Loopr
Privacy Terms App →

Privacy Policy

Privacy Policy

Last updated: April 20, 2026

This Privacy Policy describes how WeBuilt, LLC (“we”, “us”, or “our”) collects, uses, stores, and discloses information when you use Loopr (“the Service”), available at https://loopr.life.

If you do not agree with this policy, do not use the Service.

1. Who we are

Loopr is operated by WeBuilt, LLC. You can contact us at help@loopr.life for any privacy-related question or request.

2. Information we collect

We collect only what we need to run the Service.

2.1 Account information

When you sign in (for example, with Google), we receive:

  • Your email address
  • Your name and profile picture (if available)
  • A stable identifier issued by the authentication provider

We use this to identify you, authenticate you on future visits, and populate your profile.

2.2 Content you create

Items, streams, notes, routines, activities, tags, and other content you create inside Loopr are stored in your account so that we can show them back to you.

2.3 Billing information

If you subscribe, billing is processed by Stripe. We never see or store your full card number. We store Stripe customer and subscription identifiers and the subscription status returned by Stripe.

2.4 Anthropic API key (optional)

Loopr’s AI features are strictly “bring your own key.” If you choose to enable AI features, you provide your own Anthropic API key. That key is encrypted at rest in our database using AES-GCM envelope encryption (via the cloak library) before it is written to disk.

2.5 Data from connected integrations

If you connect an integration (Google, GitHub, Slack, Discord, Linear, iOS Reminders, etc.), we receive data from that service so we can surface it as items in your loop. See Section 4 below for the Google-specific disclosures required by Google’s User Data Policy.

For Slack and Discord, we only receive data when you explicitly invoke the “Send to Loopr” action on a specific message — we do not poll your conversations. The message text, author, channel/server, and a deep link back to the message are stored as the resulting Loopr item. You can delete the item at any time, and disconnecting the integration prevents any further messages from being added.

2.6 Technical information

Like most web services, our servers automatically receive IP addresses, user-agent strings, and request timestamps in order to serve pages and keep logs for security and debugging. We do not use third-party advertising trackers.

3. How we use information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Authenticate you and secure your account
  • Display your items, streams, calendar events, and messages back to you
  • Generate AI summaries of connected-service content, only when you have provided your own Anthropic API key
  • Process subscription payments through Stripe
  • Communicate with you about the Service (for example, a billing receipt or a security notice)
  • Comply with legal obligations

We do not sell your personal information, and we do not use your content or your connected-integration data to train machine-learning models.

4. Google User Data

This section describes how Loopr handles data obtained through Google APIs. It applies in addition to the rest of this Privacy Policy.

4.1 Scopes we request

When you connect a Google account to Loopr, we request the following OAuth scopes:

  • https://www.googleapis.com/auth/userinfo.email — your email address
  • https://www.googleapis.com/auth/userinfo.profile — your basic profile information (name, picture)
  • https://www.googleapis.com/auth/gmail.readonly — read-only access to your Gmail messages and threads
  • https://www.googleapis.com/auth/gmail.modify — ability to mark messages as read, archive them, and apply labels (we do not send email, delete permanently, or change settings)
  • https://www.googleapis.com/auth/calendar.readonly — read-only access to your Google Calendar events

You are only prompted for the scopes needed by the integrations you choose to enable.

4.2 What we access and why

Scope What we access How we use it
userinfo.email, userinfo.profile Your email, name, and picture Identify the signed-in user
gmail.readonly Message metadata, subject lines, sender, snippet, and full message body for threads you interact with in Loopr Surface inbox messages as actionable items in your loop, and (optionally) generate AI summaries
gmail.modify Ability to mark messages read, archive them, and apply labels Reflect your in-Loopr actions back to Gmail when you complete, snooze, or archive an item
calendar.readonly Upcoming calendar events on calendars you select Display calendar events alongside tasks in your loop

4.3 What we store

We retrieve Gmail and Calendar content on demand and we do not store raw message bodies, attachments, or event descriptions in our database. What we persist is:

  • A reference identifier (for example, a Gmail thread ID) so we can link an item back to its source
  • The minimum display metadata needed to render an item in your loop (e.g., subject line, sender name, event title and time)
  • Any AI-generated summary you have opted into (Section 4.5 below)
  • OAuth access and refresh tokens, protected at rest by Fly.io’s block-level volume encryption (Section 6)

