Privacy Policy

Last updated: April 10, 2026

goals. (the "App") is operated by Goals LLC ("we", "us", "our"). This policy explains what data we collect, why, where it lives, who can see it, and how you can get rid of it. It's written to be readable, not legally dense.

The short version: we collect only what we need to make the app work, we store it in one place with row-level security, we send specific pieces of it to Anthropic for AI analysis, we never sell it, and you can delete your account at any time with one tap in Settings. The long version follows.

1. Data we collect

1.1 Account data

When you sign in with Apple, Apple gives us a stable, pseudonymous user identifier (a UUID). If you allow it, Apple also shares your name and email address. We use this to create your account row and to email you about the service (welcome, product updates, weekly briefings you've opted into). If you choose Apple's "Hide My Email" option, we only ever see the @privaterelay.appleid.com relay address — we never receive your real email.

1.2 Goals and todos

Every goal and todo you create in the app is stored on our servers under your user id. For todos this includes the title, optional detail, cadence (one-off vs weekly recurring), scope (this week vs ongoing), sort order, and any goal link. For goals it includes the title, detail, category (one of seven fixed life areas), priority rank, and optional target metric. Completion records for weekly-recurring todos are stored in a separate per-week history table so your completion data survives Monday resets.

1.3 Voice reflections and intent captures

When you record a voice reflection or use the voice-capture feature to dictate todos/goals, the raw audio is transcribed on your device using Apple's Speech framework. The resulting transcript is then sent to our servers along with the audio file. For voice reflections we also send the transcript to Anthropic (see section 3) for sentiment, energy, and focus-area analysis. Audio files are stored in a private, per-user storage bucket; you can delete any recording individually or wipe your whole account.

1.4 Calendar events

If you connect Apple Calendar, we read events from your selected calendars via Apple's EventKit API and store the title, optional location, start/end times, all-day flag, and source (Apple / Google) for each event. We use this to compute how much of your week went to each goal category. Raw calendar metadata (attendees, notes, recurrence rules) is not stored.

1.5 Health data

If you connect Apple Health, raw HealthKit samples never leave your phone. The app reads samples on-device via HKHealthStore, computes daily aggregates (steps, Apple exercise minutes, sleep hours, resting heart rate, HRV SDNN, workout count), and uploads only those aggregates. Individual heart-rate readings, GPS traces, sleep stages, and workout routes all stay local on your device.

1.6 Statement uploads

If you upload a credit-card or bank statement (PDF or image) for AI extraction, the file is stored in a private, per-user storage bucket. The file is then fetched server-side and sent to Anthropic's Claude API to extract individual transactions. Extracted transactions (date, merchant, amount, category guess) are stored in your account. You can delete the original statement file after extraction without losing the extracted transactions.

1.7 Device and usage data

The app sends basic usage data to our servers so we can keep it running: timestamps of when you opened the app, when an edge function was invoked, and the success/failure of each API call.

1.8 Website analytics (Google Analytics 4)

The trygoals.app marketing site uses Google Analytics 4 to measure traffic so we know which pages and blog posts are getting read. GA4 drops a first-party cookie in your browser and sends anonymized usage data (page URL, referrer, approximate location derived from IP, device type, browser, and event timestamps) to Google. We do not send personal identifiers to GA4, and IP addresses are anonymized by Google before storage.

GA4 runs only on the website. The iOS app does not include GA4 or any other analytics SDK — it only talks to our own Supabase backend and the third-party services listed in section 3.

You can opt out of GA4 tracking on our site by enabling "Do Not Track" or a privacy-focused extension in your browser, or by installing Google's opt-out browser add-on.

2. Where your data lives

All account data, goals, todos, transcripts, extracted transactions, and health aggregates are stored on Supabase, which provides a Postgres database and object storage hosted in the United States. Voice recordings and uploaded statements live in private storage buckets scoped per-user.

Every user-scoped table and every storage object is protected by Postgres Row Level Security policies that restrict reads and writes to auth.uid() = owner. In practice, this means that even if someone compromised our application layer, they'd still need a valid authentication token for a specific user to access that user's rows. We (the operators) can only access your rows through the same RLS policies when debugging — we can't read your data unless we sign in as you.

