SAGA
Sign Up
Privacy & Security/Privacy Architecture

Privacy Architecture

Privacy isn't a feature—it's how Saga is built. This page explains our architecture and the third-party services we use.

Privacy Principles

Your data stays local

Journal entries and notes never leave your device. They're stored as markdown files you control in your .saga folder.

Minimal cloud footprint

We only store what's necessary: your account info and usage data for billing. Nothing more.

No training on your data

Your conversations are not used to train AI models. We contractually prohibit our AI providers from using your data for training.

How AI Conversations Work

When you talk to Saga, your messages are sent to AI providers to generate responses. However:

  • • Conversations are processed in real-time and not stored on our servers
  • • Your data is not used for AI training by us or our providers
  • • We use enterprise AI providers with strict data handling policies

What We Can't See

We have no access to:

  • • Your journal entries
  • • Your notes and personal documents
  • • Your conversation history
  • • Any files in your local Saga folder

This isn't just policy—it's architecture. We literally can't access what we don't have.

Third-Party Services

We use the following services to operate Saga. We choose providers that respect user privacy and do not sell your data.

AI Providers — Groq

When you chat with Saga, your messages are sent to Groq to generate AI responses. Groq processes your conversations in real-time but does not store them.

  • Data sent: Your messages and conversation context
  • Retention: Not retained after processing
  • Training: Groq does not use customer data for training AI models

See Groq's Trust Center for their full privacy policy.

Authentication & Database — Supabase

We use Supabase to manage user accounts and store billing-related data. This is the minimal data needed to provide the service.

  • Data stored: Email address, account settings, usage metrics (tokens used, costs)
  • Not stored: Your conversations, journal entries, or personal notes
  • Security: SOC 2 Type II certified

See Supabase Privacy Policy for details.

Payment Processing — Stripe

Stripe handles all payment processing for subscriptions. We never see or store your full card details.

  • Data handled by Stripe: Credit card details, billing address
  • What we receive: Last 4 digits of card, payment status
  • Security: PCI DSS Level 1 certified

See Stripe Privacy Policy for details.

Analytics — PostHog

We use PostHog to understand how users interact with Saga so we can improve the product. Analytics data does not include your conversation content.

  • Data collected: Feature usage, button clicks, navigation patterns, errors
  • Not collected: Conversation content, journal text, personal notes
  • Hosting: US cloud (PostHog Cloud)

See PostHog Privacy Policy for details.

Why This Matters

Self-reflection requires safety. When you know your thoughts are truly private, you can be more honest. More honesty means better insights. Better insights mean more value from Saga.

Privacy isn't just about data protection—it's about creating the conditions for genuine self-understanding.

For our legal privacy policy, see Privacy Policy →

Questions? Contact privacy@saga.chat