Privacy Policy

Last updated: 31 March 2026

This Privacy Policy explains how Mimiq ("we", "us", "our") collects, uses, and protects your personal data when you use our service at app.iammimiq.io.

1. Data we collect

Account data

• Email address — used for authentication and account identification.
• Password — stored as a bcrypt hash. We never store or have access to your plain-text password.

Content data

• Topics and knowledge — text content you provide, including notes, updates, and structured knowledge.
• Messages — conversation history between you and the AI assistant.
• Linked documents — content from documents you upload or link (e.g. Confluence pages).
• Version history — all versions of your knowledge, including changelogs.

Integration credentials

• Confluence — site URL, email, and API token. Stored encrypted. Used only to access pages you explicitly link.

Usage data

• AI usage — we log which AI models are called, token counts, and costs for billing and monitoring. The content of your requests is not stored in usage logs.

2. How we use your data

• Providing the service — processing your knowledge, running AI operations, syncing documents.
• Authentication — verifying your identity when you sign in.
• Service improvement — aggregated, anonymised usage patterns to improve the product. We do not analyse individual content.

3. AI processing

Your content is sent to Anthropic (Claude) for processing. Anthropic's commercial API terms prohibit using customer data for model training. Your data is processed in real-time and not retained by the AI provider beyond the request lifecycle.

4. Data sharing

We do not sell your data. We share data only with:

• Anthropic — AI processing provider, under their enterprise data processing agreement.
• Google Cloud Platform — infrastructure provider, under their data processing terms.
• MongoDB Atlas — database provider, under their data processing agreement.

We do not share your data with any other third party unless required by law.

5. Internal access to your data

Mimiq staff may access your data only to resolve technical issues you've reported, investigate security incidents, or comply with legal obligations. Access is logged and limited to the minimum necessary. We do not browse or review your content for any other purpose.

6. Data storage and security

• Data is stored in the United States (Google Cloud, us-central1).
• All data is encrypted at three layers: in transit (TLS 1.2+), at rest (AES-256), and at the application level (sensitive data encrypted with a separate key before storage).
• See our Security page for detailed information.

7. Your rights

You have the right to:

• Access your data — all your knowledge, messages, and documents are visible in the app.
• Delete your data — you can delete individual topics (which removes all associated data) or request full account deletion.
• Export your data — you can copy your knowledge and download linked documents from the app.
• Withdraw consent — you can delete your account at any time.

To exercise these rights or request account deletion, contact us at hello@iammimiq.io.

8. Cookies

Mimiq uses a single authentication token stored in your browser's local storage. We do not use tracking cookies, analytics cookies, or any third-party cookies.

9. Children

Mimiq is not intended for use by anyone under the age of 16. We do not knowingly collect data from children.

10. Changes to this policy

We may update this policy from time to time. Significant changes will be communicated via the app or email. The "Last updated" date at the top reflects the most recent revision.

11. Contact

For questions about this privacy policy or your data, contact us at hello@iammimiq.io.