Privacy Policy

Catalyst is a voice-first AI assistant for tracking and articulating the work you do at your job. The conversations you have with it are candid by design — about colleagues, managers, frustrations, and the work no one else sees. Privacy isn’t a section at the bottom of this page; it’s the prerequisite for the product to function at all.

This policy describes what personal information Catalyst collects, how we handle it, who else is in the pipeline, and the rights you have over your own data. It applies to the Catalyst mobile app on iOS and Android, available in Canada and the United States. Catalyst is not currently offered outside those countries.

Catalyst is operated from Canada. The legal entity operating Catalyst is identified in the “Contact Us” section at the bottom of this page. Personal information is collected and handled in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, and the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) for residents of California. The General Data Protection Regulation (GDPR) is not in scope today.

Some of what protects your data on Catalyst is policy. Most of it is architecture — choices about how the system is built that make certain privacy violations structurally impossible, not just policy-prohibited.

Your transcripts live on your phone, not on our servers.When you have a conversation with Catalyst, the full text of what you said is stored locally on your device, in an encrypted SQLite database protected by your phone’s operating-system encryption (iOS Secure Enclave; Android Keystore). Catalyst’s servers do not persist verbatim transcripts.

There is no employer view, manager dashboard, or admin panel. Catalyst is built as a single-user product. There is no organization tier, no team-level account, no admin interface. An employer cannot purchase Catalyst on your behalf and gain access to your data, because no such product exists.

No AI provider in the pipeline trains on Catalyst customer data. Our agreements with Anthropic (Claude) and OpenAI (Whisper) prohibit the use of customer conversation content or voice audio for model training. The structured insights stored in our cloud are similarly off-limits.

We cannot produce transcripts under subpoena, because we do not have them. This is not a promise — it’s a property of the architecture. If a court or any other party demanded your conversation history from us, we could only produce what is in our cloud database: structured insights, summaries, and metadata. The verbatim text of what you said remains on your device.

Here is exactly what Catalyst captures, and what each piece of it is used for.

Account information. When you create an account, we collect your email address. For TestFlight beta access this is the only authentication mechanism. After Catalyst launches on the App Store, you can sign in with Apple (required for App Store apps that offer social sign-in) or Google in addition to email; in those cases we receive a token identifier from Apple or Google, not your full provider profile.

Profile.During onboarding you tell Catalyst your role (job title), the type of company you work at, and what you’re trying to achieve in your career. This shapes the conversations the AI has with you.

Session metadata. For every check-in, we record the date, the duration, and an internal session identifier.

Mood signals.A simple numeric scale (1–5) capturing how you felt about your work that day. We do not store any longer-form description of your mood.

Extracted insights.After each evening debrief, the AI runs a separate pass over the conversation to extract structured information: what you accomplished, recurring themes, the type of contribution (for example, “invisible unblocking” or “knowledge transfer”), and a confidence score. These insights are tagged and structured — they are not verbatim quotes from your transcript.

Weekly summaries. Once a week, Catalyst pulls your insights together into a short narrative summary of the week. This is generated text, not raw conversation content.

AI context summaries.Short summaries of your most recent sessions, used by the AI to remember what you have been working on. Stored both on-device and in our cloud, but again — these are summaries, not verbatim transcripts.

Product analytics.When you use Catalyst, the app and our backend send behavioral events to PostHog (for example, “screen viewed,” “debrief started,” “weekly summary opened”). These events include a stable user identifier and event metadata, not the content of what you said.

Email engagement signals. When we send you transactional or lifecycle email (welcome message, weekly summary notification, re-engagement nudge), Loops records standard email engagement metadata such as sends, opens, and clicks against your email address.

What Catalyst does not collect.We do not store voice audio (it is discarded immediately after transcription — see the next section). We do not store raw conversation transcripts on any server we control. We do not collect or ask for your employer’s identity. We do not collect real-time location.

Catalyst is a voice-first product, which means voice and AI are the centerpieces of how it works. Here is the literal pipeline.

Step 1 — voice goes to Whisper.When you speak to Catalyst, the audio is sent over an encrypted connection to OpenAI’s Whisper API for transcription. Once Whisper returns the text, the audio is discarded. We do not store voice files on our servers, and Whisper is contractually prohibited from using your audio to train its models.

Step 2 — text goes to Claude.The transcribed text is sent to Anthropic’s Claude API for two purposes: to generate the AI’s next conversational turn, and (after the session ends) to extract structured insights from the full conversation. Anthropic is contractually prohibited from training on Catalyst customer data.

