read. We don't sell your data. We don't train AI models on it. You can delete everything with one text. If something goes wrong, we'll tell you in 72 hours.

The short version

• We collect only what's needed. Your name, phone, the conversations between you and Ezra, and the data from services you connect.
• We do not sell your data. Not to anyone, ever.
• We do not train AI models on your data. Yours or anyone else's. We use Anthropic's Claude API, which doesn't train on inputs by default.
• Ezra only reads what you ask him to. He doesn't browse your inbox in the background.
• Delete everything with one text. "Delete me" wipes your account within 24 hours.
• Security incidents: 72-hour notification. Policy changes: iMessage notice before they take effect.

1. What we read and why

From you

• Your name and phone. So we know who's talking to Ezra.
• Your messages to Ezra. Every iMessage you send to his number, plus the timezone we infer from your area code (you can override).
• Anything you paste in. Links, content, anything you choose to share.
• Photos you send Ezra. Forwarded to Claude's vision API for that turn so Ezra can read or describe them, then dropped. We don't store images.
• Subscription/billing info, when paid features ship. Handled by Stripe; we never see your full card.

From services you connect

• Only the specific data Ezra needs to do the task you asked
• Only at the moment you ask him to do it
• Read with the permissions you authorized. Never broader

What we don't collect

• Browsing history outside our service
• Your contact list (unless you explicitly share contacts)
• Location data beyond country-level
• Microphone or camera data
• Anything from connected services beyond what you authorized

2. What Ezra remembers (and what he forgets)

What we keep, and for how long

• Your conversation history with Ezra. Stored in our database (Neon, see section 3). Default retention is 90 days, then auto-deleted. You can adjust from 24 hours to 1 year by texting "set retention to N days".
• Vector embeddings of your conversations. Generated by Voyage AI (see section 3) so Ezra can semantically recall what you've talked about before. Same retention as the conversation history. Voyage receives the text to compute the embedding; the text itself is not retained on Voyage's side per their policy.
• Profile facts about you. Name, what you do, key contacts, preferences. Kept until you delete them. You can see all of them by texting "what do you know about me" and remove any with "forget [thing]".
• An audit log of every read or write Ezra performs on your behalf (memory access, tool calls, OAuth events). This is what powers "show me my activity" requests. Same 90-day retention as conversations.
• OAuth connection records. Just metadata (which apps you've connected, when, the email address you used). The actual access tokens live on Composio's infrastructure (see section 3), not ours. Records are deleted instantly when you disconnect a service.
• Subscription state, when paid features exist. Kept while active, deleted within 30 days of cancellation.

What we don't keep

• The contents of emails, calendar events, or documents Ezra reads through connected services. We process them in real-time, then drop.
• Past task details beyond what's in your conversation history.
• Anything older than your retention setting.
• Photos you send Ezra. They're forwarded to Claude's vision API for that turn, then dropped. We don't store images.
• Voice memos you send Ezra. The audio is forwarded to Cloudflare's Whisper transcription service (see section 3) for that turn and dropped on their side per their AI terms. The resulting transcript is saved into your conversation history under your retention setting, exactly as if you'd typed it.

Your right to delete

• "Delete me" → full account wipe within 24 hours. This propagates to: our database (cascade delete of conversations, profile, audit log), Voyage (no action needed; they don't retain submitted text), Composio (we revoke connections via their API; tokens deleted on their side), and Sentry (we strip your user_id from any captured errors). Backups are purged within 30 days.
• "Forget [topic]" → targeted removal of specific items.
• Email us at the address in section 11 for any other deletion request.

3. Who else touches your data

First, the question we get most: can Ezra read my other text messages? No. Ezra only sees the messages you send directly to his phone number. Your conversations with everyone else (your partner, family, group chats, work threads) are between you and them. Apple's iMessage encryption protects them, just like it always has. Ezra is not a system-level app, not installed on your phone, and has no access to anything outside the thread you started.

Below is the complete list of third-party services that touch your data when you use Ezra. We don't share data with any other party. We don't share with advertisers, marketers, data brokers, or anyone not listed here.

Inference

Anthropic (Claude AI). What they receive: the text content of your messages to Ezra, plus relevant context from your conversation history and profile. What they retain: nothing per their API terms (we use the standard API which doesn't train on inputs and doesn't retain prompts beyond a 30-day abuse-monitoring window). Round trip is one to three seconds. Anthropic's privacy policy: anthropic.com/privacy.

Voyage AI (embeddings). What they receive: short text snippets from your messages to compute semantic search vectors. What they retain: nothing per their API terms. The inputs are processed and dropped. Voyage's privacy policy: voyageai.com/privacy.

Delivery

Loop Message (iMessage relay). What they receive: your iMessages to Ezra and Ezra's replies, while in transit. They route messages between Apple's iMessage network and our backend. Apple's end-to-end encryption applies between you and the Apple ID Ezra uses. What they retain: per their privacy policy. Loop Message: loopmessage.com/privacy.

