Deep
Privacy Policy
Last updated: May 28, 2026
The short version. Your habits, conversations with Sage, and personal context live on your device. We don't sell them, share them with advertisers, or use them to train AI models. When you message Sage, your message is sent through our server to an AI provider so a reply can be generated. We use a small number of third-party services for crash reporting, anonymous usage analytics, and subscription billing, all listed below. You can wipe everything from inside the app at any time.
What data is on your device
The app stores the following locally on your phone, in your device's app sandbox:
- Your habits, daily completion history, and identity scores
- Your masterplan / vision text
- Your conversations with Sage
- Personal context Sage has captured during conversations (e.g. routines, schedules)
- Learned patterns and Growth Moments
- Profile fields you've filled in (name, email) — used only inside the app
- App preferences and a generated device identifier
None of this is uploaded to a server we control as part of normal use. It stays on your device and is removed if you delete the app or wipe inside Settings.
What gets sent to our server when you chat with Sage
When you send a message to Sage, the following is transmitted to our proxy server (hosted on Cloudflare Workers):
- The message you typed
- Recent prior messages in the conversation (so Sage can stay in context)
- A summary of your current state: active habits, identity score, recent patterns, your vision (so Sage can reference what's actually happening in your life)
- An anonymous device identifier we use to apply rate limits
This data is sent over TLS. Our proxy forwards it to Anthropic's Claude API to generate a reply, then streams the reply back to your device. We do not log or store the content of your messages or Sage's replies on our server.
When you report a Sage message
If you long-press a Sage message and report it, the text of that message, the category you picked (e.g. "Harmful advice"), your anonymous device identifier, and your IP address are stored in a database we control (Cloudflare D1). We review reports to improve Sage's behavior and satisfy App Store safety requirements. Reports are retained for up to 90 days and then deleted.
Anthropic, our AI provider
Sage uses Claude, made by Anthropic. Per Anthropic's commercial API terms, your messages and Sage's replies are not used to train Anthropic's models. Anthropic may retain API content for up to 30 days for abuse monitoring, after which it's deleted. Their privacy policy: anthropic.com/legal/privacy.
Crash reporting (Sentry)
When the app crashes or hits an error, we send a stack trace and a small amount of debug context to Sentry so we can diagnose and fix it. We do not send your habit names, conversations, vision text, profile name, or email. We do send your anonymous device identifier and non-sensitive technical state (app version, error code, screen counts). Sentry retains data for up to 90 days. Their privacy policy: sentry.io/privacy.
Anonymous usage analytics (PostHog)
We use PostHog (US cloud) to understand how the app is used in aggregate — for example, how many people complete onboarding, how often habits get marked done, how often Sage is opened. Each event is tagged with your anonymous device identifier and non-personal properties (app version, habit count, onboarding state, subscription state). We do not send PostHog your habit names, Sage messages, vision text, profile name, or email. Geographic IP-based location is disabled at the project level. Their privacy policy: posthog.com/privacy.
Subscription billing (Apple)
If you subscribe to Deep Pro, Apple processes the transaction through the App Store. Apple receives your payment details, applies the charge, and sends us aggregated reports of subscription status without your name, email, or payment information. We receive a signed transaction receipt from Apple that we use to grant access to paid features. We do not see or store your credit card, Apple ID password, or any other Apple account credentials. Apple's privacy policy: apple.com/legal/privacy.
Infrastructure (Cloudflare)
Our proxy server and the report database run on Cloudflare. Cloudflare temporarily processes requests to route them and to apply abuse protections (rate limiting). Cloudflare may log IP addresses and request metadata for short periods for security. Their privacy policy: cloudflare.com/privacypolicy.
What we don't do
- We don't sell your data to anyone, ever
- We don't use it to train AI models, ours or anyone else's
- We don't include ad networks or behavioral tracking SDKs
- We don't access your contacts, location, photos, microphone, or health data
- We don't require an account, name, or email to use the app
Your rights
You can delete every piece of data on your device at any time. Open Settings inside the app and tap "Delete account." This wipes habits, history, conversations, learned patterns, personal context, profile, and usage stats from your device immediately.
For data held by third parties (Anthropic, Sentry, PostHog, Cloudflare, Apple), data is keyed by your anonymous device identifier or, in Apple's case, by your purchase. If you'd like us to request deletion from these providers, email sagehabits.support@gmail.com with the rough date of your last app use and we'll initiate the request.
If you have questions about your data or want to exercise rights under GDPR, CCPA, or similar laws, email us at sagehabits.support@gmail.com.
Children
Deep is not directed at children under 13. We don't knowingly collect data from anyone under 13. If you believe a child has used the app, contact us and we'll help you remove their data.
Changes to this policy
If we make a material change to how we handle data, we'll update this page and update the date at the top. Significant changes will be surfaced in the app before they take effect.