Snapstash
Start stashing

Legal

Privacy Policy

Last updated April 27, 2026

Snapstash is built around a simple promise: the receipts, bills, screenshots, and notes you stash belong to you. This policy explains exactly what data the Snapstash iOS app and the snapstash.io website handle, where it goes, and the choices you have.

Summary

  • Your snapped photos and the structured memories extracted from them are stored on your device.
  • To extract details from a photo, Snapstash sends the image to our backend and on to Anthropic's Claude API. The image is held only as long as needed to return a result.
  • We do not sell your data, run ads, or include any third-party analytics, tracking, or advertising SDKs.
  • The Snapstash app does not require an account.

Information we handle

Photos and extracted memories

When you snap a receipt, bill, document, or screenshot, the photo is saved on your device. To turn the image into a structured memory (title, fields, dates, tags), the app uploads the image over HTTPS to our backend, which forwards it to Anthropic's Claude API. The extracted memory is returned to your device and persisted in the app's local store using Apple's SwiftData framework.

We do not retain the uploaded image on the backend after the extraction job finishes. We keep a short-lived, process-local content-hash cache so that re-uploading the same image (e.g. a retry after a network blip) does not re-bill the AI provider; this cache is bounded in size and cleared when the server restarts.

Photo location

When you import a photo from your photo library, Snapstash reads the location embedded in the photo's metadata (latitude, longitude, and a reverse-geocoded place name) and stores it alongside the memory on your device. This location data is not shared with third parties. Snapstash does not run an active location tracker or request your live location.

Reminders

If you accept a suggested action that creates a reminder, Snapstash writes that reminder to Apple's Reminders app via EventKit, only after you grant permission. Snapstash does not read your existing reminders.

Agent conversations

When you ask a question in the Ask tab, the app sends the conversation thread and the memories it needs to consult to our backend, which forwards the request to Anthropic's Claude API. The reply is streamed back and stored on your device. We do not retain the conversation contents on our backend after the response is delivered.

Agent permissions and preferences

Your per-agent permission settings, preferences, and onboarding state are stored on your device. If you connect an external agent, a snapshot of the data you have authorized for that agent may be stored on our backend so that authorized agents can read it; you control what each agent sees, and you can disconnect at any time from the Settings screen.

Waitlist signups (website)

If you submit your email address through the signup form on snapstash.io, we store that email so we can let you know when Snapstash is ready for you. We use it for that purpose only and do not share it with third parties. Email us at privacy@snapstash.io to be removed.

Operational logs

Our backend writes minimal operational logs (timestamps, request paths, response status, AI provider latency) so we can keep the service running and debug issues. These logs do not contain photo contents or extracted memory text.

What we don't collect

  • No third-party analytics, attribution, or advertising SDKs.
  • No cross-app or cross-site tracking. The privacy manifest sets NSPrivacyTracking to false.
  • No background location, contacts, microphone, or health data.
  • No account, password, or identifier required to use the app.

Third parties

Snapstash currently uses one third-party service: Anthropic's Claude API, which performs the AI extraction and the agent answer generation. Image and message contents transit Anthropic's API and are subject to Anthropic's privacy policy. We do not authorize Anthropic to use Snapstash inputs or outputs to train models, in line with Anthropic's API terms.

Security

All traffic between the app and our backend, and between our backend and Anthropic, is encrypted in transit using TLS. Local memories are stored inside the app's iOS sandbox, which is encrypted at rest by iOS once the device passcode is set.

Your choices

  • Delete a memory: open it and tap "Forget memory."
  • Delete everything: uninstall the app. This removes the local store and all photos, memories, and preferences from your device.
  • Revoke an agent: Settings → Agent permissions → toggle off.
  • Export your data: Settings → Export. Your memories are written to a JSON file you can save anywhere.
  • Stop sharing photos with the AI provider: simply do not snap or import additional photos. Already-extracted memories on your device are not re-sent.

Children

Snapstash is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has used the service, contact us and we will promptly delete the related data.

Changes to this policy

If we change how Snapstash handles your data we will update this page and revise the "Last updated" date above. Material changes will be communicated in the app before they take effect.

Contact

Questions, requests, or concerns: privacy@snapstash.io.