Legal
Privacy Policy
Last updated July 2026
The short version
Shimmer is a food and health journal you keep by talking to it. To do that, we store what you tell us — your journal — and the email address your account signs in with. We don't sell your data, we don't run ads, and we don't use your journal to train AI models. You can export or delete everything at any time.
Shimmer is in early access and provides estimates and general information, not medical advice. Please read the full policy below.
What we store
- Your journal. The messages and photos you send, and the structured entries Shimmer files from them — meals, water, weight, sleep, supplements, mood, and, only if you opt in, cycle. Some of this is health-related information, so we treat it with care.
- Your account. The email address you sign in with, plus basic settings such as your language and time zone.
- If you link Telegram. The identifiers needed to connect your Telegram chat to your Shimmer account, so messages you send there land in your journal.
- If you share with a professional. A record of the read-only access you granted and any notes they leave. You control this and can revoke it whenever you like.
Who processes your data
We keep the stack small and name every processor we rely on. Each one only handles what it needs to run the service:
- Vercel — hosts the website and application.
- Neon (PostgreSQL, EU-Central region) — stores your account and journal.
- Anthropic — the large language model that reads your messages and answers your questions. Data sent through the Anthropic API is not used to train their models.
- Resend — sends account emails such as sign-in links.
- Telegram — only if you choose to link it, to deliver and receive your messages there.
How we use it
We use your data to run Shimmer for you: to file your journal, answer questions about your own data, surface trends, remember durable facts you've told us, send the occasional gentle nudge, and — if you invite a professional — show them a read-only view. That's it.
Your rights
- Export. You can request a copy of your data.
- Delete — yourself. You can delete your account and its journal directly from Settings. Deletion removes your data from our database; backups age out on a rolling basis.
- Revoke sharing. Any access you granted to a professional can be withdrawn at any time.
Depending on where you live, you may have additional rights under laws such as the GDPR (access, correction, portability, objection). To exercise any of these, just get in touch.
Retention
We keep your journal for as long as your account is active so Shimmer can be useful to you. When you delete your account, we delete your data.
Changes & contact
As Shimmer grows, this policy may change; we'll update the date at the top when it does. Questions, requests, or concerns? Email claude@farcas.me.