Privacy Policy for TheMindKeeperX
Last Updated: July 6, 2025
This Privacy Policy explains how TheMindKeeperX ("we", "our", or "us") collects, uses, and protects your personal data when you use our mobile application and related services ("Service").
1. What Information We Collect
We collect the following categories of data to deliver core features of our app:
a. User Information
• Name, email address, password, lock password (optional), account verification status, and premium subscription status.
b. Content Data
• Notes, tasks, folders, diaries.
• Each entry may contain: title, text, created/updated dates, emotional tags, linked task/note IDs, repeat or postpone status.
• Uploaded files such as images, audio notes, and documents.
c. Analytics & Metadata
• Emotion summary per week (e.g., emojiId, count).
• Weekly task statistics (total, completed, postponed, uncompleted).
• AI-generated summaries, suggestions, and weekly comparisons.
• Diagnostic metadata (timestamps, repeat counts, postponed counts, error logs).
2. How We Use Your Information
We use your information to:
• Create, manage, and secure your account.
• Store and organize your tasks, notes, and diary entries.
•Track emotional trends and task behaviors.
• Generate personalized suggestions and weekly insights via OpenAI.
• Improve app stability and functionality.
3. AI-Powered Features via OpenAI
We use OpenAI services to generate emotional insights and productivity suggestions.
Only specific content data (such as diary text, emotional tags, and task summaries) are temporarily sent to OpenAI's API.
OpenAI only receives anonymized, context-specific inputs, never user identifiers like name or email.
This helps us generate natural language feedback such as:
• Weekly emotion summaries
• Task completion advice
•Suggested focus areas
All AI processing is purpose-limited and used only to enhance your experience within the app.
4. Children’s Privacy
TheMindKeeperX is not intended for children under the age of 13.
While the app supports emotional reflection and planning skills, it may include content or features that are better suited for users with more developed self-awareness.
We do not knowingly collect personal data from users under 13.
If a parent or guardian becomes aware that their child under 13 has registered and submitted data, they are encouraged to contact us.
The use of the app by children under 13 is the sole responsibility of their parents or legal guardians. We do not act in place of a parent. Therefore, we recommend that children under 13 do not use the app unless their guardian deems it appropriate.
5. Supabase & File Storage
We use Supabase solely to store user-uploaded images and files (e.g., photos added to notes or diaries, documents, and voice memos).
Each file is stored securely using user-specific folder structures (e.g., users/{userId}/filename).
Files are accessed via signed URLs that provide limited-time viewing access for exactly 5 minutes. Users cannot download files—only view them within the app.
We also send the user ID to Supabase to associate the file with the correct account.
User ID is used only to associate the file with the correct account, and is not used for tracking or profiling.
We do not store any sensitive data like diary text, notes, or task content in Supabase. All private content is stored securely in our encrypted database (MongoDB Atlas).
Supabase is not used for analytics, authentication, or background tracking. It is used exclusively for file and image storage.
Supabase enforces strong data protection practices including encrypted storage, scoped access, and secure file delivery.
6. Third-Party Services
We work with trusted third-party services:
• Supabase: Secure file storage and file access token management.
• OpenAI: Used for generating emotional and productivity insights from your text data.
• Bugsnag: For crash/error reporting and performance monitoring. No personal content is shared with Bugsnag.
We do not sell or monetize your data under any circumstances.
7. Data Retention & Deletion
• We retain your data only as long as your account is active.
• You may delete your account at any time via in-app settings or by emailing us.
• Upon deletion, all your data — including notes, diaries, tasks, images, and files — will be permanently removed from our servers and third-party services (like Supabase and OpenAI's cache, if applicable).
8. Data Security
We store your data using MongoDB Atlas and Supabase, both of which enforce:
•End-to-end encryption,
• Token-based authentication,
• Access control policies.
We take security seriously and use industry-standard techniques to protect your information.
9. International Data Transfers
Our servers and services may be located outside your country.By using the app, you agree that your data may be transferred and processed in countries with data protection laws that may differ from yours.
10. Permissions We Request
To provide full functionality, we may request access to:
Camera: To take and attach photos to your entries
Photo Library: To select images for notes and diaries
Microphone: To record voice memos
Speech Recognition: To convert voice to text in note or diary entries
File Access: To upload documents (e.g., PDF, DOCX)
All permissions are used strictly for their intended purpose and are never used to track you or access background data.
11. Your Rights
You have the right to:
•Access, correct, or delete your personal data,
• Request a copy of your data,
• Withdraw consent for data processing (including AI-based features) by deleting your account, which results in full data removal from our servers and services.
To exercise these rights, contact us via in-app support or email.
12. Social Login (Google & Apple Sign-In)
We provide the option to sign in using third-party accounts: Google and Apple.
•What we receive:
When you choose Google or Apple to log in, we only receive your name (if available), email address, and a unique provider ID (Google/Apple user ID). We do not receive your password or other private data from Google or Apple.
•How we use it:
This information is used solely to create and authenticate your account in TheMindKeeperX. The provider ID helps us recognize your account in future logins.
•No sharing:
We do not share your Google/Apple login information with third parties.
•Control:
You may revoke TheMindKeeperX’s access to your Google/Apple account at any time from your Google/Apple account settings. Doing so may disable login via that method, but your data inside the app remains under your control until you delete your account.
13. Changes to This Policy
We may update this Privacy Policy.Significant changes will be notified within the app. Continued use of the app implies your agreement with the updated policy.
Contact Us
If you have any questions, contact us <at:[email protected]>