4.4 Who we share it with

We do not sell, rent, or share Google user data with third parties for advertising, analytics, or any other purpose, except in the narrow cases described here:

  • Cloud infrastructure. Google user data is stored in our managed PostgreSQL database hosted on Fly.io. Fly.io acts as our hosting provider and processes data solely on our behalf.
  • Anthropic (only if you provide your own API key). If you choose to enable AI summarization and supply your own Anthropic API key, the content of the specific Gmail thread being summarized is sent to Anthropic’s API using your key. Anthropic’s processing of that content is governed by the commercial terms between you and Anthropic. If you do not provide an Anthropic API key, no Gmail content is ever sent to Anthropic.

We do not share Google user data with any other third party, and we do not use it to train or improve generalized AI or machine-learning models.

4.5 AI summarization disclosure

Loopr’s AI summarization is opt-in and bring-your-own-key. When enabled:

  • The current thread content is sent to Anthropic’s API using your Anthropic API key
  • The returned summary is stored on the corresponding Loopr item so you do not have to re-summarize it
  • The raw email body is not persisted after the summary is generated

You can disable AI features at any time in Preferences and remove your Anthropic API key.

4.6 Retention and deletion

  • Raw Google content is only held in memory for the duration of a request and is not written to durable storage.
  • AI-generated summaries, display metadata, and reference identifiers are retained for as long as the corresponding item exists in your loop, or until you delete them.
  • OAuth tokens are retained for as long as the integration is connected. Disconnecting the integration deletes the stored tokens.

You may delete Google-sourced data at any time by:

  1. Opening Preferences → Integrations and disconnecting the relevant Google account, or using the “Delete my Gmail/Calendar data” control to wipe items sourced from Google, or
  2. Deleting your entire Loopr account from Preferences, which purges all associated data, or
  3. Emailing help@loopr.life with a deletion request. We will respond within 30 days.

You may also revoke Loopr’s access directly from your Google account at https://myaccount.google.com/permissions.

4.7 Limited Use compliance

Loopr’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we only use Google user data to provide or improve the specific features described above. We do not use it for serving advertising, we do not transfer it except as narrowly described in Section 4.4, we do not allow humans to read it (except with your explicit permission, for security or debugging, or as required by law), and we do not use it to train generalized machine-learning models.

5. How long we keep data

We retain personal data for as long as your account is active. When you delete your account, we delete your associated personal data within 30 days, except where we are required to retain it (for example, Stripe retains billing records to meet tax and accounting obligations).

6. Security

  • All traffic to and from Loopr is encrypted in transit via TLS.
  • Data at rest is stored in Fly.io Managed Postgres, which is built on Fly Volumes with block-level AES-XTS encryption enabled by default. Daily volume snapshots and backups are encrypted with the same scheme, and encryption keys are managed by Fly.io and only accessible to privileged processes on the specific hosts running our app.
  • Your Anthropic API key is additionally encrypted at the application layer using AES-GCM envelope encryption (via the cloak library) before being written to the database. OAuth tokens are protected by the database-level encryption described above.
  • Access to production infrastructure is limited to authorized personnel and protected by multi-factor authentication.

No system is perfectly secure. If you believe your account has been compromised, email help@loopr.life immediately.

7. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Delete your personal data
  • Export your personal data in a portable format
  • Object to or restrict certain processing
  • Withdraw consent where processing is based on consent

To exercise any of these rights, email help@loopr.life. We will respond within 30 days.

8. Third-party services we rely on

  • Fly.io — application hosting and managed PostgreSQL
  • Stripe — subscription billing
  • Google — sign-in and optional Gmail / Calendar integrations
  • GitHub — optional GitHub notifications integration
  • Slack — optional “Send to Loopr” message action integration
  • Discord — optional “Send to Loopr” message context integration
  • Linear — optional Linear notifications integration
  • Anthropic — optional AI summarization, only if you provide your own API key

Each provider has its own privacy policy.

9. Children

Loopr is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, email help@loopr.life and we will delete it.

10. International users

Loopr is operated from the United States. By using the Service, you understand that your information will be processed in the United States, which may have different data-protection laws than your country.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. Material changes will be announced in the Service or by email.

12. Contact

WeBuilt, LLC Attn: Zachary Daniel 1852 Banking Street #29706 Greensboro, NC 27408 help@loopr.life

Back to app