Privacy Policy

1. Who we are

This Privacy Policy explains how txt.club ("txt.club," "we," "us," or "our") collects, uses, shares, and retains personal information when you use our SMS digest service at txt.club, our companion product at txt.club/stargirl, and any related websites, APIs, or features (collectively, the "Service"). It applies to anyone who texts our number, visits our sites, or otherwise interacts with us. By using the Service you acknowledge this Policy and our Terms of Service.

2. What we collect

You give us

• Phone number — required so we can text you.
• Email address — collected at verification, used for receipts and account recovery.
• Your messages to us — the conversation with the AI agent, including names, interests, sources, opinions, time-zone, preferences, and anything else you choose to share. Don't send us information you wouldn't want stored.
• Product-specific inputs — for the Stargirl product, optional birth date / birth time / birth place and free-text "intentions" and evening reflections.
• Account fields — name and password (if you set one through the web), better-auth session records, and any profile links you confirm to the agent.

We generate

• Working memory — a running summary the AI keeps about you so it can write better digests over time.
• Digest log — what we sent, when, and what content went into each digest, so we don't repeat ourselves and can debug delivery.
• Agent run logs — internal traces of each model run for quality, abuse-detection, and debugging.
• Embeddings — numerical representations of your stated interests, used to match content.

We receive automatically

• Delivery metadata from Linq — message IDs, chat IDs, delivery / read status, and the channel (SMS or iMessage). We do not receive messages addressed to anyone other than our number.
• Billing metadata from Stripe — customer ID, subscription ID, period dates, currency, country, and the last four digits of your card. We never see your full card number.
• Web analytics — pageviews, source referrer, IP-derived approximate location, device/browser type, and SMS-funnel events via PostHog. We do not send conversation content to PostHog.
• Verification signals — Cloudflare Turnstile challenge results, used to keep bots off the SMS number.

3. How we use it

• To run the Service — receive your texts, generate digests, send replies, schedule deliveries, and let you manage your account.
• To bill you — process subscription payments through Stripe and apply referral credits.
• To improve the Service — tune prompts, fix bugs, measure funnel performance, and prioritize features.
• To communicate with you — service messages, receipts, security alerts, and (rarely) product announcements. Marketing-only messages are opt-out at any time.
• To detect abuse and fraud — including bot detection, payment fraud, and acceptable-use enforcement.
• To comply with law — respond to lawful requests, enforce our Terms, and protect our rights, users, and the public.

We do not use the content of your conversations to train public foundation models. We may use aggregated, de-identified data (counts, latencies, funnel rates, model-quality metrics, etc.) for any legitimate business purpose.

4. Legal bases (EEA / UK users)

Where the GDPR or UK GDPR applies, we rely on these legal bases: contract (to provide the Service you signed up for), legitimate interests (to secure, debug, improve, and market the Service in proportion to your privacy interests), consent (where required, e.g., certain cookies or marketing), and legal obligation (tax, fraud, lawful requests). You can withdraw consent and object to processing based on legitimate interests by contacting us.

5. Who we share data with

We share personal information only with service providers acting on our behalf, and only as needed to run the Service:

• Linq — SMS / iMessage transport.
• Stripe — payments, billing, fraud screening.
• OpenRouter, Anthropic, OpenAI, Google, and other model providers — to draft replies and summarize content. Each request carries the conversation context required to respond. We instruct providers not to train on our data where their terms support that.
• MongoDB Atlas — primary database hosting.
• Redis / hosting providers — queues, caching, application hosting.
• Postmark — transactional email delivery.
• PostHog — product analytics (no conversation content).
• Cloudflare — bot defense (Turnstile), CDN, and Pages hosting.
• Third-party content APIs — e.g., YouTube and X for sources you ask us to watch. We request publicly available content on your behalf; we don't share your identity with those services beyond what's required to fetch the content.

We do not sell personal information, and we do not "share" it for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act. We may disclose information when we believe in good faith it's required by law, to respond to lawful requests, to enforce our Terms, to protect our rights or property, or in connection with a merger, acquisition, financing, or sale of assets, in which case we'll require the recipient to honor this Policy.

6. International transfers

We are based in the United States. If you use the Service from outside the U.S., your information will be transferred to, stored in, and processed in the U.S. and other countries where our providers operate. These jurisdictions may not offer the same data-protection standards as your home country. Where required, we rely on Standard Contractual Clauses or equivalent safeguards. By using the Service, you consent to these transfers.

7. How long we keep it

We keep your account, conversation transcript, working memory, embeddings, and digest log for as long as your account is active and for a reasonable period afterward to support reactivation, dispute resolution, and our legal obligations.

• Active accounts: retained while you are a user.
• Deletion requests: account record, working memory, conversation transcript, embeddings, and digest history erased from active systems within 30 days of a verified request.
• Inactive accounts: may be deleted or anonymized after 24 months of no activity.
• Billing records: retained by Stripe and by us for as long as required by tax, accounting, and anti-fraud law (typically 7 years).
• Logs, backups, and aggregated analytics: roll off on independent schedules, generally 30–90 days for application logs and up to 12 months for analytics. De-identified or aggregated data may be kept indefinitely.

8. Your controls

• Pause digests — text pause.
• Cancel your subscription — text cancel.
• Stop all messages — text STOP. We will cancel your subscription and silence all outbound SMS. Reply start to resume.
• Access, correction, deletion, portability — email hi@txt.club. We'll verify your request via the phone number or email on file and respond within the timeframe your local law requires (usually 30 to 45 days).
• Opt out of analytics — most browsers honor Global Privacy Control; PostHog respects "Do Not Track" where applicable.
• EEA / UK — you have the right to lodge a complaint with your local supervisory authority.
• California — you may request the categories and specific pieces of personal information we've collected, request deletion or correction, and designate an authorized agent. We do not discriminate against users who exercise these rights.

9. SMS terms summary

Message and data rates may apply. Frequency varies — typically one digest per day plus replies you trigger. Carriers are not liable for delayed or undelivered messages. For SMS support, email hi@txt.club or reply help. Full terms in our Terms of Service.

10. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from them. If you are under 18, do not provide information beyond what is necessary to use the Service. If you believe a child has provided us with personal information, contact hi@txt.club and we will delete it. If you tell us you are under 18, the AI is configured to avoid adult and financial-advice topics, but we make no guarantee that every output will be appropriate for minors.

11. Security

We use TLS in transit, encrypted databases and backups at rest, least-privilege access for the limited number of operators who can touch production, and standard application-security practices. No system is perfectly secure. We do not guarantee that unauthorized access will never occur. Notify us immediately at hi@txt.club if you suspect your account has been compromised.

12. AI-generated content

Digests and replies are produced by large language models. They can be wrong, outdated, biased, or fabricated. Treat them as a summary, not as professional advice. We are not responsible for decisions you make based on AI output. See our Terms for the full disclaimer.

13. Third-party links and services

Digests may include links to YouTube, X, articles, podcasts, and other third-party content. We don't control those sites and aren't responsible for their content, privacy practices, or terms.

14. Changes to this Policy

We may update this Policy from time to time. If we make a material change to how we use your personal information, we'll let active subscribers know by SMS or email and update the date at the top of this page. Your continued use of the Service after the effective date constitutes acceptance of the updated Policy.

15. Contact

Questions, requests, or weird edge cases — hi@txt.club. You can also text the bot and ask; it will route you to a human.