Privacy Policy

1. Scope

MindMirror AI LLC ("MindMirror," "we," "our," or "us") provides a continuity-based AI reflection service. This Privacy Policy explains how we collect, use, share, retain, and protect information when you use our website, app, and related services.

MindMirror is designed for personal reflection. The text you choose to store may be unusually sensitive, including thoughts, emotions, relationship context, work concerns, health-related experiences, or other private details. Please use care when deciding what to place inside the service.

2. Information we collect

• Account and identity data, such as your email address, authentication identifiers, subscription tier, and profile or account settings.
• Reflection and thread content, such as prompts, messages, titles, saved threads, and thread-level privacy or continuity settings.
• Continuity data, such as carry-forward choices, Review eligibility, return hooks, reminders, summaries, experiments, and other signals used to help you reopen a thread later.
• Billing and transaction data, such as plan status, renewal timing, payment status, and limited transaction metadata. Payment card details are generally handled by the payment processor rather than stored directly by MindMirror.
• Usage, device, and log data, such as IP address, browser type, device identifiers, timestamps, referrers, crash data, feature usage, and security logs.
• Support and feedback data, such as messages, bug reports, attachments, and screenshots you choose to send us.

3. How we collect information

• Directly from you, when you create an account, write a reflection, change settings, buy a plan, contact support, or submit feedback.
• Automatically from your device and browser through logs, cookies, similar technologies, and service instrumentation used for security, reliability, and analytics.
• From service providers that help us run MindMirror, such as Clerk for authentication, Neon for primary storage, OpenAI for AI processing, Resend for email delivery when enabled, Vercel Analytics / Speed Insights for product analytics and performance measurement, and TikTok Pixel for marketing measurement on public website pages.

4. How we use information

• To provide the service, including saving reflections, reopening threads, generating AI responses, building Review, and powering continuity features.
• To honor your settings, such as whether a thread is eligible for carry-forward, Review, or reminder detail.
• To process subscriptions, manage billing, prevent fraud, and maintain account records.
• To secure and improve MindMirror, including debugging, abuse prevention, analytics, quality assurance, feature development, and service reliability.
• To communicate with you about your account, reminders, support requests, service notices, security updates, and legal changes.
• To comply with law, protect rights and safety, and enforce our Terms of Service.

5. What MindMirror saves so Return and Review can work

MindMirror is built around continuity. If you create a reflection or conversation, the thread and related metadata may be saved to your account so you can return to it later from what changed instead of from zero.

Carry-forward and Review are separate controls. If you turn off carry-forward or exclude a reflection from Review, that does not necessarily delete the reflection itself. It means MindMirror should stop using that thread for cross-session continuity, Review selection, or reminder context while still keeping the underlying thread in your account unless you delete it.

Reminder settings affect how much context appears in reminders. Choosing a more discreet reminder reduces the amount of reflection detail included in the reminder itself, but it does not by itself delete the underlying thread or reminder record.

6. AI processing and automated features

To generate responses, summaries, return prompts, safety checks, and other continuity features, MindMirror may send your reflection content and limited prior context to third-party AI or machine-learning providers acting on our behalf, currently OpenAI.

In practice, that context may include the current message, parts of the active thread, and saved continuity items such as return hooks, patterns, or carry-forward signals when those are needed for the feature you requested. We try to send only the content and context reasonably needed for that feature.

We do not sell your private reflections or use them for advertising. We may use product, operational, and feedback data to run and improve MindMirror. If we materially expand how reflection content is used beyond what this policy describes, we will update this policy before that change applies.

7. Who inside MindMirror may access your information

We limit internal access on a need-to-know basis rather than giving general staff visibility into reflections. Authorized personnel or contractors may access account or content data when reasonably necessary to provide support, investigate bugs, prevent abuse, protect safety, enforce our terms, comply with law, or maintain the service.

8. How we share information

• Hosting, infrastructure, and storage providers such as Neon.
• Authentication, identity, and account-management providers such as Clerk.
• Payment and billing processors.
• Email, messaging, reminder, and support providers such as Resend when email delivery is enabled.
• Analytics, marketing measurement, monitoring, and security vendors such as Vercel Analytics, Speed Insights, and TikTok Pixel on public website pages.
• AI-inference and machine-learning vendors such as OpenAI that help us provide requested features.
• Professional advisors, regulators, law enforcement, or other third parties when required by law or reasonably necessary to protect rights, safety, or the service.
• A successor entity in a merger, financing, acquisition, reorganization, or sale of assets, subject to the applicable commitments and law.

9. Cookies, analytics, and communications

MindMirror may use cookies and similar technologies for authentication, security, analytics, feature performance, user preferences, and marketing measurement on public website pages. Some data may also be collected through server logs, application telemetry, or tools such as TikTok Pixel on the public site.

We may send account notices, purchase confirmations, security alerts, support replies, and reminder emails or notifications you configure in the product. You cannot opt out of service-critical communications while keeping an active account, but you can adjust reminder behavior and optional communications where those controls are available.

10. Retention, export, and deletion

We keep information for as long as reasonably necessary to provide the service, maintain the continuity features you choose to use, comply with legal obligations, resolve disputes, detect abuse, and enforce our agreements.

When you delete reflections or close your account, we will generally remove the relevant data from active use and user-facing surfaces within a reasonable period. Some residual copies may remain for limited periods in backups, logs, fraud-prevention systems, or records kept to comply with law.

You can delete reflections, adjust continuity settings, and use in-product tools in Settings to export or delete saved MindMirror data. MindMirror includes in-product tools in Settings for export and permanent deletion of saved MindMirror data. You can also contact us using the email below to request access, correction, export, or deletion, subject to identity verification and applicable legal exceptions.

11. Your privacy rights

Depending on where you live, you may have rights to know what personal information we collect, access or receive a copy of that information, correct inaccurate information, delete information, opt out of certain sales or sharing, or appeal a denied privacy request. Some rights are subject to exceptions under applicable law.

To exercise a privacy request, contact us at contact@mindmirrorapp.ai. We may need to verify your identity before completing certain requests. We will not discriminate against you for exercising rights provided by law.

12. Security

We use administrative, technical, and organizational safeguards designed to protect personal information, including access controls, provider security features, and environment-managed credentials. No system is perfectly secure, so we cannot guarantee absolute security.

13. Children's privacy

MindMirror is not intended for children under 18, and you may not use the service if you are under 18. If we learn that we have collected personal information from someone under 18 in violation of this policy, we may delete the information and close the account.

14. International and U.S. processing

MindMirror is currently intended primarily for users in the United States. Your information may be stored and processed in the United States or other jurisdictions where we or our providers operate. Those jurisdictions may have privacy laws that differ from the laws where you live.

15. Changes to this policy

We may update this Privacy Policy from time to time. If we make a material change, we may provide additional notice when appropriate or required by law. The updated version will show a new effective date.

16. Contact

Privacy requests, support questions, and legal notices about this policy may be sent to contact@mindmirrorapp.ai.