← Back to Still

Privacy Policy

Last updated: January 2026

What We Collect

When you use Still, we collect:

  • Account information: Email address and display name (from Google Sign-In or email signup)
  • Your thoughts: The text content you enter into Still
  • Usage data: When you access Still and how you interact with features
  • Device information: Browser type and operating system for troubleshooting

How We Use Your Data

Your data is used to:

  • Provide the service: Store your thoughts and surface relevant information when it matters
  • Process your content: We send your thought content to OpenAI's API to analyze context, detect time references, and generate insights. This processing happens in real-time and is necessary for Still's core functionality.
  • Send notifications: If enabled, deliver gentle reminders based on your thoughts
  • Improve the product: Aggregate, anonymized usage patterns help us improve Still

Third-Party Data Processing

OpenAI: Your thought content is sent to OpenAI's API for analysis. OpenAI's data usage policy applies to this processing. According to OpenAI's API terms, data sent via their API is not used to train their models. However, it may be retained for up to 30 days for abuse monitoring purposes.

Firebase (Google Cloud): Your data is stored on Google Firebase infrastructure. Google's Cloud security and privacy policies apply.

We do not sell your personal data to third parties. We do not share your thought content with any parties other than OpenAI for processing purposes.

Data Retention

  • Your thoughts are stored until you delete them or delete your account
  • Archived thoughts remain in your account unless permanently deleted
  • When you delete your account, all your data is permanently removed from our systems within 30 days
  • Backups may retain data for up to 90 days after deletion

Your Rights

You have the right to:

  • Access: View all data we have about you
  • Delete: Remove individual thoughts or your entire account
  • Export: Request a copy of your data (contact us through Settings)
  • Opt-out: Disable notifications at any time

Security

We use industry-standard security measures including:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure authentication via Firebase Auth
  • Access controls limiting who can view your data (only you)

While we take security seriously, no system is 100% secure. We recommend not storing extremely sensitive information (passwords, financial details, etc.) in Still.

Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

Children's Privacy

Still is not intended for users under 13 years of age. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy periodically. Significant changes will be communicated via email or in-app notification. Continued use after changes constitutes acceptance.

Contact

Questions about privacy? If you're a Still user, please use the Contact option in your Settings. Otherwise, visit our contact page.