Your privacy, in plain language

Your account info — email, an optional phone number, your household name, and how you sign in.

The stuff you send us — emails you forward, attachments, and your texts, WhatsApp messages, and questions. This is what we turn into your updates, reminders, calendars, and lists.

Some of that is sensitive — like medical appointments or details about your kids. We treat it as confidential and only use it to run the features you asked for.

A little operational data — timestamps, delivery receipts, and error logs so we can keep things running and fix problems. These logs never include your message contents, attachments, or family profiles.

Smitty is built to help you manage life for other people — your kids, your partner, your contacts. When you share their information, you're confirming you're allowed to. We use it only to help you, never to profile or advertise to anyone, and never for kids.

If someone in your household wants their info corrected or removed, you can do it in the app, or email us at privacy@smittyhq.com.

Smitty is for adults. We don't knowingly let anyone under 13 create an account.

Smitty uses AI to read what you send and turn it into something useful — your morning update, reminders, and supported replies and answers. We send only what's needed, and Anthropic, PBC is contractually barred from keeping your content or training on it.

One honest note: AI isn't perfect. Please don't rely on Smitty for medical, legal, or financial decisions — double-check anything that matters.

We keep the web app lean. To stay signed in, we use a secure session, and we store a few preferences in your browser, like your timezone and view settings.

For product analytics, we use Google Analytics only if you opt in — it's off by default, and you can change your mind anytime in your privacy settings. We don't intentionally send any of your household content to Google.

• Forwarded emails and attachments: 30 days or less, then automatically deleted.
• The items we create for you, like events, lists, and reminders: kept until you delete them or close your household.
• Operational logs: 90 days, then purged.

Smitty only sends you service messages — updates, reminders, confirmations, and replies to your commands. No marketing.

Want to stop? Text STOP and we'll turn off all Smitty messaging — both SMS and WhatsApp. Text HELP if you need a hand.

Text DELETE to Smitty, or use the delete control in the app. For your safety, this starts a 24-hour confirmation window — reply DELETE CONFIRM to finish. After that, your household is permanently removed: messages, calendar, attachments, the items we created, and your account.

Wherever you live, you can ask us to show you your data, correct it, export it, or delete it — just email privacy@smittyhq.com. If you're in California, the EU, or the UK, you have specific legal rights; the Privacy Policy spells those out.

A small set of trusted vendors, each under a data-protection agreement: Supabase for database and sign-in, Railway for hosting, Twilio for SMS and WhatsApp delivery, Anthropic, PBC for AI, and — only if you opt in — Google Analytics. Want the current full list? Email privacy@smittyhq.com.

If there's ever a security incident that affects your data, we'll tell you within 72 hours of confirming it — whether or not the law requires us to.