Skip to content

Privacy Policy

Last updated: 24 April 2026

1. Summary

Sathi is a personal assistant service that stores your habits, tasks, goals, memories, documents, finances, and skills so an AI assistant (Claude, ChatGPT, or another MCP-compatible client you authorize) can help you manage your life. We store only what you put in, we do not sell your data, we do not train AI models on your data, and you can delete your account and all associated data at any time.

2. Who we are

Sathi ("Sathi", "the service", "we") is an independent, open-source project operated by Amar Gupta. The service is hosted at sathi.devfrend.com. "Claude" is a trademark of Anthropic PBC; Sathi is not affiliated with, endorsed by, or sponsored by Anthropic.

3. Data we collect

We collect only data you explicitly create or connect. Specifically:

Account data

  • Email address, display name, hashed password (or Google OAuth identifier)
  • Account creation timestamp, last-login timestamp

Personal productivity data (created by you)

  • Habits — names, frequency, completion logs, streaks, reminder times
  • Tasks & subtasks — titles, descriptions, due dates, priorities, status, tags, time tracking (start/pause/resume timestamps, elapsed seconds), linked projects
  • Goals & milestones — titles, target values, metric types, recurrence, progress
  • Memories — text notes you save (journal-style), tags, category, project; stored with OpenAI embeddings for semantic search
  • Finance — transactions you log manually or sync from SMS (amount, merchant, category, date, optional note, optional raw SMS string)
  • Documents — files you upload (PDFs, text), their extracted text, embeddings for semantic search, metadata you add (name, description, tags)
  • Skills — agent skill files you sync from your local machine (names, platforms, file contents, tags)
  • Chat threads & messages — conversations between you and the desktop Claude Code answerer
  • Relay asks & answers— questions raised by AI agents and your (or another AI's) answers

Authentication & authorization tokens

  • Sathi OAuth tokens — issued to MCP clients (Claude, ChatGPT) so they can read and write your data on your behalf. Stored as SHA-256 hashes.

Technical data

  • Append-only audit log of mutating MCP tool calls (tool name, entity id, timestamp, MCP client id)
  • Supabase Auth logs (standard sign-in/sign-out events)
  • Vercel hosting logs (standard HTTP access logs, retained briefly)

We do not collect analytics, marketing tracking, IP geolocation, browser fingerprints, or third-party advertising identifiers.

4. How we use your data

  • To provide the service (store your entries, run your tool calls, return your own data to you)
  • To compute derived values (streaks, completion percentages, spending summaries, goal progress, memory duplicate detection, semantic search results)
  • To authenticate MCP tool calls against your account

We do not use your data to train AI models, to build profiles of you, or for any purpose other than operating the service you're using.

5. Third-party services we share data with

When you use features that depend on a third party, your data (or a derivative of it) is sent to that third party under their own privacy policy. You can avoid data flowing to a given third party by not using the corresponding feature.

Supabase

Their privacy policy →

Purpose: Primary database, authentication, file storage, and realtime messaging. Your data lives in Supabase-hosted Postgres with row-level security.

What's sent: All personal data listed in Section 3, encrypted at rest.

Vercel

Their privacy policy →

Purpose: Web hosting and serverless function execution. Standard request logs only.

What's sent: HTTP request metadata (URL, status, timing). No personal data payloads are logged.

Anthropic (Claude)

Their privacy policy →

Purpose: The AI assistant you use with Sathi. When you chat with Claude, your message + relevant context Sathi surfaces is sent to Anthropic to generate a response.

What's sent: Your chat messages and the tool-call arguments/results Sathi produces in that conversation. Anthropic's policy on training applies.

OpenAI

Their privacy policy →

Purpose: Generates vector embeddings for semantic search over your memories and documents. Also used by the Sathi chat if you select the OpenAI provider.

What's sent: Memory contents and document chunks are sent to the embedding API. Chat messages are sent if you use the OpenAI chat provider.

ElevenLabs

Their privacy policy →

Purpose: Used only for generating demo video voiceovers (build-time tooling, not user-facing).

What's sent: No user data. Only fixed demo-script text.

Google (Sign in with Google)

Their privacy policy →

Purpose: Optional sign-in method.

What's sent: Your Google email, name, profile picture. Handled via Supabase Auth.

YouTube API Services (Google)

Their privacy policy →

Purpose: If you connect YouTube, Sathi uploads videos you explicitly initiate to your own channel and reads your channel metadata (title, thumbnail) to display it on your dashboard. Sathi uses YouTube API Services.

What's sent: We request the youtube.upload scope (to publish videos on your behalf only when you initiate an upload) and youtube.readonly (to read your channel profile). We store the access_token and refresh_token (encrypted at rest, RLS-isolated) and use them server-side to authenticate your subsequent upload requests. We never read, download, or modify videos you did not create through Sathi, and we never share your YouTube data with third parties.

YouTube API Services — required disclosures

6. Data storage & security

  • All data stored in Supabase (Postgres) with row-level security enforcing user isolation
  • Documents stored in Supabase Storage with signed-URL access (1-hour expiry)
  • Sathi OAuth tokens stored as SHA-256 hashes (we cannot recover them)
  • Transport encrypted via TLS end-to-end

7. Data retention

  • Personal productivity data is retained until you delete the individual entry, or delete your account
  • Deletions are soft by default (marked inactive) for most entity types; hard deletion is triggered by account deletion
  • Audit log entries are retained indefinitely (they're append-only and required for debugging)
  • Supabase Auth logs follow Supabase's default retention (30 days)
  • Vercel access logs follow Vercel's default retention (1 hour to 30 days depending on plan)

8. Your rights

You can, at any time:

  • Access your data via the dashboard, via any MCP client you've authorized, or by emailing us
  • Correct or update your data via the dashboard or MCP tools
  • Delete individual entries, or delete your entire account (which cascades to all related rows via Supabase ON DELETE CASCADE)
  • Revoke any OAuth grant (Sathi MCP clients, Google) from the dashboard
  • Export your data (on request — email us and we'll provide a JSON dump)
  • Opt out of any third-party integration by simply not connecting it

If you are in the EU/UK, you additionally have rights under GDPR (right to be forgotten, data portability, right to object, right to lodge a complaint with a supervisory authority). Contact us to exercise these.

9. Children

Sathi is not intended for users under 16. We do not knowingly collect data from children. If you believe a child has created an account, contact us and we will delete it.

10. Cookies

We use a small number of essential cookies for authentication (Supabase session, short-lived OAuth state cookies). We do not set any analytics, advertising, or tracking cookies.

11. Changes to this policy

We'll update this page when we change how data is handled. The "Last updated" date at the top reflects the most recent change. Material changes (expanding what we collect, new third parties, new sharing purposes) will be announced in-app and via email where we have one.

12. Contact

Questions, requests, or complaints: theamargupta.tech@gmail.com.