DRAFT — pending legal review. Engineering authored this skeleton. Real publication requires a lawyer pass on the specifics, especially the jurisdiction-specific sections.
Version: 1.1.0 Effective date: 2026-05-16
Overview
Spark is an AI-powered relationship manager. To do its job, it has to remember information about the people you care about, the conversations you have with them, and the way you write. This policy explains what we collect, why, and how long we keep it.
What we collect
- Account info: your name, email address, and password hash (handled by our auth provider). You may also voluntarily provide an avatar image and timezone.
- Contacts you add: names, phone numbers, email addresses, important dates, relationship tier, and any notes you write.
- Interactions you log: channel (text, call, email, etc.), timestamp, and a free-form summary.
- Drafts and conversations: messages the AI drafts on your behalf, and the back-and-forth in Steward chats.
- Usage signals: the suggestions Spark generates and which ones you accept, dismiss, or send.
How we use it
- To run the app's core features (showing your contacts, drafting messages).
- To generate AI suggestions and bios. Prompts containing your data are sent to our AI processor (Anthropic) for inference. We do not sell your data, and our processor agreements forbid training models on it.
- AI-driven CSV imports. When you import contacts from a CSV, a small sample (column headers + the first 5 rows) is sent to our AI processor so it can suggest how to map your columns to Spark's contact fields. The rest of the CSV stays between you and us.
- To send transactional emails (welcome, verification, password reset, billing).
- To improve Spark. We may review aggregated, non-identified usage patterns to make product decisions. We never review your contacts or notes for product research.
Who we share with
We share data with the minimum number of vendors required to run the service. See the live Sub-Processor List — when we add or change a vendor, we update that page and (for material changes) bump this policy's version.
We do not sell your data. We do not share it for advertising. We disclose data when legally compelled (subpoena, court order), and when needed to protect the safety of a person.
Retention
- Active accounts: we retain your data as long as you use the service.
- Deleted accounts: when you delete your account, your data is hard-deleted within 30 days. Legal-acceptance records and billing records may be retained longer for dispute defense and tax compliance.
- Backups: encrypted backups roll off within 90 days of deletion.
Your rights
- Access / export: request a copy of your data (in-app once shipped; until then, email
privacy@mauve.app). - Correction: edit any of your data directly in the app.
- Deletion: Settings → Danger Zone → Delete Account.
- Object to processing: turn off AI per contact (Settings → Contact → Spark & check-ins) or globally.
- Region-specific rights:
- California (CCPA): you may request access, deletion, and opt out of "sale" (we don't sell, but the right exists). Email
privacy@mauve.app. - EU/UK (GDPR): legal basis for processing is contractual necessity + legitimate interest. DSARs by email, fulfilled within 30 days.
- California (CCPA): you may request access, deletion, and opt out of "sale" (we don't sell, but the right exists). Email
Children
Spark is not for users under 13. We don't knowingly collect data from children. If you believe a child has signed up, email privacy@mauve.app and we'll delete the account.
Security
We encrypt data in transit (HTTPS) and at rest. Access to production systems is restricted to a small set of named employees with audit logging. No system is 100% secure; we'll notify you per applicable law if we ever suffer a breach affecting your data.
Changes
When we change this policy materially, we'll prompt you to re-accept the new version the next time you open the app. See the legal changelog for what changed and why.
Contact
privacy@mauve.app— privacy questions, DSARs, deletion requestslegal@mauve.app— general legal