Legal

Privacy Policy

Last updated June 15, 2026

Sonder is a personal CRM that helps you remember the people who matter. This policy explains what information we collect, how we use it, and what control you have over it. We collect only what we need. We share as little as possible. Your data is yours.

1. Information We Collect

Account information. When you register, we collect your name, email address, and a bcrypt-hashed version of your password. We never store plain-text passwords.

Personal relationship data. Sonder stores whatever you choose to enter: contact details, notes, interaction logs, reminders, and background facts about the people in your life. This data is private to your account.

Photos. If you upload a profile photo for a contact, we store the image file on our servers. Photos are linked only to contacts in your account.

Payment information. If you subscribe, payment is processed by Stripe. We receive a Stripe customer ID and subscription status; we never see or store your card number, CVV, or full billing address.

Server logs. Our servers automatically record IP addresses, request timestamps, HTTP methods, and response codes. These logs are used for security, debugging, and abuse prevention. They are not used for advertising and are not sold.

Push notification tokens. If you enable web push notifications, your browser generates a push subscription endpoint (a URL unique to your browser/device). We store it to deliver notifications you've requested. You can revoke it at any time from Settings.

Local storage. We use your browser's localStorage to remember your UI preferences (theme, onboarding state). No personal data is stored there.

2. How We Use Your Information

We do not sell your data. We do not use it for advertising. We do not build profiles for third-party targeting.

3. AI Features

Sonder uses the Claude API (Anthropic) to power Quick Capture, Profile Summary, Note Cleanup, and related features. When you trigger an AI feature, the text you've entered — and relevant context from your account such as a contact's name or existing notes — is sent to Anthropic's servers to generate a response.

We transmit only the minimum data necessary for the feature. We do not send your entire account to Anthropic. Anthropic's Privacy Policy governs how they handle API data.

Sonder is not a medical, legal, financial, or psychological service. Nothing in AI-generated responses constitutes professional advice of any kind.

4. Third-Party Services

5. Data Retention

Your data is kept for as long as your account is active. If you delete your account, all of your personal data — people, notes, interactions, reminders, connections, and uploaded photos — is permanently deleted from our database immediately. Deletion is irreversible.

We retain encrypted database backups for up to 7 days as a disaster-recovery measure. These backups are deleted on a rolling basis. Server access logs are retained for up to 30 days.

If a subscription cancels or lapses, your account and data remain intact; only paid features (unlimited contacts) are restricted.

6. Data Security

Passwords are hashed with bcrypt (cost factor 10) before storage — we cannot retrieve them. All connections to Sonder use HTTPS with TLS. Authentication uses signed JWT tokens stored in httpOnly cookies, inaccessible to JavaScript. Each account's data is fully isolated; no user can access another's records.

We take reasonable technical precautions, but no system is perfectly secure. In the event of a data breach that affects your personal information, we will notify you at your registered email address within a reasonable time, consistent with applicable law.

7. Cookies and Browser Storage

Sonder sets a single httpOnly, Secure, SameSite=Lax cookie to maintain your session. This cookie contains a signed JWT and has no advertising or tracking purpose. It expires after 30 days if you choose "Remember me," or at the end of your browser session if you don't. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

8. Your Rights and Choices

9. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

To exercise these rights, contact us at evan@troesh.net. We will respond within 45 days.

10. International Users

Sonder's servers are located in the United States (AWS us-east-2). If you access Sonder from outside the United States, your information is transferred to and processed in the US. By using Sonder, you consent to that transfer. We apply the same data protection standards regardless of where you are located.

Sonder is not currently certified under EU-US Data Privacy Framework, GDPR standard contractual clauses, or similar frameworks. If you are in the European Economic Area, you should be aware that US privacy law differs from EU law.

11. Children

Sonder is not directed at children under 13. We do not knowingly collect information from anyone under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

12. Disclaimer

Sonder is a personal organizational tool, not a professional service of any kind. The notes, reminders, and relationship data you store are entirely your own. We make no representations about the accuracy, completeness, or suitability of any information entered into or generated by Sonder for any particular purpose.

13. Changes to This Policy

If we make material changes to this policy, we will update the date at the top and note it in the app. For significant changes, we will notify you by email at least 14 days before they take effect. Continued use after that date constitutes acceptance of the updated policy.

14. Contact

Questions, requests, or concerns about this policy: evan@troesh.net