Security & data handling

1. What data is stored and where

Stash stores two categories of data:

• Account data — your email address and Google account identifier, collected when you sign in. Stored in a control-plane store on industry-secure servers (US cloud).
• Records — the text records you ask Claude to store via the MCP tools (e.g. notes, context, lists). Stored in a dedicated per-account store on industry-secure servers (US cloud).

Stash does not read your Claude conversation history. It only sees what Claude explicitly passes to the Stash MCP tools (the text of records you store and search queries).

2. Account isolation

Each account gets its own dedicated store. Records in Account A are physically separate from records in Account B — there is no shared table, no join, no query that can cross accounts. The MCP connector is scoped to a single account via the OAuth token; unauthenticated requests are rejected with 401.

This is relevant for consultants and agencies with client confidentiality requirements: Client A's records cannot surface in Client B's searches.

3. Authentication

Stash uses standard Google OAuth 2.0 — the same flow used by thousands of SaaS products. You sign in with your Google account; Stash receives a scoped token, verifies it with Google, and issues its own session. Stash never sees your Google password.

• OAuth 2.0 / OpenID Connect — no custom auth protocol
• No passwords stored by Stash
• Connector access tokens are scoped per-account and rotatable
• Revoking Stash's Google app access immediately invalidates sessions

4. Encryption

• In transit: All connections use HTTPS/TLS. The MCP endpoint, OAuth callbacks, and web viewer are all HTTPS-only.
• At rest: Data is stored on industry-secure cloud infrastructure. Volumes are encrypted at rest using AES-256 (standard cloud provider encryption).

5. Data use — no training, ever

Stash does not use your records to train any model. Your data is used only to serve your queries. It is not shared with Anthropic, not used to improve Claude, and not used to train any Stash model (Stash has no AI model — it is a record store with full-text search).

6. Data export and deletion

You own your data. You can:

• Export: Ask Claude to retrieve and format your records at any time. You can also request a full data export by emailing hello@stashlite.com — we'll send a JSON/CSV export within 48 hours.
• Delete: Cancel your account and all records are deleted. We retain a backup for 30 days (for accidental deletion recovery), then permanently purge.
• Portability: Records are plain text and JSON — there is no proprietary format. You can ask Claude to dump your full store to a file at any time.

7. Teams and pricing

Stash is currently individual-account billing. Each person on your team signs up with their own Google account and manages their own connector. There is no shared team account or centralised admin console in v1.

Pricing is flat monthly per account. No per-query overage charges. No surprise billing. See the pricing section on the main page.

Pricing may change as we exit early access. Existing paid subscribers are notified at least 30 days in advance of any change. Cancel anytime — no lock-in.