Privacy Policy
Last updated · May 6, 2026
What we collect
Your phone number (for sign-in and as the channel Flint texts you on), your name (if provided), your timezone, your subscription status, and the content of your conversations with Flint.
Why we collect it
To run the service. Your phone is how Flint reaches you. Your conversations are stored so Flint can remember context across days and continue meaningful conversation with you. Your subscription status determines whether you can use Flint.
What we don't do
We don't sell your data. We don't share your conversations with third parties for advertising. We don't train AI models on your messages. The AI providers we use (Anthropic via OpenRouter) are configured not to retain your data for training.
Who has access
Your conversations are confessional in nature, and we treat them accordingly. Access to user conversations is restricted to a small operations team for the purpose of investigating reported issues only. We do not browse messages without cause.
Vendors we rely on
Convex (database + serverless backend), Clerk (authentication), Stripe (payments), Linq (text-message delivery), OpenRouter (LLM routing to Anthropic), and Vercel (hosting). Each has its own privacy commitments; we choose vendors with strong baseline protections.
Your data, your call
You can request a full export or deletion of your data at any time by emailing [email protected]. Deletion is fulfilled within 30 days, including conversation history and any vector embeddings derived from your messages.
Crisis safety
If you tell Flint about a self-harm, abuse, or acute mental-health situation, Flint will direct you to professional resources (988, Crisis Text Line, etc). We retain those messages along with the rest of your conversation history. We do not proactively report crisis content to authorities.
Contact
Questions about this policy? [email protected].
This policy is placeholder language and will be reviewed by counsel before public launch.