Privacy Policy

1. Data Controller

My Mantras ("we", "us", or "the Service") is operated from Portugal and is subject to the General Data Protection Regulation (GDPR). For any questions about this policy or your data, contact us at hello@mymantras.app.

2. Information We Collect

We collect information you provide directly when you use the Service:

Account information

Email address and username (required for registration)

Human Design profile

Type, profile, authority, strategy, and definition (optional, provided by you)

Payment information

Processed securely by Stripe; we do not store card numbers

Usage data

Quotes you save, collections you create, and analyses you request

3. Legal Basis for Processing

Under GDPR, we process your data based on:

• Contract performance: To provide the Service you signed up for
• Legitimate interests: To improve and secure the Service
• Consent: For optional features like Human Design interpretations

4. How We Use Your Information

We use your information to:

• Provide the Service and manage your account
• Generate personalized Human Design interpretations based on your profile
• Process credit purchases through Stripe
• Send transactional emails (account verification, password resets)
• Improve and secure the Service

5. Data Storage and Security

Your data is stored securely using Supabase, which provides enterprise-grade security including encryption at rest and in transit. Data is hosted in the EU. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, or destruction.

6. Third-Party Services

We use the following third-party services to operate:

Supabase (EU)

Database, authentication, and file storage

Stripe (US, GDPR)

Payment processing

Resend (US, GDPR)

Transactional email delivery

Anthropic Claude

AI-powered quote interpretations

Each service operates under their own privacy policy and data processing agreements. We only share the minimum data necessary for each service to function.

7. Data Retention

We retain your data as follows:

Account data

Until you delete your account

Quote analyses

Stored with your account for future reference

Payment records

Retained for 7 years for legal/tax compliance

When you delete your account, we remove your personal data within 30 days, except where retention is required by law.

8. Your Rights (GDPR)

As an EU resident, you have the following rights regarding your data:

Access

Request a copy of your personal data

Rectification

Correct inaccurate or incomplete data

Erasure

Request deletion of your data ("right to be forgotten")

Portability

Receive your data in a machine-readable format

Objection

Object to processing based on legitimate interests

Restriction

Request limited processing while disputes are resolved

To exercise any of these rights, contact us at hello@mymantras.app. We will respond within 30 days. You also have the right to lodge a complaint with the Portuguese data protection authority (CNPD) or your local supervisory authority.

9. Cookies

We use only essential cookies required for the Service to function:

• Authentication cookies: To keep you logged in
• Session cookies: To remember your preferences during a visit

We do not use tracking cookies, analytics cookies, or third-party advertising cookies.

10. International Transfers

Some of our service providers (Stripe, Resend) are based in the United States. These transfers are protected by Standard Contractual Clauses and the providers' GDPR compliance certifications.

11. Children's Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect information from children. If you believe a child has provided us with personal data, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. For significant changes, we will notify you via email or a prominent notice on the Service before the changes take effect. Your continued use of the Service after changes constitutes acceptance.

13. Contact

For privacy-related questions, data requests, or to exercise your GDPR rights, contact us at hello@mymantras.app.