← Back to Nudge

Privacy Policy

Last updated: March 2026

The short version

Your WhatsApp conversations are stored locally on your device. When you request a draft reply, message context (up to 20 recent messages) is sent through our server to Anthropic's API for generation. We do not store your message content — it passes through our server and is discarded immediately. The personal data we collect is your email address, a device identifier, and daily usage counts.

What we collect

  • Email address — collected when you join the waitlist. Used for account verification, updates about Nudge's launch, and early access invitations. Stored via Resend, our email delivery provider.
  • Device identifier — a random UUID generated on your device during sign-in. Stored in your JWT token alongside your email. Used to identify your device for authentication purposes.
  • Daily usage counts — we track the number of AI draft requests per email per day via Vercel KV (Redis). This data contains no message content — only a count. Counts auto-expire after 24 hours.
  • WhatsApp messages — stored locally on your machine. When you request a draft reply, recent message context (up to 20 messages) is sent from your device to our server (yournudge.app), which forwards it to the Anthropic API for generation. We do not store your message content on our servers. It is forwarded to Anthropic and immediately discarded. Anthropic does not use API inputs to train models. See Anthropic's privacy policy and data retention policy.
  • Anonymous usage analytics — collected via Plausible Analytics, a privacy-friendly tool that uses no cookies and collects no personal data. We see aggregate page views and feature usage only.

AI proxy service

When you request a draft reply, the following happens:

  1. Your app sends recent message context (up to 20 messages per conversation) to our server at yournudge.app.
  2. Our server verifies your identity via a JWT token and checks your daily usage limit.
  3. The message context is forwarded to Anthropic's API (Claude) for reply generation.
  4. The generated reply is returned to your app. The message context is not stored on our server at any point.

This proxy exists to protect our API key and enforce usage limits. All communication between your device and our server uses HTTPS encryption.

Draft quality feedback

When you report a draft reply as low quality (via the thumbs-down button in the reply overlay), the following data is stored server-side for debugging and prompt improvement:

  • The AI-generated draft text and the conversation snippet (same messages already sent during generation)
  • Your email address, the contact name, and the reason you selected

This is opt-in only — nothing is stored unless you explicitly click "Report." Data is accessible only to Nudge admins for debugging purposes. Reports are deleted after review; there is no indefinite retention. You can request deletion of your reports at any time by emailing hello@yournudge.app.

Authentication tokens

When you sign in, a JWT (JSON Web Token) is created containing your email address and device ID. This token is stored locally on your device and sent with each request to verify your identity. Tokens expire after 30 days and can be refreshed during the last 7 days before expiry. No session data is stored on our servers.

What we don't collect

We do not store your WhatsApp conversations on our servers. We do not use tracking cookies. We do not sell your data to third parties. We do not build advertising profiles. Message content is never logged or persisted on our infrastructure — unless you explicitly report a draft for quality review (see "Draft quality feedback" above).

Data storage and retention

Your conversation data and draft history are stored in a local SQLite database at ~/Library/Application Support/Nudge/nudge.db on your Mac. Nudge does not have access to this file.

Your waitlist email is stored by Resend (our email provider). Waitlist emails are deleted within 12 months of general availability unless you become an active user. If you request deletion, we will remove your data within 30 days.

Third-party services

  • Resend — email delivery for waitlist confirmation and audience management for account verification. Privacy policy
  • Anthropic — AI draft generation via our proxy service (sub-processor; only when you request a draft). Their API data policy applies — they do not train on API inputs. Privacy policy
  • Vercel — hosting for our website and API proxy. Serverless functions process your requests but do not persist message content. Privacy policy
  • Upstash (Vercel KV) — Redis database for daily usage counts and draft feedback reports. Rate limit counters (email-based, no message content) auto-expire after 24 hours. Draft feedback reports are stored only when you explicitly report a draft and are deleted after admin review. Privacy policy
  • Plausible Analytics — privacy-friendly website analytics, no cookies. Privacy policy

WhatsApp data access

Nudge connects to WhatsApp via whatsapp-web.js, an open-source, unofficial library. Nudge is not affiliated with, endorsed by, or sponsored by Meta Platforms, Inc. or WhatsApp LLC. Your use of Nudge with WhatsApp is subject to our Terms of Service.

How Nudge works technically

Nudge connects to WhatsApp Web through an open-source library called whatsapp-web.js. Here's what happens under the hood.

WhatsApp connection

You pair your WhatsApp account by scanning a QR code — the same process as WhatsApp Web. The session is stored locally on your Mac using LocalAuth. No credentials are sent to our servers.

What stays on your device

Everything that can stay local, does. Your conversation history, contact list, message metadata, draft history, and app settings live in a local SQLite database at ~/Library/Application Support/Nudge/nudge.db. This file never leaves your machine.

How AI drafts are generated

When you request a draft reply, up to 20 recent messages from that conversation are sent to our server at yournudge.app/api/proxy/generate. Our server verifies your identity, checks your usage limit, forwards the context to Anthropic's Claude API, and returns the draft. The message context is not stored on our server — it passes through and is discarded immediately.

What's never collected

We never access your full chat history. We never download media (photos, videos, voice messages). We never export your contacts list. We never build a profile of your social graph. The only data that temporarily leaves your device is the message context needed to generate a single draft reply.

What we do and what we don't

What we do

  • Store all conversations locally in SQLite
  • Encrypt all proxy calls via HTTPS
  • Auto-delete usage counts after 24 hours
  • Use privacy-friendly analytics (Plausible, no cookies)

What we don't

  • Store messages on our servers
  • Sell or share your data with third parties
  • Use tracking cookies or ad pixels
  • Track your browsing or build advertising profiles

About WhatsApp Web integration

We want to be transparent about how Nudge connects to WhatsApp and what that means for you.

whatsapp-web.js is unofficial. It's an open-source library that replicates the WhatsApp Web client. It is not developed, endorsed, or affiliated with Meta Platforms or WhatsApp LLC. We chose it because it allows local-only message access without a cloud intermediary.

There's a risk. Because the library is unofficial, WhatsApp could change their Web protocol or actively block sessions created through whatsapp-web.js. If that happens, your WhatsApp account itself is safe — you would just need to re-pair or the connection might stop working until the library is updated.

Our approach is conservative. Nudge operates in read-only mode by default. We don't send messages, make calls, or modify your chat data. We don't do bulk messaging or automated outreach. We respect WhatsApp's rate limits. The app only reads conversations to identify unreplied messages and generate draft replies.

The trade-off is worth acknowledging. Using an unofficial library means accepting some uncertainty. We believe the privacy benefits — your messages staying local, no cloud intermediary, no third-party access to your full chat history — are worth that trade-off. But we want you to make that decision with full information.

Your rights

Under the GDPR and UK GDPR, you have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — request correction of inaccurate personal data.
  • Erasure — request deletion of your personal data. We will comply within 30 days.
  • Portability — request your data in a structured, machine-readable format.
  • Restriction — request that we limit processing of your data.
  • Objection — object to processing based on legitimate interests.
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, email hello@yournudge.app. You also have the right to lodge a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).

Data breach notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33. If the breach is likely to result in a high risk to your rights and freedoms, we will notify you directly without undue delay.

Data controller

The data controller for the purposes of GDPR is Byron Voorbach, based in The Netherlands. You can reach the data controller at hello@yournudge.app.

Changes to this policy

If we make material changes, we'll notify waitlist members by email before the changes take effect. The "last updated" date at the top of this page will always reflect the most recent revision.

Contact

Questions about privacy? Email us at hello@yournudge.app.