Privacy

What we collect, what we don’t, and how we handle your data.

The short version

Seba is anonymous by design. We do not render your name, photograph, or email anywhere in the public interface. We do not sell data. We do not run third-party trackers or advertising pixels. The site works without sign-in.

We do keep records on the server so the experience can have continuity: your conversations with Sebastian, saved readings and notes, and a short rolling summary Sebastian writes about you. Anonymous visitors are keyed by a randomly generated identifier stored in your browser. Signing in links those records to a Google or email-based account so they follow you across devices.

What we store on the server

Three categories of records live on the Seba server, keyed by either your anonymous identifier (if you have not signed in) or your account (if you have).

Chat threads. Your conversations with Sebastian — the messages, the order they were sent, and timestamps. So you can come back and pick up where you left off.

Saved readings and notes. Dream interpretations, tarot / I Ching / astrology readings you saved, and any Sebastian responses you bookmarked.

Rolling memory. A short prose summary Sebastian writes about you over time, so the next conversation is not a cold start. It is short by design and lives in your record only.

The memory records themselves do not store your IP address while you are anonymous, and they are not visible to other users. Separate service logs (described below under “What we collect”) may use a hashed IP address for rate limiting and reliability. We do not sell or share any of this.

What we collect

Analytics. We run a self-hosted instance of Umami to understand how pages perform. It records page URL, referrer, screen size, browser, and country — nothing that identifies you personally. It does not set cookies. It does not log your IP address in identifiable form.

Sign-in (optional). If you sign in with Google, we receive your Google account identifier and email from Google’s sign-in service. We use the identifier to link your records to your account so they follow you across devices. We do not render your name, photograph, or email anywhere in the public interface. We do not email you directly without your opt-in through the newsletter form.

Newsletter (optional). If you subscribe to our newsletter, we store your email address with our email provider so we can send you occasional dispatches. You can unsubscribe at any time from any email we send.

Feedback / Report a problem. If you use the “Report a problem” form on /profile or the site-wide feedback banner, we store the message you wrote, the optional contact email if you provided one, the page URL you were on, your browser’s user agent, and your profile identifier if one is present in your browser. We use this to debug the problem and to reply to you if you left an email. Reports are stored in our support queue and may be forwarded to our team’s inbox; we do not share them.

Service logs. When you ask Sebastian or use any of the public AI endpoints (chat, dream, tarot, I Ching, astrology, matchmaker), the backend may store the query text or a short request label, a timestamp, a hashed form of your IP address, your user agent, the response status, and duration / cost metadata. We use these logs for rate limiting, abuse prevention, debugging, and keeping the service reliable. Service logs are kept separate from your profile memory; they are not used to enrich Sebastian’s memory of you, and your profile memory does not contain a hashed IP.

On-device storage. Your browser stores a session token (if you signed in), your reading palette preference, and an anonymous identifier under the key seba.anon_uuid. That identifier is the only thing that lets your browser retrieve your chat threads, saved items, and rolling memory from the server. Clearing your browser storage removes the identifier; the server-side records remain but become unreachable from that browser. To remove them, see “How to delete your data” below.

What we don’t collect

No advertising cookies. No fingerprinting. No session recording. No third-party analytics (Google Analytics, Facebook Pixel, etc.). No sale of data to any party.

How to delete your data

Anonymous visitors. Your records on the server are keyed only by an opaque identifier — we have no way to look you up by name or email. To request deletion, email cody@seba.health and include your identifier. You can find it in your browser’s devtools under localStorage, the key seba.anon_uuid. We will delete every record under that identifier.

Signed-in accounts. Email cody@seba.health from the address you signed up with and we will delete the account and all associated records.

Newsletter. Use the unsubscribe link in any email we send.

Clearing your browser’s site storage for seba.health removes the identifier from this device but does not delete the server-side records on its own — without the identifier we can’t find them to delete them. If you want them gone, send the identifier first.

Contact

Questions about privacy go to cody@seba.health.