Privacy
How Clarence treats your messages
Clarence reads your messages on your Mac, only when you ask, and discards what it reads. Nothing is uploaded, nothing is stored, and nothing is ever sent without your click.
That’s the short answer. The rest of this page is the long one — written before the app shipped, because an app that asks to read your most personal data owes you the whole truth in public, not a policy behind a link. Your messages to the people you love are among the most sensitive things on your Mac. We built Clarence as if that were true, because it is.
What happens when Clarence reads a thread
Clarence’s day-to-day work — noticing who’s gone quiet — needs only the rhythm of your conversations: who, when, how often. Not the words. The words come into play once, briefly, when you ask for a draft:
You ask for a draft. Clarence reads the recent thread with that one person — not your whole history, just enough to write like you.
The thread shapes the draft — your cadence, your inside references, where the conversation left off.
The content is discarded. It isn’t saved, cached, or added to any database — and the app tells you it’s gone.
What Clarence keeps — and what it never will
Kept, on your Mac, encrypted
- Who you want to stay close to. your circle, your groups, your pace for each person
- The rhythm of each friendship. counts and dates — how often, never what was said
- What you tell it. notes and facts you dictate: “her sister’s wedding is in May”
- A read log. what Clarence read and when — counts and timestamps, not content
- A send log. every message you sent through it, so nothing happens off the record
Never — not a setting, a design
- Your message content, stored. threads are read on request, used, and discarded
- Anything in the cloud. the database never leaves your Mac
- Message content in logs. not in error reports, not in crash dumps, not anywhere
- Telemetry or analytics. we can’t see you use the app, by construction
- A message sent without you. one send path; your click, every time
Everything in the “kept” column is yours: you can export it in a readable format or delete it entirely, any time.
The honest part about cloud drafting
We want every draft written on your Mac with nothing transmitted at all — that is the north star, and the roadmap points at it. Until on-device drafting is good enough to deserve you, there is an opt-in cloud drafting path, and we’d rather describe it precisely than roundly:
- The recent snippet is anonymized first — names, phone numbers, and email addresses stripped where found. “Where found” is honest: automated redaction is best-effort, not perfect.
- It is transmitted once, used for the draft, and retained by no one — the API is configured for zero retention and no training.
- Nothing about it is stored, on our side or anyone’s. There is no “our side” — we run no servers that see your content.
- Turn it off and Clarence still works; drafts just lean on what you’ve told it rather than the recent thread.
What could go wrong — we publish that too
Most privacy pages tell you what an app does when everything goes right. Clarence keeps a living threat model — the ways an app like this could be attacked or misused, ranked, each with the design that answers it, re-read before every stretch of building. Here is the public version:
| The threat | The design that answers it |
|---|---|
| A malicious message tries to attack the app itself | Anything anyone texts you is treated as hostile input. Message text is displayed, never executed; the window that shows it is sandboxed away from the parts of the app that can read or send. |
| Something tries to send messages as you | One audited send function in the entire app. It demands a fresh human click, shows the recipient at the moment of sending, is rate-limited, and writes every send to a permanent log. |
| A message tries to manipulate the drafting AI | The AI’s output is words on your screen and nothing more — it cannot take actions, and you review every draft before it goes anywhere. |
| “Discarded” quietly leaks somewhere | A standing rule with no exceptions: message content never enters logs, errors, or crash reports. Cloud drafting, if you enable it, runs under zero-retention, no-training terms. |
| Someone gets your Mac | Clarence’s own database is encrypted with a key held in the macOS Keychain, and is excluded from Time Machine and iCloud backups by default — a deliberate choice, so your relationship notes don’t ride into copies you forgot about. |
| A tampered update | Releases are signed and notarized; the updater verifies signatures over a pinned, encrypted channel before anything installs. |
One more, because it belongs to us rather than to attackers: the promises on this page are treated as part of the security model. A broken promise — content that lingered, a log that captured a word it shouldn’t — is handled as a security incident, disclosed in the changelog, not quietly patched.
Frequently asked questions
Does Clarence read my messages?
Only on your Mac, and only when you ask. When you request a draft, Clarence reads the recent thread with that one person, uses it to write the draft, and discards it. Your message history is never copied, stored, or uploaded as a library — it stays exactly where macOS keeps it.
Does Clarence upload my messages to the cloud?
No. Everything Clarence keeps lives on your Mac. If you turn on cloud drafting, the recent snippet is anonymized (names, numbers and emails stripped where found), transmitted briefly for the draft under a zero-retention agreement, and never stored. You can keep drafting fully on-device instead — that is the default direction of the product.
Can Clarence send messages without me?
No. There is exactly one send path in the app, it requires your physical click at that moment, the recipient is shown at the point of send, and every send is written to a log you can read. A message that goes out without you would stop being your friendship — so the app is built to make that impossible.
What does Clarence actually store?
Only what it derives or what you tell it: who matters to you, the rhythm of each friendship (counts and dates, not words), notes you dictate, and a log of what it read and sent. That lives in one encrypted database on your Mac, excluded from Time Machine and iCloud backups by default, that you can export or delete at any time.
Does Clarence have analytics or telemetry?
None. No analytics, no tracking pixels, no usage telemetry, and no crash reports containing message content. We cannot see how you use Clarence. This website has no analytics either.
Why does Clarence need Full Disk Access?
macOS protects your iMessage history behind Full Disk Access — which is exactly right. Granting it lets Clarence read the rhythm of your conversations locally. It is a serious permission, which is why this page, the threat model behind it, and the promises above exist in public before the app does.
Questions this page doesn’t answer are questions it should — write to us and we’ll add them. Clarence is a private Mac app that notices who you’re drifting from and drafts the message to bring them back — on your Mac, never uploaded.