Step 3 — only the structured output is stored.Catalyst’s servers receive the structured insights, summaries, and metadata that Claude returns. The verbatim conversation text does not stay on our servers after extraction completes. The on-device copy remains until you delete it.

Cross-border processing.OpenAI and Anthropic both process requests through infrastructure that may not be located in Canada. Under PIPEDA, this is permitted but must be disclosed: you should know that voice audio (briefly, in transit to Whisper) and conversation text (during AI inference) may be processed outside Canada by these providers. Both providers operate under signed Data Processing Agreements that bind them to handle this data on Catalyst’s behalf only.

Transcription errors. Speech-to-text is not perfect, especially with technical jargon or proper nouns. You can review and correct your transcripts in the app at any time, and corrections feed back into the structured record.

Catalyst uses the information described above for the following purposes:

• To provide the service.Conversations, insights, weekly summaries, and the longitudinal record of your work — these are what the product is.
• To send you essential email. Account verification, password resets, weekly summary notifications, and lifecycle nudges if you go inactive.
• To understand how the product is used.Aggregated, behavioral analytics through PostHog help us improve onboarding, retention, and the parts of the app that aren’t working. These analytics do not include the content of your conversations.
• To keep your account secure. Detecting and preventing abuse, fraud, and unauthorized access.
• To meet legal obligations. Responding to lawful requests, fulfilling tax and regulatory obligations.

What Catalyst does not do with your information:

• We do not sell your personal information to anyone.
• We do not share your information with advertisers, data brokers, or marketing partners.
• We do not provide your data — in any form — to your employer.
• We do not allow our AI providers to train their models on your data.

Catalyst uses a small number of carefully chosen third-party providers to deliver the service. Each is bound by contract to handle your information only as Catalyst directs, and only for the purpose listed.

Anthropic (Claude). Processes conversation text and transcripts during AI inference and insight extraction. Hosted on Anthropic infrastructure (United States). Anthropic privacy policy.

OpenAI (Whisper API). Processes voice audio for transcription. Audio is not retained after transcription completes. Hosted on OpenAI infrastructure (United States). OpenAI privacy policy.

Supabase. Provides authentication, database, and storage for account information, profile, session metadata, extracted insights, and weekly summaries. Data is hosted in Canada (the ca-central-1 region). Supabase privacy policy.

PostHog.Provides product analytics, feature flags, and in-app surveys. Behavioral events are stored in PostHog’s European Union cloud. PostHog privacy policy.

Loops. Sends transactional, marketing, and lifecycle email. Stores your email address, lifecycle event triggers, and standard email engagement metadata. Hosted in the United States. Loops privacy policy.

Apple and Google (after App Store launch only). If you sign in with Apple or Google, the corresponding provider issues an authentication token which Catalyst uses to identify you. Catalyst does not receive your full provider profile. Apple privacy policy · Google privacy policy.

Catalyst retains personal information only for as long as you have an account, plus a short period afterwards for operational reasons such as backup expiration. Specifically:

• Cloud data(insights, summaries, profile, account, metadata) is retained for the duration of your account. It is deleted immediately when you close your account — there is no soft-delete grace period.
• On-device data (transcripts, local cache) persists on your phone until you delete the app or clear it manually. When you close your account the app prompts you to remove local data; we cannot force deletion of data on your device.
• Voice audiois not retained at all — it is discarded after transcription completes.
• Backups.Cloud database backups are retained per Supabase’s standard backup retention windows and are purged automatically on that schedule.

If you are in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) gives you specific rights over your personal information. Catalyst supports each of them:

• Access. You can see the personal information Catalyst holds about you. The app provides in-app access to all stored insights, weekly summaries, and your profile data. For anything not visible in the app, email legal@usecatalyst.app.
• Correction. You can correct inaccurate information. Profile fields are editable in the app; extracted insights can be flagged or corrected on the relevant insight cards.
• Deletion.You can delete your account and all associated cloud data at any time. Deletion is immediate and complete — not soft-deleted, not held for 30 days.
• Withdraw consent. Withdrawing consent to data processing is equivalent to deleting your account. You can do this at any time.
• Data export. You can request a full export of your stored data. An in-app export is in development; in the meantime, send a written request to legal@usecatalyst.app and we will provide an export within the response window below.
• Challenge our compliance. If you believe Catalyst is not handling your information in accordance with this policy or PIPEDA, contact us at legal@usecatalyst.app. If you are not satisfied with our response, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada.

Catalyst will respond to access, correction, deletion, and export requests within 30 days.

