MisoMind Privacy Policy

Effective Date: October 6 2025

MisoMind (“we”, “our”, “us”) values your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use the MisoMind mobile application (the “App”) and related services.

1. Who We Are

MisoMind is operated by an independent developer based in Ireland.
As of the date above, we act as the data controller for all personal information collected through the App.
If you are located in the European Economic Area (EEA), the United Kingdom, or Australia, your personal data is processed in accordance with the relevant privacy regulations (GDPR, UK-GDPR, and the Australian Privacy Act 1988).

2. Information We Collect

We collect only the information necessary to provide and improve the App:

• Authentication Data:
  Email address and user ID provided through Google Sign-In or Apple Sign-In.

• App Usage Data:
  Preferences, logs, and non-personal app analytics to understand feature usage and performance.

• Device Information:
  Device model, operating system, and anonymized identifiers used for app functionality and crash diagnostics.

• Subscription Data (if applicable):
  Anonymous subscription and purchase information managed through RevenueCat, Apple, or Google.

• Optional User Input:
  Text you voluntarily enter into journaling or note-taking features is stored locally on your device only. We do not upload or retain these entries (including trigger notes and journal entries) on our servers or in cloud storage.
  
  

We do not knowingly collect sensitive personal data (e.g., health data, biometrics) unless you choose to enter it voluntarily within journaling features.

MisoMind is designed for personal wellbeing and self-reflection. It does not collect or process medical information and should not be used as a substitute for professional healthcare advice 

3. How We Use Your Information

We use your data only for legitimate, clearly defined purposes:

• To create and manage your account and authenticate your identity.

• To provide core app functionality, including journaling, trigger logging, and data synchronization.

• To analyze performance and improve user experience.

• To maintain security, detect misuse, and prevent unauthorized access

• To comply with legal obligations (e.g., tax or consumer protection laws).

We do not sell, rent, or trade your personal information.

4. Legal Bases for Processing (GDPR / UK-GDPR)

For users in the EEA or UK, our legal bases for processing include:

• Performance of a contract: Providing you with app features and services.

• Consent: When you voluntarily share optional data.

• Legitimate interests: Improving functionality and preventing abuse.

• Legal obligation: Retaining records required by law.
  
  

5. Data Storage & International Transfers

Your data is stored using Google Firebase (Cloud Firestore, Firebase Auth, Analytics) located in the NAM5 multi-region (United States and Canada).
Data transfers outside the EEA are protected under Standard Contractual Clauses (SCCs) and Google’s Data Processing Addendum, ensuring compliance with GDPR and equivalent laws.

All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
Sensitive text entries are further protected by your account’s authentication controls and Firestore security rules that restrict access to your unique user ID.

6. Data Retention

We retain your personal information only as long as necessary to:

• Maintain your account,

• Provide app functionality, and

• Meet legal obligations.
  
  

You can delete your account at any time from within the app. When deletion is requested, all associated Firestore data and authentication credentials are permanently erased within 30 days.

7. Your Rights

Depending on your region, you may have the following rights:

• Access – Request a copy of the data we hold about you.

• Correction – Request correction of inaccurate data.

• Deletion (“Right to be Forgotten”) – Request permanent deletion of your account and associated data.

• Restriction or Objection – Limit how your data is used.

• Portability – Request your data in a portable format.
  
  

To exercise these rights, contact us at dk.media.dev@gmail.com or use the in-app deletion option. We respond to all verified requests within 30 days.

8. Data Sharing

We may share limited data only with trusted service providers who process information on our behalf:

• Google Firebase (hosting, user data, authentication, analytics)

• RevenueCat (subscription management)

• Apple App Store / Google Play (payment processing)
  
  

All partners operate under strict data processing agreements compliant with GDPR and international privacy standards.
We may also disclose information if required by law or to protect the rights and safety of our users.

9. Children’s Privacy

MisoMind is intended for individuals aged 13 and above in accordance with Apple App Store policy, and for all ages under parental guidance on Google Play (PEGI 3). 

10. Security Measures

We maintain technical and organizational safeguards, including:

• Authentication-based access controls;

• Firestore security rules limiting access to the user’s UID;

• End-to-end encryption for transmission;

• Monitoring for unauthorized access or abuse.
  
  

Despite these measures, no digital service can guarantee absolute security.

11. International Users

By using MisoMind, you acknowledge that your data may be processed in countries outside your own, including the United States. We ensure such transfers comply with all applicable data protection laws via Standard Contractual Clauses and equivalent safeguards.

12. Updates to This Policy

We may update this Privacy Policy periodically. The updated version will always display the latest Effective Date. Continued use of the App after updates constitutes acceptance of the new policy.

13. Contact Us

If you have questions, concerns, or data-related requests:
Email: dk.media.dev@gmail.com
Developer: MisoMind – Independent Developer