Mindlog

Services

Features

Pricing



Privacy Policy

Quick Summary

Mindlog ("Mindlog", "getmindlog.com", "we", "us", or "our") respects your privacy. This policy explains what information we collect, how we use it, and your rights regarding your data.

Key Points:

  • We collect information you provide and some data automatically through cookies

  • We use your data to provide and improve our services

  • You have rights to access, delete, and control your information

  • We don't sell your personal information

  • You can contact us at privacy@getmindlog.com with any questions

1. Information We Collect

Information You Provide Directly

When you use Mindlog, you may provide us with:

  • Account Information: Email address, username, password

  • Profile Data: Name, profile picture (optional)

  • Content Data: Journal entries, notes, mood logs, and any content you create in Mindlog

  • Communication Data: Messages you send to our support team

  • Payment Information: Billing details if you purchase premium features (processed by our payment provider)

Information We Collect Automatically

When you visit our website, we automatically collect:

  • Usage Information: Pages viewed, features used, time spent on pages, click data

  • Device Information: Browser type, operating system, device type, screen resolution

  • Log Data: IP address, access times, referring website addresses

  • Cookie Data: Information collected through cookies and similar technologies (see Section 8)

Information from Third Parties

If you connect third-party services:

  • Social Login Data: Basic profile information from Google, Facebook, or Apple if you use social sign-in

  • Integration Data: Information from services you choose to connect (with your permission)

2. How We Use Your Information

We use your information for these specific purposes:

To Provide Our Services

  • Create and manage your account

  • Save and display your journal entries and mood logs

  • Sync your data across devices

  • Generate journal entry summaries

  • Process payments for premium features

To Improve Our Services

  • Understand how you use Mindlog

  • Fix bugs and improve performance

  • Develop new features based on user needs

  • Conduct research and analysis

To Communicate With You

  • Send service-related emails (password resets, security alerts)

  • Respond to your support requests

  • Send optional newsletters (with your consent)

For Safety and Security

  • Detect and prevent fraud

  • Monitor for security threats

  • Enforce our Terms of Service

  • Comply with legal obligations

3. Who We Share Information With

We share your information only in these specific situations:

Service Providers

We work with trusted companies to help run our service:

  • Supabase: Cloud hosting and data storage

  • Google Analytics: Website analytics (anonymized data only)

  • Stripe: Payment processing

  • SendGrid: Email delivery

  • Google Workspace: Customer support ticketing

Each provider is contractually required to protect your data and can only use it to provide services to us.

Legal Requirements

We may disclose information if required by:

  • Court orders or subpoenas

  • Government requests

  • Law enforcement investigations

  • To protect rights, safety, or property

Business Transfers

If Mindlog is acquired or merged, your information may transfer to the new owner. We'll notify you before any transfer.

With Your Consent

We'll share information for any other purpose only with your explicit consent.

We Never:

  • Sell your personal information

  • Share your journal entries or summaries without your permission

  • Use your content for advertising

4. Your Privacy Rights

For All Users

You have the right to:

  • Access Your Data: Download a copy of your information

  • Delete Your Account: Remove your account and associated data

  • Update Information: Correct inaccurate data

  • Data Portability: Export your data in a readable format

  • Withdraw Consent: Change your communication preferences

For California Residents (CCPA/CPRA)

Additional rights include:

  • Right to Know: What personal information we collect, use, share, or sell

  • Right to Delete: Request deletion of your personal information

  • Right to Opt-Out: Opt-out of sale or sharing (though we don't sell your data)

  • Right to Correct: Fix inaccurate personal information

  • Right to Limit: Restrict use of sensitive personal information

  • Non-Discrimination: Equal service regardless of exercising your rights

Categories of Information Collected (Past 12 Months):

  • Identifiers (email, username)

  • Personal records (name, profile)

  • Commercial information (subscription status)

  • Internet activity (usage data)

  • Geolocation data (IP-based, approximate)

To exercise these rights, email privacy@getmindlog.com.