Third-party app connections

Composio (OAuth + tool routing). What they receive: your OAuth access tokens for any apps you connect (Gmail, Calendar, Slack, Notion, etc.), and the API calls Ezra makes against those apps. What they retain: encrypted access tokens for as long as you keep the connection active, deleted when you disconnect. Composio is SOC 2 audited. We chose this so your tokens don't live on our infrastructure. Composio's privacy policy: composio.dev/privacy.

Connected services (Gmail, Google Calendar, Slack, Notion, etc.) themselves. Once you connect a service, that service governs its own data per its own privacy policy. We only access what you explicitly ask Ezra to access.

Hosting and infrastructure

Neon (Postgres database). Where your conversation history, profile facts, and audit log live at rest. SOC 2 Type II audited, encrypted at rest and in transit. Neon's privacy policy: neon.tech/privacy.

Fly.io (application runtime). Where the Ezra agent process runs. Receives webhook payloads from Loop Message in transit. No persistent user data is stored on Fly's filesystem. Fly's privacy policy: fly.io/legal/privacy-policy.

Cloudflare (DNS, email routing, voice transcription). Cloudflare provides DNS for textezra.com and routes email sent to support@textezra.com through to our backend. Cloudflare also runs the Whisper speech-to-text model that transcribes any voice memo you send Ezra: the audio bytes are POSTed to Cloudflare's AI endpoint, a text transcript comes back, and the audio is dropped on Cloudflare's side per their AI terms (no retention, no model training on your inputs). Cloudflare's privacy policy: cloudflare.com/privacypolicy.

Operations

Sentry (error tracking). When the Ezra agent crashes, Sentry receives the Python traceback plus your user ID for correlation. We explicitly disable PII capture, so message text and tool inputs are not sent. Sentry retains errors for 30 days. Sentry's privacy policy: sentry.io/privacy.

Plausible (website analytics, textezra.com only). Plausible counts page views and aggregate clicks on the marketing site (textezra.com). It uses no cookies and stores no personal data. No IP retention, no fingerprinting, no cross-site tracking. It does not see anything you do inside iMessage with Ezra. Plausible's data policy: plausible.io/data-policy.

Payments (when paid features exist)

Stripe. When paid features ship, Stripe will handle billing and store your card on its PCI-compliant infrastructure. We never see your full card details. Stripe's privacy policy: stripe.com/privacy.

4. What we will never do

• We will never sell your data.
• We will never use your data to train AI models.
• We will never read messages or services beyond what you explicitly ask.
• We will never share your data with advertisers or marketers.
• We will never collect biometric data.
• We will never sell or transfer your data in a corporate acquisition without notifying you in advance.
• We will tell you about security incidents within 72 hours of confirming them.
• We will tell you about meaningful policy changes via iMessage before they take effect.
• We will never penalize you for exercising any of your privacy rights.

5. Your rights

You have rights over your data. Some come from law (GDPR, CCPA/CPRA, similar). All of them, we honor for everyone, regardless of where you live.

• Right to access: "Show me my data" or "Export my data."
• Right to deletion: "Delete me" or "Forget [item]."
• Right to correction: Just tell Ezra what's wrong.
• Right to portability: Full JSON export on request.
• Right to opt out of sale: We don't sell, but the right is yours.
• Right to non-discrimination: We won't penalize you for using these rights.

6. Security

• All data encrypted in transit (TLS 1.3) and at rest (AES-256).
• OAuth tokens stored with additional encryption layers.
• iMessage messages encrypted by Apple's iMessage encryption.
• Production database access requires multi-factor auth.
• Backups encrypted, retained 30 days, then permanently deleted.
• SOC 2 Type 1 audit on the roadmap.

7. Children

Ezra is not intended for users under 18. We do not knowingly collect data from minors. Contact us if you believe a minor signed up; we'll delete the account immediately.

8. International users

Data is stored in the United States. By using the service, you consent to this transfer. We comply with GDPR for EU/UK users and similar laws elsewhere. EU/UK users have additional rights, including the right to lodge a complaint with a supervisory authority.

9. State-specific rights

California (CCPA/CPRA): California residents have all the rights described above, plus the right to know what categories of personal information we collect, use, and share, and the right to limit use of sensitive personal information.

Other states (Virginia, Colorado, Connecticut, Utah, Texas): Residents of states with similar privacy laws have substantially the same rights, which we honor.

10. Changes to this policy

Material changes: we'll send you an iMessage at least 7 days before they take effect.

Minor changes (clarifications, typos): "last updated" date is updated.

Continued use after changes take effect means you accept the updated policy. If you don't accept, text "delete me" or email us before the effective date.

11. Contact

For privacy questions, data requests, or anything else: email privacy@ezra.example. We aim to respond within 7 days.

This policy was last updated on May 7, 2026.