Trust

Privacy at Sibyl

Sibyl is your portable context. We treat your data the way we'd want ours treated: read what you ask us to read, encrypt at rest, log every fetch, and delete on request. Here's the detail.

Section 1

What we read

  • Gmail
    last 90 days of messages (sender, recipient, subject, body)
  • Calendar
    last 6 months of events (title, attendees, time, notes)
  • Claude conversations
    only what you upload (Claude export ZIP) or what the browser extension pulls live
  • macOS Contacts (via Sibyl Mac app)
    names, phone numbers, emails, labels — never uploaded wholesale, only used as identity-resolution directory
  • iMessage (via Sibyl Mac app)
    last 90 days of messages, locally read
Section 2

What we don't

  • We don't train models on your data
  • We don't share your data with third parties
  • We don't read drafts or trash
  • We don't write to your accounts (no sending email, no calendar edits)
  • We don't read messages with non-contact handles (filtered out)
Section 3

How we protect it

  • Encryption at rest with a per-user key
  • Every Sibyl fetch is logged in your access log (visible at /access)
  • Sub-processors: Anthropic (Claude API), Supabase (Postgres + auth), Vercel (hosting), Sentry (error monitoring).
  • One-click delete: /settings → Danger Zone → “Delete account + all data” (cascades through every table; auth user removed)
← Back to Sibyl
Questions? privacy@meetsibyl.xyz · Last updated April 2026