Mindex logo

Mindex

Privacy Notice (EU)

Privacy Notice (EU / GDPR)

Details on how Mindex processes data under GDPR.

Last updated: 28 Feb 2025 · Version 2025-03

1. Controller

Mindex UG (haftungsbeschränkt), [Street, Number], [Postal Code] [City], Germany
Email: privacy@mindex.app
Phone: +49 (0)30 0000000

2. Data Protection Officer

Contact: dpo@mindex.app

3. Purpose & Legal Basis

We process personal data to operate the web app, administer accounts, fulfil contracts, respond to support requests, improve the product, and ensure security/abuse prevention. Legal bases: Art. 6(1)(b) GDPR (contract), Art. 6(1)(c) GDPR (legal duties), Art. 6(1)(f) GDPR (legitimate interest in a safe, efficient platform), and Art. 6(1)(a) GDPR (consent for optional features such as newsletters).

4. Categories of Data

  • Registration: name, email address, password hash, language, plan tier.
  • Usage: interactions, uploads, folders/tags, device data, log files (IP, timestamps, user agent).
  • Billing (paid plans): billing address, transaction ID, payment token.
  • Support: ticket contents, chat transcripts, feedback.

5. Retention

Data is retained while an account remains active plus as required for statutory retention (e.g., 6 or 10 years) or legitimate interests (claim defence). Log files are anonymised or deleted after ~30 days.

6. Recipients & Transfers

We rely on processors such as Google Firebase, Stripe, and Sentry under Art. 28 GDPR. International transfers are covered by EU Standard Contractual Clauses plus supplementary safeguards.

7. Cookies & Analytics

Session cookies are essential. Optional analytics/marketing cookies only run with prior consent, which can be withdrawn at any time via the consent tool. See our cookie policy for tooling details.

8. Your Rights

You may request access, rectification, erasure, restriction, portability, and object to processing under Art. 6(1)(e)/(f) GDPR. Consent can be withdrawn at any time. Complaints may be lodged with your supervisory authority (e.g., Berlin DPA).

9. Profiling / Automated Decisions

We do not use solely automated decision-making with legal or similarly significant effects. AI suggestions in the Knowledge Map are purely assistive.

10. Security

Data is protected via TLS encryption, access controls, encrypted storage (Firebase), monitoring, and routine audits.

11. Updates

Date: 1 Feb 2025. We publish updates whenever processing activities or legal requirements change.

Legal

Legal NoticePrivacy Notice (EU)Terms & ConditionsPrivacy Policy
    Privacy Notice | Mindex