Privacy Policy

Effective date: March 2026

MindMirror AI ("we", "us", or "our") is an AI-powered reflection and perspective exploration application available on iOS and Android. We are committed to protecting your privacy and being transparent about how we handle your information. This Privacy Policy explains what data we collect, how we use it, and what rights you have.

1. Information We Collect

Information you provide

• Email address — collected when you create an account to use MindMirror AI.
• User ID — a unique identifier generated automatically when you register, used to manage your account and data.
• User-generated content — prompts, reflections, and conversation inputs you enter into the app. This content is sent to AI services to generate responses and may be saved to your account.
• Profile information — an optional display name and preferences you choose to provide.

Information collected automatically

• Basic app usage data — screen views and feature interactions, collected anonymously to help us understand how the app is used.
• Crash logs and diagnostic data — collected automatically when the app encounters an error, used to improve performance and fix issues. These logs do not include the content of your reflections.
• Push notification tokens — if you opt in to push notifications, your device token is stored to deliver reminders. You can disable notifications at any time in your device settings.

Information we do NOT collect

• We do not access your camera, contacts, location, or photo library unless a specific feature requires it and you explicitly grant permission.
• We do not collect or store payment card numbers, bank account details, or Apple ID / Google account credentials.

2. How We Use the Information

• Providing AI responses and app functionality — your inputs are sent to AI services in real time to generate perspectives, reflections, and insights.
• Saving reflections or conversations — your content is stored locally on your device and, when you have an account, securely synced to our servers so you can access it across devices.
• Account management and authentication — managing your account, verifying your identity, and maintaining secure sessions.
• Improving the app and fixing technical issues — anonymous usage data and crash logs help us identify bugs and prioritise improvements.
• Notifications — sending daily reflection reminders and streak updates if you have enabled them.

3. Data Storage and Security

• All data transmitted between the app and our servers is encrypted using HTTPS (TLS).
• Supabase is used for user authentication and account data storage. Supabase applies industry-standard security practices including encryption at rest and in transit.
• On-device data is stored using the platform's standard secure storage mechanisms.
• Access to server infrastructure is restricted to authorised personnel only.
• We apply reasonable technical and organisational measures to protect your data against unauthorised access, loss, or disclosure.

No method of transmission or storage is 100% secure. If you discover a security vulnerability, please report it to admin@mind-mirrorai.com.

4. Data Sharing

Data is only processed by services strictly necessary to operate the app:

• OpenAI — your text inputs are sent to OpenAI's API to generate AI responses. OpenAI does not receive your name or account details alongside these requests. See OpenAI's Privacy Policy.
• Supabase — your account data and saved content are stored using Supabase's secure database and authentication services. See Supabase's Privacy Policy.
• RevenueCat — manages subscription entitlements. RevenueCat receives an anonymous app user ID and purchase receipt data from Apple or Google to verify your subscription status. See RevenueCat's Privacy Policy.
• Apple App Store / Google Play — process all subscription payments. We do not receive your payment card details. Apple and Google handle all billing according to their own privacy policies.

Each third-party service operates under its own privacy policy and is bound by appropriate data processing agreements.

5. User Control

• Delete your account — you can delete your account from the Settings screen within the app, or by visiting mind-mirrorai.com/delete-account. Account deletion removes your account data from our servers.
• Request data deletion — to request deletion of any personal data we hold, email admin@mind-mirrorai.com. We will respond within 30 days.
• Export your data — export all locally stored reflections, threads, and preferences at any time from the Settings screen.
• Clear local data — delete all locally stored data immediately and irreversibly from the Settings screen ("Delete All Data & Reset").

GDPR rights (EU/UK residents)

Under the General Data Protection Regulation, you have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to object to processing and to lodge a complaint with your local data protection authority. To exercise these rights, contact us at admin@mind-mirrorai.com.

CCPA rights (California residents)

Under the California Consumer Privacy Act, you have the right to know what personal information we collect, to request its deletion, and to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at admin@mind-mirrorai.com.

6. Children's Privacy

MindMirror AI is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal data, please contact us at admin@mind-mirrorai.com.

7. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective date" at the top of this page. For significant changes, we will notify you in-app or by email. We encourage you to review this policy periodically. Continued use of MindMirror AI after any changes constitutes acceptance of the updated policy.

8. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a privacy concern, please contact us:

We aim to respond to all requests within 30 days.

AI-Generated Content

MindMirror AI uses artificial intelligence to generate perspectives, reflections, and analytical insights. AI-generated responses may not always be accurate, complete, or appropriate for every situation. The content provided by MindMirror AI should be considered informational and reflective in nature.

Not Professional Advice

MindMirror AI is designed as a reflective and educational tool. It does not provide medical, psychological, legal, or professional advice. AI-generated insights should not be relied upon as a substitute for professional consultation. Users should seek qualified professionals for professional guidance.

International Data Transfers

When you use AI-powered features, your text input may be processed by servers located outside your country of residence, including in the United States. By using MindMirror AI, you consent to the transfer of this information to these locations. We ensure that any such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses where required under GDPR (Article 46).

Subscriptions & Payments

MindMirror AI offers optional subscription plans that unlock additional features. All payments are processed exclusively through the Apple App Store (iOS) or Google Play Store (Android). We do not collect, process, or store credit card numbers or bank account details. Billing, renewal, cancellation, and refund policies are governed by Apple's or Google's terms of service. To manage or cancel a subscription, visit your device's subscription settings.