Privacy Policy

PurpleProz is a personal knowledge navigator that helps you prepare for encounters with professionals — doctors, lawyers, contractors, financial advisors, and others. We are not a healthcare provider, law firm, financial advisor, or any other licensed professional service.

When you create an account, we collect your email address (used solely for authentication), a randomly generated account identifier, your credit balance and transaction history, and your preferences such as timezone and display settings.

That is all we collect. We do not collect your name, address, phone number, or any payment card details. Payment processing is handled entirely by Stripe — we never see or store your payment information.

PurpleProz is designed so that your personal records never leave your device and never reach our servers. We do not collect, store, or have access to:

• Your medical history, diagnoses, medications, or lab results
• Legal documents, contracts, or case details
• Financial records, account numbers, or investment information
• Any documents or images you work with in the app
• Any content you enter into your profiles

This information is stored locally on your device. When you export a backup or transfer your data to a new device, the file is automatically encrypted using a key derived from your account credentials. No encryption key is ever stored on our servers — only you, when logged in, can decrypt your own files.

PurpleProz uses Anthropic's Claude AI to generate analyses, interpretations, and reports. We want to be straightforward: when you use an AI feature, the relevant content from your records is sent to Anthropic for processing. This may include personal or sensitive information you have entered or uploaded.

This means that while your data never passes through PurpleProz servers, it does reach Anthropic when you use AI features. The distinction that genuinely holds is between PurpleProz storing your data (which we do not) and Anthropic processing it on your behalf when you make a request (which they do).

Anthropic processes this data under their own privacy policy. Their policy states that API data is not used to train their models by default. You can review it at anthropic.com/privacy.

PurpleProz does not store the content sent to Anthropic, nor do we receive or retain Anthropic's responses beyond delivering them to you in the app.

If you prefer not to send sensitive content to Anthropic, you can type a summary instead of uploading documents directly. You are always in control of what gets submitted for analysis.

When you export your data — either as a Backup or as part of a Transfer to a new device — the file is encrypted on your device before it is saved. Encryption uses AES-256-GCM, a widely trusted standard, with a key derived from your account credentials using your unique account identifier.

No encryption key is stored on PurpleProz servers. The key exists only in your active session. This means:

• A backup file stored in iCloud, Google Drive, or any other service cannot be read by the storage provider
• If someone obtains your backup file without access to your account, it is unreadable to them
• Only you, when logged in to your PurpleProz account, can decrypt and import your data

This also means that if you permanently lose access to your account and have no backup, recovery is not possible. We strongly recommend keeping regular backups in a cloud service you control.

PurpleProz uses the following third party services, each with their own privacy policy:

• Supabase — authentication and account data storage (supabase.com/privacy)
• Anthropic — AI processing (anthropic.com/privacy)
• Vercel — application hosting (vercel.com/legal/privacy-policy)
• Stripe — payment processing (stripe.com/privacy)
• Sentry — error monitoring (sentry.io/privacy)

PurpleProz uses cookies solely to maintain your login session. We do not use advertising cookies, tracking pixels, or third party analytics that identify you personally. We use Vercel's privacy-friendly analytics which collect aggregate, anonymized usage data only.

You may delete your account at any time directly from your Settings page. Deletion permanently and immediately removes your email address, credit balance, transaction history, and settings from our systems. Because your personal records are stored on your device and not on our servers, deleting your account does not affect that data — you manage it directly.

If you wish to switch authentication methods — for example from Google to email/password — you can link multiple sign-in methods to your account from Settings without losing your credit balance or data.

PurpleProz is not directed at children under 13. We do not knowingly collect information from children under 13.

We will notify registered users by email of any material changes to this privacy policy before they take effect.

Questions about this policy: privacy@purpleproz.com