Privacy Policy

Last updated: May 10, 2026

This policy explains what information Talioop collects when you use the cognitive offloading platform (the “Service”), why we collect it, and the choices you have. It applies to the web app at app.talioop.com, the Talioop iOS app (com.talioop.app), and any successor domain or app bundle.

1. Information we collect

We collect only what is needed to run the Service:

  • Account identity. When you sign in, our authentication provider (Clerk) stores your email address, name, any profile image you provide, the sign-in factors you configure (password, passkey, social provider), and audit metadata such as IP and device fingerprints for security.
  • Loop content. Every task, worry, or idea you capture (“loops”) is stored in our database alongside your user ID, along with classification metadata (type, parent loop, due date, resolution, close time, snooze state) and timestamps.
  • Preferences. Notification settings, stale-loop thresholds, and UI preferences you set inside the app.
  • Diagnostic data. Crash reports and performance traces captured by Sentry (EU region) when something goes wrong. We scrub known sensitive fields (loop text, auth headers, session tokens) from these events before they leave our servers. See GUIDE.md § Error reporting (Sentry) for the scrubber spec.
  • Server logs. Standard HTTP access logs kept by Cloudflare and our application servers (timestamp, path, status code, user agent, IP). Used for debugging and abuse prevention.
  • Product analytics. We send a small set of anonymous event names to PostHog (loop captured, voice command started/ completed, feedback submitted, PWA install accept/dismiss, sign-up CTA clicked, search result clicked) with minimal metadata — input/message lengths, action counts, and loop type for searches. No loop text, dependency content, or message bodies are sent. When you sign in, we associate the events with your Clerk user id, email, and name so we can investigate problems on a specific account. Guests are anonymous.

We do not use Google Analytics, Mixpanel, Amplitude, or Segment, and we do not run advertising trackers.

2. How we use the information

  • To authenticate you and enforce per-user data isolation.
  • To store and display your loops, run Auto Type, Auto Organize, and voice command parsing on loop text and audio (see §3 and §3a), send optional daily reminder notifications, and power real-time sync across your devices.
  • To diagnose and fix bugs, monitor service health, and investigate abuse.
  • To communicate service-critical notices (outages, security issues, material changes to this policy) to the email on your account. We do not send marketing email.

3. Third parties we share data with

Talioop is built on a small number of service providers. We only share what each provider needs to do its job, and we do not sell or rent your data to anyone.

  • Clerk (authentication) — stores your account credentials, profile, and session tokens. Privacy: clerk.com/legal/privacy.
  • Supabase (managed Postgres, US East) — stores your loops, preferences, and derived classification data. Privacy: supabase.com/privacy.
  • Sentry (EU region) — receives scrubbed crash reports and performance traces. Privacy: sentry.io/privacy.
  • PostHog (US region) — receives the anonymous product analytics events listed in §1, plus a Clerk user id, email, and name when you’re signed in. Used for usage trends and bug investigation. Requests are routed through a same-domain reverse proxy at /ingest/*. Privacy: posthog.com/privacy.
  • Cloudflare — serves traffic through a Cloudflare Tunnel and protects the origin. May see request metadata and headers. Privacy: cloudflare.com/privacypolicy.
  • Anthropic (Claude API) — third-party AI service. The text you capture in a loop, the titles of your visible loops (used as parent suggestions), and the transcript of any voice command are sent to Anthropic so it can classify the loop’s type, suggest a parent, and turn voice into a structured action. Anthropic’s API terms prohibit training on inputs by default and require Anthropic to provide protections at least equivalent to what this policy describes. Privacy: anthropic.com/legal/privacy.
  • OpenAI (Whisper API) — third-party AI service. When you use voice capture, the audio file you record is sent to OpenAI for speech-to-text transcription. The audio is processed and discarded; the resulting transcript is then handled per the Anthropic entry above. OpenAI’s API terms prohibit training on API inputs by default and require OpenAI to provide protections at least equivalent to what this policy describes. Privacy: openai.com/policies/privacy-policy.

We may also disclose information if required by law, to enforce our Terms of Service, or to protect the rights, safety, and property of Talioop and its users.

3a. Third-party AI processing — what is sent and when

Talioop uses two third-party AI providers (Anthropic and OpenAI) to deliver its core AI features. We obtain your in-app permission before the first time any data leaves Talioop for these services, and you can change your decision at any time in Account → Privacy. If you do not allow AI processing, AI features (Auto Type, Auto Organize, voice capture) are disabled and no data is sent to Anthropic or OpenAI; you can still use Talioop to capture loops manually.

The table below lists every AI feature, what is sent, and which provider receives it. Nothing else — not your email, account identifier, payment info, full loop history, or analytics events — is sent to these AI providers.

  • Auto Type — the text of the loop you are capturing is sent to Anthropic to classify it (TASK, WORRY, IDEA, HABIT, etc.).
  • Auto Organize — the text of the loop you are capturing, plus the titles of your currently open loops and categories, is sent to Anthropic to suggest a parent loop.
  • Voice capture — the audio you record is sent to OpenAI (Whisper) for transcription. The transcript is then sent to Anthropic, together with the titles of your visible loops, so it can interpret the spoken command and convert it into a structured action (create loop, close loop, etc.).

Both providers operate under contractual data-processing terms that prohibit training their models on Talioop’s inputs and require them to provide protections at least equivalent to those described in this policy. We do not sell or share your data with these providers (or anyone else) for advertising.

4. Data retention

Loops and preferences are retained while your account is active. If you delete your account (see §5), we delete your loops, preferences, and account record from our primary database within 30 days. Scrubbed diagnostic events in Sentry expire on Sentry’s standard retention (90 days). Cloudflare and provider logs follow each provider’s retention defaults.

5. Your rights

You can exercise the following rights at any time. Depending on where you live, local law may give you additional rights (for example the GDPR, UK GDPR, or CCPA).

  • Access and export. Email privacy@talioop.com from the address on your account and we will send a JSON export of your loops and preferences within 30 days.
  • Correction. Edit any loop or profile field directly in the app, or email us if a field is not editable.
  • Deletion. Email privacy@talioop.com and we will delete your account, loops, and preferences within 30 days. (A self-service delete button is on the roadmap; see §10.)
  • Opt out of AI processing. Open Account → Privacy in the app and disable AI processing. New loops will skip the Anthropic and OpenAI calls, voice capture will be unavailable, and classification will fall back to a manual default. You can re-enable it at any time.

6. Security

All traffic is served over HTTPS. Session tokens are issued by Clerk and rotated automatically. Our database enforces row-level scoping on every query so you can only read and write your own data — a missing user filter returns 404, not cross-tenant results. We log and alert on unauthorized access attempts. No system is perfectly secure; please report suspected vulnerabilities to privacy@talioop.com.

7. Children

Talioop is not directed to children under 13, and we do not knowingly collect data from them. If you believe a child has created an account, email us and we will delete it.

8. International transfers

Talioop is operated from the United States. Our Postgres database is hosted in AWS us-east-1. Sentry is hosted in the EU. Cloudflare operates a global network. By using the Service you consent to the transfer of your information to these regions.

9. Changes to this policy

If we make a material change we will post the new policy here and update the “Last updated” date above. For significant changes we will also send a notice to the email on your account.

10. Contact

Questions, requests, or complaints: privacy@talioop.com.