JoCoding, Inc. ("we," "our," or "us") operates the MindSpire mobile application (the "App"). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use MindSpire.
By creating an account or using the App, you agree to the practices described in this Policy. If you do not agree, please do not use the App.
We are committed to complying with:
| Data | Purpose |
|---|---|
| Name | Personalize your in-app experience |
| Gender | Improve affirmation recommendations |
| Age | Tailor content difficulty and relevance |
| MBTI type | Enhance affirmation matching |
| Current life situation (text) | AI-based category classification for personalized recommendations |
| Saved affirmations | Store content you've bookmarked |
| Saved quotes | Store wisdom quotes you've bookmarked |
| Burned thought records | Temporarily processed for the Fire Pit feature; not retained after burning |
| Data | Purpose |
|---|---|
| Apple/Google account identifier | Authentication (Sign in with Apple / Google) |
| FCM (Firebase Cloud Messaging) token | Send push notifications (e.g., daily streak reminders) |
| App usage data | Improve app performance and features |
| Permission | Reason |
|---|---|
| Microphone | Arena feature — voice-to-text affirmation challenge |
| Photo Library (write) | Save affirmation/quote cards as images |
| Notifications | Daily reminders and streak alerts |
We do not access your microphone or photo library except when you are actively using the relevant feature.
We use the information described above to:
We do not use your personal information for advertising, profiling for marketing purposes, or automated decision-making with legal effects.
For users in the EEA, we process your data under the following legal bases:
| Processing Activity | Legal Basis |
|---|---|
| Account creation and authentication | Contract (Art. 6(1)(b) GDPR) |
| Personalized recommendations | Consent (Art. 6(1)(a) GDPR) |
| Push notifications | Consent (Art. 6(1)(a) GDPR) |
| App improvement (anonymized analytics) | Legitimate interests (Art. 6(1)(f) GDPR) |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c) GDPR) |
You may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
| Data Type | Retention Period |
|---|---|
| Account and profile data | Until you delete your account |
| Saved affirmations and quotes | Until you delete them or your account |
| Burned thought entries | Not retained after the burn action is completed |
| FCM token | Until account deletion or token refresh |
| Anonymized analytics | Up to 24 months |
When you delete your account, all personally identifiable data is permanently deleted from our servers within 30 days.
We use the following third-party services, each governed by their own privacy policies:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Supabase | Backend database and authentication infrastructure | supabase.com/privacy |
| Google Firebase (FCM) | Push notification delivery | firebase.google.com/support/privacy |
| Apple Sign-In | Authentication | apple.com/legal/privacy |
| Google Sign-In | Authentication | policies.google.com/privacy |
| RevenueCat | In-app purchase and subscription management | revenuecat.com/privacy |
We do not sell your personal information to any third party.
Your data is stored on Supabase infrastructure, which uses industry-standard encryption in transit (TLS) and at rest. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.
Despite our efforts, no method of transmission over the internet is 100% secure. If you become aware of any security concern, please contact us immediately at mu07010@jocoding.net.
MindSpire is available globally. Your data may be transferred to and processed in countries outside your country of residence, including countries where data protection laws may differ from those in your jurisdiction.
For EEA users: when we transfer data outside the EEA, we ensure that appropriate safeguards are in place (e.g., Standard Contractual Clauses).
For Korean users: cross-border transfers are conducted in accordance with Article 28-8 of the Personal Information Protection Act.
Depending on your location, you may have the following rights:
| Right | Description |
|---|---|
| Access | Request a copy of your personal data |
| Rectification | Correct inaccurate or incomplete data |
| Erasure | Request deletion of your personal data |
| Restriction | Request that we restrict processing of your data |
| Portability | Receive your data in a structured, machine-readable format |
| Objection | Object to processing based on legitimate interests |
| Withdraw Consent | Withdraw consent at any time for consent-based processing |
To exercise any of these rights, contact us at mu07010@jocoding.net. We will respond within 30 days (or within the timeframe required by applicable law).
For Korean users, you may also file a complaint with the Personal Information Protection Commission (PIPC) at pipc.go.kr.
For EEA users, you have the right to lodge a complaint with your local Data Protection Authority (DPA).
MindSpire is not directed to children under the age of 13 (or 14 in the EEA under GDPR). We do not knowingly collect personal information from children under these ages. If we become aware that a child has provided us with personal information without parental consent, we will delete it promptly.
If you believe a child has submitted personal information to us, please contact us at mu07010@jocoding.net.
We may update this Privacy Policy from time to time. When we do, we will:
Continued use of the App after changes become effective constitutes your acceptance of the revised Policy.
JoCoding, Inc.
1111B S Governors Ave, STE 80543
Dover, Delaware 19904, USA
App: MindSpire
Email: mu07010@jocoding.net
For privacy-specific inquiries or data subject requests, please include "Privacy Request" in your email subject line.