GDPR Compliance

Effective Date : November 4, 2024

Last Updated : November 4, 2024

This GDPR Compliance Documentation explains MindMolt’s data processing activities and user rights under the General Data Protection Regulation (GDPR). MindMolt is committed to ensuring the security and privacy of personal data for users within the European Economic Area (EEA).

Data Processing Purposes and Lawful Basis

MindMolt processes personal data only for the specific purposes defined below, each under a lawful basis as required by GDPR:

Purpose	Type of Data Collected	Lawful Basis
Account Registration & Login	Email, Encrypted Password, Mandatory Username	Contractual Necessity
User Identification	Mandatory Username	Legitimate Interest
Optional Demographics	Full Name (optional), Age (optional), Location (optional)	Consent
Device Identification	Device ID	Legitimate Interest for security and fraud prevention
Data Security & Audits	Access Logs, Role-Based Access Records	Legal Obligation
Cookie Usage	Essential, Functional, Analytics, Security, Advertising, Third-Party Cookies	Consent (where required)

Data Retention Policy

Personal data is retained only for as long as necessary for the purposes outlined above, or as required by law. User data will be deleted or anonymized upon:

Account deletion request: Data associated with user accounts will be deleted within 90 days.
Expiry of retention period: All data exceeding the necessary retention period will be anonymized or deleted securely.

User Rights under GDPR

MindMolt is committed to respecting and facilitating the following GDPR rights for users within the EEA:

Right to Access: Users can request access to their personal data by contacting support@mindmolt.com. We will provide a copy of the data upon verification of identity.
Right to Rectification: Users can request corrections to their data if they believe it is inaccurate or incomplete.
Right to Erasure: Users may delete their accounts, and we will erase their data within 90 days, barring legal obligations.
Right to Restrict Processing: Users can request that we temporarily restrict processing of their data under specific conditions.
Right to Data Portability: Users can request a structured, commonly used, and machine-readable format of their data for transfer to another service.
Right to Object: Users may object to processing of their data for direct marketing or other legitimate interests.
Right to Withdraw Consent: Users can withdraw consent at any time for optional data collection (e.g., marketing cookies, demographic information).
Right Not to Be Subject to Automated Decision-Making: MindMolt does not employ automated decision-making that has significant legal or similar effects on users.

International Data Transfers

MindMolt’s data centers are located globally, and user data may be transferred internationally. Where we transfer data outside the EEA, we comply with GDPR requirements by implementing:

Standard Contractual Clauses (SCCs) with our third-party vendors.
Adequate safeguards where required for data transfers to ensure equivalent data protection levels as required by GDPR.

Data Security Measures

MindMolt employs a combination of physical, technical, and administrative measures to safeguard personal data, including:

Role-Based Access Control (RBAC): Only authorized personnel can access personal data, with access restricted to necessary functions.
Audits and Access Logging: Regular audits and access logs monitor and prevent unauthorized access.
Encryption: Passwords are encrypted, and sensitive data is protected using encryption both in transit and at rest.
Anonymization and Pseudonymization: Where possible, data is anonymized or pseudonymized to enhance privacy protections.

Ownership and Intellectual Property Rights

MindMolt retains ownership of the App, its source code, and content. This EULA does not grant you any ownership rights; it grants you a limited license to use the App according to the terms of this EULA. Unauthorized copying, reproduction, or distribution of the App’s source code or content is prohibited.

Cookies and Tracking Technologies

MindMolt uses cookies as outlined in our Cookie Policy. Users may control their preferences, and we seek consent for non-essential cookies per GDPR requirements. Types of cookies used include:

Essential: Necessary for core functions (login, security) and cannot be disabled.
Functional, Analytics, and Marketing Cookies: Require consent, which can be managed in the App’s settings.
Third-Party Cookies: Provided by services like Google Analytics, with opt-out options available within their respective platforms.

Data Protection Impact Assessment (DPIA)

MindMolt conducts regular DPIAs to assess the risks associated with processing personal data and ensures necessary steps are taken to mitigate potential risks. DPIAs are reviewed whenever significant changes are made to the App’s data processing activities.

Contact for Data Protection Officer (DPO)

MindMolt has appointed a Data Protection Officer (DPO) to oversee GDPR compliance. For inquiries or to exercise your rights, contact our DPO:

Email: support@mindmolt.com
Address: 228 Park Ave S PMB 772763,New York, NY 10003

Policy Updates and Notifications

MindMolt may update this GDPR Compliance Documentation periodically. Users will be notified of any significant changes via the App or by email. Continued use of the App after updates constitutes acceptance of the revised terms.

Complaints and Dispute Resolution

If you believe your data protection rights under GDPR have been violated, you have the right to file a complaint with your local Data Protection Authority (DPA) or contact us to resolve any concerns.

Start your journey today

Get the app Learn more

We offer a 30-day money-back guarantee for subscriptions made directly through our website. Please note that purchases through the Apple App Store or Google Play Store are subject to their respective refund policies.