Version: 1.2.0 Effective date: 2026-06-16
Overview
Spark is an AI-powered personal relationship assistant. To do its job, Spark remembers the relationship context you choose to give it and uses that context to help you follow up thoughtfully. This policy explains what we collect, why, who helps us process it, and how long we keep it.
Spark does not sell your data, does not share it for advertising, and does not send outreach automatically.
What we collect
- Account info: your name, email address, password hash, timezone, legal acceptance records, subscription status, and optional avatar.
- Contacts you add or import: names, phone numbers, email addresses, addresses, organizations, important dates, relationship tier, AI-enabled status, and notes. If you grant device Contacts permission, Spark reads only the contacts you choose to import.
- Relationship history: interactions you log, reminders, suggestions, accepted/dismissed/rejected suggestion history, and AI-drafted messages.
- Steward conversations and voice input: chat messages, transcripts, tool-call audit history, and microphone audio while you use voice mode. Spark stores transcripts and audit history; Spark does not store raw voice audio by default after a live voice session ends.
- Calendar and files you choose to provide: calendar event details if you grant calendar access, plus avatars, contact photos, note attachments, or business-card images you upload.
- Usage analytics: product events such as opening the app, viewing a paywall, finishing onboarding, or using a feature. These events do not include your contacts' details, notes, transcripts, or message content.
- Diagnostics: crash reports, error traces, stack traces, device/app metadata, request metadata, and account id when needed to debug.
How we use it
- To run Spark's core features: contacts, notes, reminders, suggestions, reviewed drafts, imports, exports, subscriptions, notifications, and account management.
- To generate AI suggestions, drafts, bios, briefings, contact topics, import mappings, and Steward responses. Prompts may contain the relationship data needed for the task and are sent to our configured AI processors for inference. Our processor agreements prohibit training models on your data.
- To process voice mode. Live audio is sent to our voice AI provider during the session so Spark can understand and respond; transcripts and resulting actions are stored so you can review what happened.
- To send transactional emails and push notifications, including verification, password reset, subscription updates, reminders, and service messages.
- To improve Spark using aggregated or de-identified usage patterns. We do not read your contacts, notes, transcripts, or message content for product research.
Who we share with
We share data with the vendors required to operate Spark. See the live Sub-Processor List. When we add or change a material vendor, we update that page and, when required, bump this policy's version.
We may also disclose data when legally compelled, to enforce our terms, to prevent fraud or abuse, or to protect the safety of a person.
Retention
- Active accounts: we retain your data while your account is active.
- Deleted accounts: when you delete your account, Spark removes active sessions, deletes active product records such as contacts, notes, reminders, interactions, conversations, suggestions, devices, notifications, imports, and feedback, and anonymizes account identifiers promptly. Legal acceptance, subscription, admin, fraud-prevention, and aggregate cost/audit records may be retained where needed for compliance, tax, dispute defense, security, or abuse prevention.
- Backups: encrypted backups roll off within 90 days of deletion.
Your rights
- Access / export: export a copy of your data in the app, or email
privacy@spark-rm.com. - Correction: edit your contacts, notes, reminders, and account details directly in the app where supported.
- Deletion: delete your account in Settings, or email
privacy@spark-rm.com. - Object to AI processing: turn off AI for individual contacts or delete data you do not want Spark to process.
- California: you may request access, deletion, correction, and opt out of "sale" or "sharing." Spark does not sell or share personal information for cross-context behavioral advertising.
- EU/UK: our legal bases are contract necessity, legitimate interests, consent where required, and legal obligation. DSARs can be sent to
privacy@spark-rm.comand are fulfilled within 30 days unless law allows an extension.
Children
Spark is not for users under 13. We do not knowingly collect data from children. If you believe a child has signed up, email privacy@spark-rm.com and we will delete the account.
Security
We encrypt data in transit and at rest where supported by our infrastructure providers. Access to production systems is restricted to named operators and logged where practical. No system is perfectly secure; if a breach affects your data, we will notify you as required by law.
Changes
When we materially change this policy, Spark prompts you to accept the new version the next time you open the app. See the legal changelog for what changed and why.
Contact
privacy@spark-rm.com— privacy questions, DSARs, and deletion requestslegal@spark-rm.com— general legal questions