Privacy Policy

1. Information I Collect

I only collect information that is necessary for Mynt to work. Specifically:

• Account information: your email address and password (the password is hashed and never visible to me)
• Profile information you choose to provide: first name, last name, username, profile picture, date of birth, and short bio
• Content you create in the app: your reviews, bookmarks, upcomings, categories, ratings, dates, descriptions, and any images you attach
• Feedback you submit through the in-app feedback form, including any screenshots and basic device information (model, OS version) you provide with the feedback
• A unique user ID assigned by the authentication system, used to associate your data with your account

Mynt does not collect your precise or approximate location, browsing history, contacts, health data, or any other category beyond what is listed above. Mynt does not use third-party analytics or advertising SDKs.

2. How I Collect Information

All information is collected directly from you, when you:

• Create an account (email, password)
• Set up or edit your profile (name, photo, bio, etc.)
• Create or edit entries in the app (your content)
• Attach photos via the camera or photo library (only when you actively pick them — Mynt never reads your photo library in the background)
• Submit feedback through the feedback form

Mynt does not collect information automatically about your device usage, location, or app behavior.

3. How I Use Your Information

Your information is used only for the following purposes:

• To provide the core features of Mynt: storing and displaying your content across your devices
• To authenticate you and keep your account secure
• To deliver transactional emails such as email verification, password reset, and feedback replies
• To respond to feedback you send through the app
• To improve Mynt based on issues users report

Your information is never used for advertising, profiling, or sold to anyone.

4. Sharing and Third-Party Services

I do not sell, rent, or trade your personal information. Your information is processed by the following third-party services, which act as data processors on Mynt's behalf:

• Supabase (supabase.com): hosts the database, authentication system, and image storage. All your account information, content, and images are stored on Supabase infrastructure. Supabase's servers are located in the European Union.
• Resend (resend.com): handles transactional emails (verification, password reset, feedback replies, account deletion confirmation). Resend processes the email address and the content of those automated messages.

These providers are bound by contractual data processing agreements and may not use your data for their own purposes.

Shared content: when you use the "share" feature in Mynt to share an entry, the content of that entry becomes accessible to anyone who has the share link. Only share links to content you are comfortable being viewed by the recipient. Shared entries do not expose your private information beyond what is included in the entry itself.

Legal disclosures: I may disclose information if required by law, court order, or to protect the rights, property, or safety of users.

5. Data Security

I take reasonable steps to protect your information:

• All data is transmitted over HTTPS (encrypted in transit)
• Data is stored on Supabase, which encrypts data at rest
• Passwords are hashed using industry-standard methods and are never stored or visible in plain text
• Row-level security policies ensure each user can only access their own data

No system is 100% secure. If a security incident occurs that affects your data, I will notify affected users as required by applicable law.

6. Data Retention

Your data is retained as long as your account is active. You can delete your account at any time from the in-app settings.

When you delete your account:

• Your profile, all entries, images, and categories are permanently deleted
• Your authentication record is removed
• Backups containing your data are rotated out within 30 days
• Anonymized feedback content may be retained for product improvement

If required by law (for example, financial or tax records), some information may be retained longer.

7. Your Privacy Rights

Depending on where you live, you may have the following rights regarding your personal information:

• Access: request a copy of the information held about you
• Correction: ask for incorrect information to be fixed (you can also do this yourself in the app)
• Deletion: delete your account and all associated data (available in app settings)
• Portability: request your data in a machine-readable format
• Objection: object to certain processing
• Withdraw consent: where processing is based on consent

These rights apply broadly under the EU GDPR, the UK GDPR, the California CCPA/CPRA, and similar laws. To exercise any of these rights, email privacy@mynts.app. I will respond within 30 days.

If you are in the EU and believe I have mishandled your data, you have the right to lodge a complaint with your local data protection authority.

8. Tracking and Analytics

Mynt is a native mobile app and does not use browser cookies.

Mynt does not use any third-party analytics, advertising, or tracking SDKs. Your device and behavior are not tracked.

9. Children's Privacy

Mynt is not intended for children under 13. The registration flow blocks users who indicate they are under 13. I do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please contact privacy@mynts.app and I will delete the account and associated data promptly.

10. International Transfers

Mynt's data infrastructure is hosted in the European Union (via Supabase). Transactional emails may be processed by Resend's infrastructure in the United States and other countries, with appropriate safeguards in place (Standard Contractual Clauses for EU transfers).

If you access Mynt from outside the EU, your information may be transferred to and processed in the EU.

11. Changes to This Policy

This policy may be updated occasionally to reflect changes in how Mynt works or in legal requirements. When that happens, the "Last Updated" date at the top will change, and for material changes I will notify users through the app or by email. Continued use of Mynt after an update means you accept the revised policy.

12. Contact

Questions, requests, or concerns about this policy or your data:

Mario Rapillo
Email: privacy@mynts.app

I will respond within 30 days.