Privacy Policy
Last updated: December 11, 2024
At Mindgarden, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.
Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.
Information We Collect
Personal Information
We collect information that you provide directly to us, including:
- Email address (for authentication and communication)
- Profile information (name, preferences, country/region)
- Content you create (flashcards, blog posts)
- Learning progress data (game scores, experience points, levels, leaderboard rankings)
- Push notification subscription data
- Email notification preferences (for communications)
Automatically Collected Information
When you access our application, we may automatically collect:
- Device information and browser type
- Usage data and interaction patterns
- Page views and navigation patterns (with your consent)
- Performance metrics and Core Web Vitals (with your consent)
- Cookies and similar tracking technologies
- Local storage data (for application functionality and preferences)
- Service worker cache data (for Progressive Web App offline functionality)
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Personalize your experience and content
- Respond to your comments and questions
- Send push notifications (with your permission)
- Enable Progressive Web App (PWA) functionality and offline access
- Manage your learning progress, scores, and achievements
- Display leaderboard rankings and gamification features
- Analyze usage patterns to improve our application
- Protect against fraudulent or illegal activity
Cookies and Tracking
We use cookies and similar tracking technologies to:
- Necessary cookies: Essential for the application to function, including authentication and session management
- Marketing cookies: Used to deliver relevant content
Local Storage and Service Workers: We use browser local storage and service workers to enable Progressive Web App (PWA) functionality, including offline access and improved performance. This includes caching of application assets and temporary storage of user preferences.
Data Security
We implement appropriate technical and organizational security measures to protect your personal information, including:
- Encryption of data in transit and at rest
- Row-level security policies in our database
- Regular security audits and updates
- Secure authentication mechanisms
Your Privacy Rights
You have the right to:
- Access your personal information
- Correct inaccurate or incomplete data
- Request deletion of your data
- Export your data
- Opt-out of marketing communications
- Withdraw consent for data processing
Third-Party Services
We use the following third-party services that may collect, store, or process information used to provide you with our services:
Supabase (Database and Authentication)
We use Supabase to securely store your account information, user-generated content, and manage authentication. Supabase processes data in accordance with GDPR and SOC 2 Type II standards.
Vercel (Hosting, Deployment, Analytics, and Performance)
Our application is hosted on Vercel's infrastructure.
Upstash (Caching and Distributed State)
We use Upstash Redis for caching and temporary storage to improve application performance and enable distributed state management. Upstash processes cached data and temporary information (such as OAuth states and rate limiting data) in accordance with their privacy policy.
Google (Gmail OAuth and Authentication)
We use Google OAuth to enable email sending functionality through Gmail. This integration allows us to send newsletters, notifications, and account-related communications. When you use features that require email authentication, Google may process your email credentials in accordance with their privacy policy.
Push Notification Services
We use the Web Push API with VAPID (Voluntary Application Server Identification) keys to send push notifications to your browser or device. Push notification subscriptions are stored securely and require your explicit permission. You can disable push notifications at any time through your browser or device settings.
Each of these services has their own privacy policies governing how they collect and use your information. We encourage you to review their privacy policies:
Data Retention and Deletion
We retain your personal information for as long as necessary to provide you with our services and fulfill the purposes described in this privacy policy. We may retain certain information for longer periods when required by law or for legitimate business purposes.
You can request deletion of your account and associated data at any time through your account settings or by contacting us. When you delete your account, we will remove your personal information from our active databases within a reasonable timeframe. However, some information may be retained in our backup systems for a limited period or as required by law.
Progressive Web App (PWA) Data: If you have installed our application as a PWA, cached data and local storage may persist on your device even after account deletion. You can clear this data by uninstalling the PWA or clearing your browser's cache and storage for our application.
Children's Privacy
Our application is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
Changes to This Privacy Policy
We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date at the top of this policy.
Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us:
- Email: hello@mindgarden.ing
- Support: support@mindgarden.ing