Privacy Policy

Effective Date: October 16th 2025

1. Introduction

Welcome to MindCove! Your privacy is a top priority for us. This Privacy Policy explains what information we collect, how we use and share it, and the choices you have concerning your data.

This application is operated by EI Marc-Antoine Georges, an entity based in France. As such, we are subject to the General Data Protection Regulation (GDPR), which we apply as a high standard of protection for all our users, including those in the United States.

Our Core Privacy Principles:

• We do not sell your personal data. Period.
• We minimize data collection: We only collect what is necessary to provide and improve our service.
• We are transparent: We aim to explain in clear language what we do with your data.

By using MindCove, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect information in a few different ways to provide you with a meaningful experience.

A. Information You Provide Directly - Sensitive Personal Information

When you use the lessons and tools in our app, you will be prompted to answer questions about your emotions, feelings, and personal experiences related to anxiety.

• Content of your responses: This is the core data you provide. We treat this as sensitive health-related data.
• Pseudonymization: This data is stored in our database in a pseudonymized format. This means your responses are not linked to a user ID, email, or name. They are only associated with a timestamp to allow the service to function correctly within a session.

B. Information Collected Automatically

• Usage Data: We use Google Analytics for Firebase to understand how you interact with our app (e.g., which features you use, time spent on lessons, session duration). This helps us improve the app’s functionality and user experience. This data is collected in an aggregated and anonymized manner.
• Device Information: We may collect basic information about your device, such as the device model, operating system version, and a unique device identifier for analytics and troubleshooting purposes.

C. Information Related to Your Subscription

• Subscription Status: To manage your subscription and trial period, we use a service called RevenueCat. RevenueCat provides us with anonymous identifiers to know whether you have an active subscription, but we do not receive or store your payment information (like credit card details). Payments are processed securely by Apple (for App Store) and Google (for Google Play).

3. How We Use Your Information

We use the information we collect for the following purposes:

• To Provide the Core Service: Your responses are sent to Google’s Gemini AI model via a secure API to generate personalized feedback and evaluations within the app. As per our agreement with Google for this specific API, the data you send is not used to train their models.
• To Improve Our Application: We analyze aggregated and anonymous usage data to identify bugs, improve features, and make the app more helpful.
• To Manage Subscriptions: We use your subscription status to unlock premium features and manage your access.
• To Ensure Security: Our backend services, hosted on Cloudflare, use information to protect the security and integrity of our platform.

4. Data Sharing and Third-Party Services

We do not sell, trade, or rent your personal information. We only share data with trusted third-party services (our “sub-processors”) who help us operate our application.

Here is a list of our key third-party services and why we use them:

• Google (Gemini API): For processing your responses to provide AI-powered feedback.
• Google (Firebase Analytics): For understanding app usage and improving our service.
• RevenueCat: For managing subscriptions and in-app purchases.
• Cloudflare: For hosting our backend infrastructure and ensuring security.
• Apple (App Store) & Google (Google Play): For distributing the application and processing payments.

5. Data Retention and Security

• Retention: We retain your pseudonymized responses for a maximum period of six (6) months, after which they are automatically and permanently deleted from our database. Aggregated analytical data may be kept for a longer period as it is not personally identifiable.
• Security: We implement reasonable security measures (such as encryption in transit) to protect your information. However, no electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Your Privacy Rights

Because we are based in the EU, we extend GDPR rights to all our users. Depending on your location, you may have the following rights regarding your personal data:

• Right of Access: The right to be informed of and request access to the personal data we process about you.
• Right to Rectification: The right to request that we amend or update your personal data where it is inaccurate or incomplete.
• Right to Erasure (Right to be Forgotten): The right to request that we delete your personal data.
• Right to Restrict Processing: The right to request that we temporarily or permanently stop processing all or some of your personal data.

For Users in California (CCPA/CPRA): You have specific rights, including the right to know what personal information is collected and the right to request its deletion. As stated, we do not “sell” or “share” (as defined by the CCPA/CPRA) your personal information.

To exercise any of these rights, please contact us at contact@mindcoveapp.com. Since most of the data we hold is pseudonymized, we may not be able to identify your specific data without further information from you.

7. Children’s Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personally identifiable information from children. If we become aware that we have collected data from a child without verification of parental consent, we will take steps to remove that information from our servers.

8. International Data Transfers

Your information may be transferred to — and maintained on — computers located outside of your state, province, or country where the data protection laws may differ. As a user in the United States, your data will be processed in France (where our company is based) and on the global servers of our third-party providers (like Google and Cloudflare). We ensure that any such transfers are protected by appropriate legal safeguards.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Effective Date” at the top. We encourage you to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• By email: contact@mindcoveapp.com
• Legal Information:
  • EI Marc-Antoine Georges
  • 6 bis avenue Marie Reynoard, 38100 Grenoble, France