Effective May 18, 2026 · Last updated May 18, 2026
Privacy Policy
MYNDE is a daily cognitive fitness app. We hold your responses to thinking workouts and use AI to interrogate them. The trust you place in us is the entire reason this product can exist. So we built MYNDE to a stricter privacy standard than the law requires.
This page says, plainly, what we collect, what we do with it, and what we will never do.
1 · What we collect
We collect only what the product needs to function. Five things:
- Your email address - to sign you in and contact you about the service.
- Your responses to sessions - the text you type or the voice you speak when answering a question. This is the entire product.
- Your interaction with the app - which questions you saw, when, how long you took, whether you tapped "this surprised me." Without this, we cannot build your Cognitive Fitness Score.
- Crash and performance diagnostics - when the app breaks, we receive a stack trace tagged with your account so we can fix it. No response text is included.
- Your device's push notification token - if you opt in, to deliver the two daily anchor reminders you set.
We do not collect: your contacts, your photos, your location, your browsing history, your social graph, or any sensitive identifier.
2 · What we never do
- We never sell your data.
- We never share your data with advertisers.
- We never use your data to train any AI model. Not ours, not anyone else's.
- We never let a human read your responses unless you explicitly ask us to.
3 · Who else sees your data
To deliver the service, a small number of trusted providers may briefly process specific slices of your data. All operate under written data-processing agreements with us. None receive your data for their own purposes.
| Provider category | What it sees | Why |
|---|---|---|
| Our AI partner | Question body + your response, transiently during a session | Generates follow-up questions. Sent under a zero-data-retention agreement; not used for AI training. |
| Voice transcription provider | Your audio file when you use voice mode | Converts speech to text. Audio deleted within 30 days. |
| Database & auth provider | Encrypted-at-rest copies of your account + responses + score | Database and sign-in. |
| Edge runtime & DNS provider | Encrypted requests in transit | API hosting. |
| Crash-reporting provider | Stack traces tagged with your account UUID - never response text | So we can fix bugs. |
| Anonymous analytics provider | Six event types, never response text | Anonymous-ish usage analytics. |
| Push notification gateway | Your device push token | Anchor reminders. |
The specific list of subprocessors - names, locations, and the contracts they sit under - is available on written request to privacy@mynde.app. We notify you of material changes 30 days before they take effect.
We use no advertising networks. We use no data brokers. We use no fingerprinting libraries.
4 · Retention
- Audio recordings deleted within 30 days.
- Session responses + score history kept until you delete your account.
- Crash reports auto-expire after 90 days.
- Backups roll forward weekly with 30-day retention; deleted accounts purge from backups within 30 days.
5 · Your rights
- Export everything: Settings → Export. You receive a JSON archive of every response and score update.
- Delete everything: Settings → Delete everything. Wipes your account from our live systems immediately and from backups within 30 days. No recovery path.
- Revoke consent: uninstall and email us at privacy@mynde.app.
6 · Children
MYNDE is not designed for users under 16.
7 · Security
TLS 1.2+ for all data in transit. AES-256 encryption at rest. No human has direct database access. If we ever experience a breach affecting your data, we will tell you within 72 hours.
8 · Changes
Material changes will be announced in-app and via email. Continued use means acceptance.
9 · Contact
Data questions: privacy@mynde.app
Anything else: support@mynde.app