Your data stays yours.
Privacy isn't a settings page here — it's the architecture.
One isolated machine per customer
Your assistant runs in its own hardware-isolated microVM (Firecracker, the isolation technology behind AWS Lambda). No shared runtime, no shared memory, no neighbor can see your data — ever.
We don't train on your data. We don't sell it.
Your conversations and files are used to serve you. Full stop.
Open, swappable models
Assistants run on open-source models by default, so your day-to-day content isn't feeding a big AI cloud's product roadmap. Encrypted in transit and at rest.
Payments you approve, cards we never see
Agentic purchases run through Stripe Link. Every spend requires your explicit approval in the Link app — the assistant cannot approve its own purchases, and card numbers never enter the AI's context or our logs.
Honest exceptions
Some features route through trusted processors: payments (Stripe), iMessage delivery (Photon), our platform's own operations agent (Anthropic). We disclose exactly what each touches.
Subprocessors
Fly.io (compute) · Neon (database) · Vercel (web) · Clerk (auth) · Stripe (payments) · OpenRouter (model routing) · Photon (iMessage) · Anthropic (platform operations).