Privacy Policy

A. Data stored locally on your device

The Chrome extension stores the following in your browser's local storage. This data never leaves your device unless you explicitly use a feature that sends it (such as AI coaching or event sync).

• Your profile — name, recovery orientation, challenges, vulnerability patterns, trigger context, and filter preferences. Used to personalize Sam's coaching.
• Behavioral signals — a rolling 200-entry log of extension activity (e.g., intervention shown, urge surfed, partner notified). Used for pattern analysis and the Learning Report.
• Urge sessions — up to 100 session summaries from conversations with Sam. Used to surface patterns over time.
• Journal entries — up to 20 post-slip journal entries with AI-generated pattern notes. Stored locally only.
• Social check-ins — up to 30 entries from the social media pause card. Used for pattern tracking and Sam's context.
• Browsing log — a 7-day rolling log of domains visited while the extension is active (domain name, page title, visit duration, category). Used for the daily Learning Report. Not written during monitoring-pause windows. Never shared with partners.
• App usage days — a count of unique calendar days you've used the extension. Used to trigger milestone check-in emails sent to your own email address.

B. Data stored in your browser's sync storage

Chrome sync storage may be synced across your devices by Google if you are signed into Chrome. We store:

• Name and email address — used to send coaching session emails and milestone messages.
• Partner information — name, email, and relationship of up to three support people you designate. Used only to send partner notification emails that you initiate or that are triggered by your activity.
• Extension settings — block list, content filters, monitoring preferences, and safety-net sensitivity. Used to configure the extension's behavior.

C. Data sent to our servers

We operate a backend on Vercel ("tryconnection.app") and a database on Supabase. The following data is transmitted to our servers:

• Email address and device identifier — a randomly generated ID that persists per device. Used to associate events across devices and prevent duplicate records.
• Behavioral events — a structured log of event types (e.g., domain visited, urge session started, social check-in completed) along with timestamps, categories, and severity levels. Used to power cross-device sync and future dashboard features. No browsing content, page titles, or full URLs are included — only domain names and behavioral metadata.
• Onboarding submission — name, email, challenges, and orientation from the website sign-up flow. Stored in our database and used to pre-configure the extension.

D. AI coaching conversations

When you talk with Sam, your messages are sent through our server proxy to Anthropic's Claude API. Conversations are processed in real time to generate Sam's response. We do not store conversation transcripts on our servers. Anthropic may retain API request data subject to their own privacy policy.

Your user context (name, orientation, recent signals, recovery patterns) is included in each API request so Sam can respond to your specific situation. This context is assembled from locally stored data and transmitted only at the moment of the conversation.

E. Partner notification emails

When you trigger a partner notification — or when certain configured events occur — we send an email to the support people you have designated. These emails are sent via Resend from hello@tryconnection.app. They describe the general nature of the event (e.g., "[Name] is working through something difficult right now") but do not include browsing history, specific content accessed, or journal entries.

You control which events trigger partner notifications. Partners are only notified when you have explicitly set up that behavior in the extension.