For Canadian Residents

Under PIPEDA, you have rights to:

  • Access and correct your personal information

  • Withdraw consent with future effect

  • File a complaint with the Privacy Commissioner of Canada

Privacy Officer Contact:
Email: privacy@getmindlog.com

For European Residents (GDPR)

You have rights to:

  • Access, rectify, and erase your data

  • Restrict or object to processing

  • Data portability

  • Lodge a complaint with your supervisory authority

5. Data Retention

We keep your information only as long as necessary:

Data Type

Retention Period

Account Information

Active account lifetime + 30 days after deletion request

Journal Entries

Until you delete them or request account deletion

Usage Analytics

26 months

Security Logs

90 days

Marketing Data

Until consent withdrawn

Legal Records

As required by law (typically 7 years)

6. Data Security

We protect your information using:

  • Encryption: TLS/SSL for data in transit, AES-256 for data at rest

  • Access Controls: Limited employee access on need-to-know basis

  • Security Monitoring: 24/7 threat detection and response

  • Regular Audits: Annual security assessments

  • Incident Response: Established breach notification procedures

While we use industry-standard security, no system is 100% secure. Use a strong password and protect your account credentials.

7. International Data Transfers

While we use server in Canada, your data may be transferred to servers in the United States. We ensure appropriate safeguards:

  • Standard Contractual Clauses with international vendors

  • EU-US Data Privacy Framework participation (where applicable)

  • Encryption for all international transfers

By using Mindlog, you consent to these transfers.

8. Cookies and Tracking

What Are Cookies?

Cookies are small files stored on your device that help us remember your preferences and understand usage.

Types We Use

Essential Cookies (Always Active)

  • Keep you logged in

  • Remember your settings

  • Enable core features

Analytics Cookies (With Consent)

  • Google Analytics (anonymized IP)

  • Performance monitoring

  • Feature usage tracking

Marketing Cookies (With Consent)

  • Newsletter preferences

  • Promotional campaigns

Managing Cookies

  • Browser Settings: Block or delete cookies in your browser

  • Cookie Banner: Manage preferences when you visit

  • Google Analytics Opt-out: Install browser add-on

  • Do Not Track: We honor browser Do Not Track signals

  • Global Privacy Control: We recognize GPC signals

9. Children's Privacy

Mindlog is not intended for children under 13 (or 16 in certain jurisdictions). We don't knowingly collect children's data. If you believe a child has provided us information, contact privacy@getmindlog.com.

10. Third-Party Links

Our service may contain links to other websites. We're not responsible for their privacy practices. Review their policies before providing information.

11. Changes to This Policy

We may update this policy to reflect changes in our practices or laws. We'll notify you of material changes by:

  • Email notification

  • In-app notification

  • Banner on our website

Continued use after changes means you accept the updated policy.

12. Contact Us

For Privacy Questions or Requests

Email: privacy@getmindlog.com
Response Time: Within 30 days (45 days for complex requests)

13. Additional Disclosures

Do Not Sell or Share My Personal Information

We do not sell or share your personal information for cross-context behavioral advertising. California residents can opt-out of future sales/sharing by contacting privacy@getmindlog.com.

Language

This policy is available in:

  • English

The English version governs in case of conflicts.

Appendix: Jurisdiction-Specific Rights

California Privacy Rights (CCPA/CPRA)

Shine the Light: California residents can request information about disclosure of personal information to third parties for marketing purposes.

Authorized Agent: You may designate an authorized agent to make requests on your behalf. The agent must provide written authorization and verify their identity.

Metrics (Previous Calendar Year):

  • Requests Received: [Number]

  • Requests Completed: [Number]

  • Average Response Time: [Days]

Nevada Privacy Rights

Nevada residents may opt-out of the sale of covered information. Email privacy@getmindlog.com with "Nevada Opt-Out" in the subject line.

Quebec Privacy Rights

Quebec residents have additional rights under Law 25, including:

  • Consent withdrawal at any time

  • Data portability in structured format

  • Right to be forgotten

Cookie Policy Details (EU/UK)

We use the following cookie categories under GDPR:

Strictly Necessary Cookies

  • Session cookies (expire on logout)

  • Security cookies (CSRF protection)

  • Load balancing cookies

Performance Cookies

  • Google Analytics (_ga, _gid)

  • Performance monitoring

  • Error tracking

Functionality Cookies

  • Language preferences

  • Theme settings

  • Feature toggles

Targeting Cookies

  • Not currently used

This privacy policy was created to comply with CCPA/CPRA, PIPEDA, GDPR, and other applicable privacy laws. For questions about our privacy practices, please contact privacy@getmindlog.com.