3. Who else sees your data

3.1 Anthropic (Claude API)

goals. uses Anthropic's Claude API for five specific tasks:

• Voice reflection analysis — we send your transcript and ask Claude to return sentiment, energy level, focus areas, and a one-sentence summary.
• Voice intent parsing — we send your transcript and ask Claude to sort the mentioned tasks into structured todos and goals.
• Calendar event classification — we send event titles and locations and ask Claude to categorize them into a goal category.
• Statement extraction — we send the uploaded PDF/image file to Claude's vision-enabled Messages API and ask it to extract individual transactions.
• Weekly briefing generation — we send your goals, calendar hours per category, and computed alignment scores, and ask Claude to write a short summary and 1-2 suggested actions.

For each of these tasks, we send only the content needed for that specific task — never your name, email, Apple user identifier, or anything else that would let Anthropic connect the request back to you. Anthropic's API privacy policy states that they do not use API inputs to train their models, and we operate under their commercial terms.

3.2 Apple

Sign in with Apple, local push notifications, the App Store purchase / subscription flow, and any crash reports you choose to share with developers flow through Apple's services under Apple's privacy policy.

3.3 Supabase

Supabase is our database and storage provider. They have access to the raw database and storage buckets at the infrastructure level but do not read your data. See Supabase's privacy policy for details.

3.4 Resend (email)

We use Resend to send transactional emails (welcome, product updates, account recovery). Resend receives your email address and the content of the message we send to you. They do not have access to any other data.

3.5 Google (website analytics)

The trygoals.app marketing website uses Google Analytics 4. Google receives anonymized usage data — see section 1.8 above for the exact scope. The iOS app itself does not talk to Google for any reason.

3.6 Nobody else

We do not sell your data. We do not share it with advertisers. We do not hand it to data brokers. We do not run ads. We do not integrate with analytics vendors that track users across sites or apps. If any of that changes in the future, we'll update this policy with specifics before the change takes effect.

4. Your rights

You have the following rights, all of which are exercisable directly inside the app or by emailing us:

• Delete individual items — every goal, todo, voice recording, statement, and extracted transaction has a delete control inside the app.
• Delete your entire account — Settings → Privacy → Delete account. This calls a server-side function that hard-deletes your auth.users row, which cascades through every user-scoped table and storage bucket. It cannot be undone.
• Revoke a data source — disconnect Apple Calendar, Apple Health, Notifications, or Microphone at any time from iOS Settings → goals. or from inside the app. New data stops flowing immediately.
• Export your data — email us and we'll send you a JSON dump of everything we have on you within 14 days.
• Correct your data — most fields are editable directly in the app. For anything that isn't, email us.
• Opt out of weekly briefings — Settings → Check-in schedule. All three weekly reminders are individually togglable.
• GDPR / CCPA rights — if you're a resident of the EU, UK, California, or another jurisdiction with data protection laws, you have the additional rights provided by those laws (access, rectification, erasure, restriction, portability, objection). Email us to exercise any of them.

5. Children

goals. is not directed to children under 13. We do not knowingly collect personal data from anyone under 13. If you believe a child has signed up, contact us at the email below and we will delete the account and any associated data.

6. Retention

We keep your data as long as your account exists. When you delete your account, every user-scoped row and storage object is removed within 24 hours. Database backups that might contain historical copies of your data are purged within 30 days. After that point, we have no way to recover your data.

7. Security

We take reasonable technical and organizational measures to protect your data: encrypted transport (TLS 1.3) between the app, our edge functions, Supabase, and Anthropic; encryption at rest on Supabase's infrastructure; scoped per-user Row Level Security on every table; and principle-of-least-privilege for any admin access we have. No system is perfectly secure, but we try to make compromise require the kind of effort that would itself be a news story.

8. International transfers

Our servers and the servers of our sub-processors (Supabase, Anthropic, Resend, Apple) are primarily located in the United States. If you're using goals. from outside the US, you're consenting to your data being transferred to and processed in the United States under that country's laws.

9. Changes to this policy

If we materially change how we collect or use data, we'll update the date at the top of this page and notify you in the app (for significant changes) or in a blog post (for minor ones). Continued use of the app after a change means you accept the new policy.

10. Contact

Questions, requests, or complaints: hello@trygoals.app. We read every email.