Privacy Policy

Claude Legacy Chat · A side project by Abhinav Soni

Last updated: 27 May 2026 · GDPR-compliant

The short version

I (Abhinav Soni) do not collect, store, or have access to any of your data. Your conversations, API key, and settings stay on your device. The server is a stateless proxy — it passes messages through but never saves them.

1. Who I am

This Service is operated by Abhinav Soni, an individual based in Dresden, Germany, as a non-commercial side project. Contact: abhinav.soni003@gmail.com

2. Data I do NOT collect

Your conversation messages (stored only on your device)
Your Anthropic API key (stored only on your device)
Your profile notes, memory summaries, or chat history (stored only on your device)
Your name, email, or any personal identifiers
Usage analytics, behavioral tracking, or fingerprinting data
Cookies (the Service uses no cookies of any kind)

3. Data the server temporarily processes

When you send a message, the following data passes through the server but is not stored:

Your message content (forwarded to Anthropic, then discarded from server memory)
Your API key (forwarded to Anthropic in the request, never stored)
Your IP address (visible to the hosting provider, used only for rate limiting)

Server logs are explicitly configured to never write message content or API keys. Only error metadata (with sensitive data scrubbed) may be logged for debugging.

3a. Optional data you may choose to provide

Some features let you voluntarily share information:

Pro Waitlist (optional): If you submit your email to be notified about a managed version, your email address is stored to contact you. You can request removal anytime.
Help Requests (optional): If you ask for help setting up your API key, your email + question is forwarded so I can respond.
Tip jar (optional): If you choose to support development financially, you'll be redirected to a third-party payment provider whose privacy policy applies separately.

None of these are required to use the app — they exist only if you actively use them.

4. What stays on your device

The following is stored in your browser's local storage (localStorage):

API keyYour device only

Profile notesYour device only

Memory summaryYour device only

Chat history (up to 50)Your device only

Settings (model, thresholds)Your device only

You can delete all this data at any time using the "Wipe all memory" button in the app's Settings, or by clearing your browser's site data.

5. Third-party data flow

When you use the Service, your data flows to two third parties:

Anthropic, PBC (United States) — the AI provider:

Receives your messages and your API key
Generates responses
Their data policy applies — they currently retain API data for 30 days for abuse monitoring, then delete it
Anthropic does not train models on API data
Privacy policy: anthropic.com/legal/privacy

Hosting provider (currently Railway, USA):

Operates the server infrastructure
Logs basic request metadata (IP, timestamp, status code) — required for service operation
Does NOT have access to your message content (which only exists in memory briefly during the proxy step)
Privacy policy: railway.com/legal/privacy

6. GDPR rights (for EU/EEA users)

Because I do not collect or store your personal data, most GDPR requests are not applicable in the traditional sense:

Right to access: All your data is already on your device — you have full access
Right to deletion: Use the "Wipe all memory" button or clear browser storage — instant
Right to portability: Use the "Export all" feature to download a complete text file
Right to rectification: You can edit profile notes and memory directly in the app
Right to object: Simply stop using the Service

If you have additional GDPR questions, contact me at the email above.

7. Children's privacy

The Service is intended for users aged 18 and older. I do not knowingly collect data from anyone, including children. If you are under 18, please do not use this Service.

8. Security

The Service uses HTTPS for all communications. Your API key is stored in your browser's localStorage, which is isolated to this origin and protected by your device's security. However, localStorage is not encrypted — anyone with physical access to your unlocked device could read it. For maximum security, use device-level passcodes and biometric locks.

9. Changes to this policy

If this policy changes, the "Last updated" date will be revised. Material changes will be announced in the app if practical. Continued use after a change constitutes acceptance.

10. Contact

Abhinav Soni
Email: abhinav.soni003@gmail.com
Subject line for privacy inquiries: "PRIVACY — Claude Legacy Chat"