If Catalyst is acquired or shuts down.Two specific commitments worth stating directly. If Catalyst is acquired, your data does not transfer to the acquiring entity without your explicit, affirmative consent — you will be notified in advance and given the option to delete first. If Catalyst shuts down, you will receive a minimum of 30 days’ notice with a working data export mechanism, and all user data will be deleted at shutdown rather than transferred or sold.

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you a specific set of rights over your personal information. This section describes those rights and how Catalyst handles California residents’ data. It supplements, and does not replace, the rest of this policy.

Categories of personal information collected. In the past twelve months, Catalyst has collected the following categories of personal information from California residents:

• Identifiers — email address, account identifier, device identifiers used in analytics.
• Commercial information — record of paid plan status (when payment is introduced).
• Internet or other electronic network activity — behavioral analytics events generated as you use the app.
• Audio and electronic information — voice audio (transient, not retained) and the resulting text transcripts (stored on your device only).
• Professional or employment-related information — your role, company type, career goal, and the contents of your career-related conversations.
• Inferences — structured insights, themes, and patterns the AI derives from your conversations.

Sources of personal information. Directly from you (account creation, onboarding, voice conversations) and automatically from your device (analytics, app diagnostics).

Business purposes.All purposes listed in “How We Use Your Information” above. Catalyst does not collect personal information for any purpose not disclosed in this policy.

Categories shared with sub-processors.Each category above may be processed by the sub-processors listed in the “Sub-processors and Third Parties” section, only for the specific purpose listed there.

Sale or sharing of personal information. Catalyst does not sell personal information. Catalyst does not share personal information for cross-context behavioral advertising. There is no opt-out to set, because the disclosure being opted out of does not occur.

Sensitive personal information.California treats certain categories — including audio recordings and the contents of communications — as “sensitive personal information.” Catalyst’s voice audio (transient) and conversation transcripts qualify. Catalyst uses sensitive personal information only to provide the service you signed up for. You have the right to limit use of sensitive personal information; given that we already limit it to providing the service, exercising this right does not change how Catalyst handles your data, but you may submit such a request through the contact channel below.

Your rights under CCPA/CPRA. California residents have the right to:

• Know what personal information Catalyst collects, uses, and shares (described above and elsewhere in this policy).
• Delete your personal information (handled via account deletion, described above).
• Correct inaccurate personal information (handled in-app and via the contact channel).
• Opt out of sale or sharing — not applicable, since Catalyst neither sells nor shares for cross-context behavioral advertising.
• Limit use of sensitive personal information (described above).
• Non-discriminationfor exercising any of these rights — Catalyst will not deny service, charge a different price, or provide a different level of quality based on the exercise of California privacy rights.

Authorized agents. You may designate an authorized agent to make a request on your behalf. The agent must provide written authorization signed by you, and Catalyst may verify your identity directly before fulfilling the request.

How to exercise these rights. Email legal@usecatalyst.app from the address associated with your Catalyst account. Catalyst will respond within 45 days, with one possible 45-day extension as permitted by CCPA.

Catalyst uses standard, defense-in-depth security practices:

• In transit. All connections between the app, our backend, and our sub-processors use TLS encryption.
• At rest in the cloud.Supabase encrypts data at rest by default. Row-level security is enabled on every table, so a query can only return rows belonging to the authenticated user — a defense at the database layer, not just the application layer.
• At rest on your device.Transcripts and local cache are stored in an SQLite database protected by your phone’s operating-system encryption (iOS Secure Enclave; Android Keystore).
• Authentication. Session tokens are stored in AES-256-CTR encrypted device storage, with the encryption key held in the iOS Keychain or Android Keystore (both hardware-backed). Authentication uses the PKCE OAuth flow.
• Email links. Account-related email links route through https://usecatalyst.app/auth/confirm before redirecting back to the app, to ensure they work in any email client.

No system is completely secure. Catalyst is built defensively, but no provider — including ours — can guarantee that no breach will ever occur.

Catalyst is intended for working professionals and is not directed to anyone under the age of 16. Catalyst does not knowingly collect personal information from children under 16. If you believe a child under 16 has created a Catalyst account, contact legal@usecatalyst.app and we will delete the account and associated information promptly.

Catalyst may update this privacy policy from time to time. For material changes — those that change how Catalyst collects, uses, or shares personal information in a way that affects you — Catalyst will notify you by email and through an in-app banner before the change takes effect. For minor edits (clarifications, formatting, or fixing typos), Catalyst will update the “Last updated” date at the top of this page. Continued use of Catalyst after notice of a material change constitutes your acceptance of the updated policy.

For privacy-related questions, requests, or concerns, contact us at legal@usecatalyst.app.