No dark patterns, no opaque consent layers, no resale of behavioral data. Here's exactly what we collect, why we collect it, and how to get rid of it.
Activity logs, estimates, journal entries — everything is exportable as JSON or CSV at any time. Delete an account and the data is gone within 30 days.
We don't load Google Analytics, Meta pixels, or session-replay tools. The only analytics we run are product events on our own infrastructure.
Coaching models are trained on aggregated, de-identified patterns — never on the literal text of your sessions or journal entries.
Every vendor that touches user data is listed on this page. We notify Pro and Team customers 30 days before adding a new one.
To run Sopheron we collect three categories of data:
We don't collect IP-based location, device fingerprints, or anything from third-party data brokers.
Activity data is used solely to power your own coaching loop and analytics — never to advertise, never to train shared models on your literal content. Aggregated, de-identified patterns may be used to improve coaching heuristics for everyone.
Account data is used for billing and for letting you sign in. Product analytics tell us which features are worth keeping and which are silently broken.
By default, your data lives on managed Postgres in Frankfurt, Germany (eu-central-1). Team customers can choose Virginia, USA (us-east-1) at signup. We do not replicate primary data across regions without your written consent.
Backups are encrypted at rest with AES-256 and retained for 14 days before being shredded.
Wherever you live, you can:
| Vendor | Purpose | Region |
|---|---|---|
| Fly.io | Application hosting | EU / US |
| Neon | Managed Postgres | EU / US |
| Cloudflare | CDN + WAF | Global |
| Stripe | Billing | Ireland / US |
| Postmark | Transactional email | US |
| Linear | Internal issue tracking (no user data) | US |
We'll email you 30 days before any material change. The full revision history of this page lives in our public GitHub repo — diff anything you like.