Legal

Privacy Policy

Effective date: March 6, 2026

Steward (“we”, “our”, or “the app”) is an application that helps you monitor websites for changes like price drops, restocks, and availability. This Privacy Policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

Account information

When you sign in with Apple or email, we receive:

  • Display name (first and last name) — only if you choose to share it. Stored on our servers to personalize your experience.
  • Email address — used for account identification only.

We do not store your passwords or credentials directly. Authentication is handled securely through Apple's Sign In with Apple service or Supabase Auth.

Watch data

When you create a watch, we store:

  • The URL of the web page you want to monitor
  • Your watch condition (e.g., “price drops below $50”)
  • Watch name, emoji, action preferences, and check frequency
  • Product images fetched from the watched URL (og:image metadata)

Push notification tokens

If you enable push notifications, we store your device's push token linked to your account so we can send you alerts when your watches trigger.

Photos you share

If you attach a screenshot or photo in the Steward AI chat, the image is compressed and sent to our server for AI analysis. Photos are processed in real-time and are not permanently stored on our servers.

Activity log

We record in-app events such as watches created, alerts triggered, and actions completed. This powers the Activity tab in the app.

App preferences

Settings like dark mode and default check frequency are stored locally on your device only.

2. How We Use Your Data

DataPurpose
Name & emailAccount identification and personalization
Watch URLs & conditionsAutomatically checking web pages for changes on your behalf
Push notification tokenSending you alerts when a watch triggers
Chat messages & photosPowering the AI assistant to help you set up and manage watches
Activity logShowing you a history of watch checks and actions

We do not use your data for advertising, user profiling, or cross-app tracking.

3. Third-Party Services

We use the following third-party services to operate Steward:

Supabase (backend infrastructure)

Your account data, watches, and activity history are stored on Supabase servers. Supabase provides database hosting, authentication, and serverless functions. Data is stored in the United States.

Anthropic (AI processing)

When you use the Steward AI chat or when a watch check runs, text data (your messages, web page content up to 4,000 characters, and any attached photos) is sent to Anthropic's Claude AI for processing. Anthropic processes this data to generate responses and does not use it to train their models. See Anthropic's Privacy Policy.

Serper (product search)

When you share a product screenshot in chat, a search query may be sent to Serper.dev to find matching product listings. Only the product search query is sent — no personal information.

Apple (authentication & payments)

Sign In with Apple handles authentication. All subscription payments are processed entirely by Apple through the App Store. We never receive or store your payment information.

4. Data We Do NOT Collect

  • We do not collect payment or credit card information
  • We do not use analytics SDKs or third-party tracking tools
  • We do not serve advertisements
  • We do not sell, rent, or share your personal data with third parties for marketing
  • We do not track you across other apps or websites

5. Data Retention

Your data is retained as long as your account is active. Watch check results are kept to power price history and insights. If you delete your account, all associated data (profile, watches, activities, and check results) will be permanently removed from our servers within 30 days.

6. Data Security

We protect your data using:

  • HTTPS encryption for all data in transit
  • Supabase Row Level Security ensuring users can only access their own data
  • API keys and secrets stored as server-side environment variables, never in the app binary
  • Rate limiting on all server endpoints to prevent abuse

7. Your Rights

You have the right to:

  • Access your data — all your watches, activity, and profile are visible in the app
  • Delete your data — contact us at the email below and we will delete your account and all associated data
  • Revoke notification permissions — disable push notifications at any time in your device settings
  • Revoke Apple Sign In — go to Settings → Apple ID → Sign-In & Security → Sign in with Apple to stop using your Apple ID with Steward

8. Children's Privacy

Steward is not intended for children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the app or by updating the effective date at the top of this page. Your continued use of Steward after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or want to request data deletion, contact us at:

Email: support@steward.app