cd "c:\Users\Samhitha Palvoy\Documents\GitHub\mindtwinai" python verify_casa.py Privacy Policy - MindTwin.AI

Privacy Policy

Last Updated: January 9, 2026

MindTwin.AI Limited Use Disclosure: MindTwin.AI's use and transfer of information received from Google APIs adheres to Google API Services User Data Policy, including the Limited Use requirements.

1. Information We Collect

1.1 Google Account Data

When you connect your Google account, we access:

Email: To read, send, and organize your emails
Calendar: To view and create calendar events
Drive: To access files you explicitly share
Profile: Your name, email address, and profile picture

1.2 Usage Data

We collect minimal usage data:

Chat messages with our AI
Feature usage patterns
Error logs (with sensitive data masked)

2. How We Use Your Data

        We NEVER:
        ❌ Sell your data to third parties
❌ Use your data for advertising
❌ Share your Gmail/Calendar/Drive data with anyone
❌ Train AI models on your personal data (we use AI to help YOU, not to train on your data)

    

We ONLY use your data to:

✅ Provide the features you requested (email management, calendar, etc.)
✅ Process your data through AI (OpenAI GPT) to generate insights, replies, and summaries FOR YOU
✅ Improve your MindTwin experience
✅ Respond to your support requests
✅ Ensure security and prevent abuse

2.1 AI Processing (Important Clarification)

How we use AI:

✅ We send your messages to OpenAI's API to analyze and generate responses
✅ We use pre-trained models (GPT-3.5, GPT-4) to process YOUR data for YOUR benefit
✅ OpenAI may temporarily process data but does NOT train on API data per their policy
✅ Your data helps YOU via AI, it doesn't train models for others

CASA Compliance Statement:

MindTwin uses third-party AI services (such as OpenAI) strictly as data processors to perform real-time inference for the authenticated user. Google user data is not used to train, fine-tune, or improve any generalized AI or machine learning models. Data sent for AI processing is used only to generate responses for the same user and is not retained or reused beyond the scope of the request.

What this means: When you ask MindTwin to summarize an email, we send that email to OpenAI's API, get a summary back, and show it to you. Your email is NOT added to a training dataset. It's like hiring a secretary (AI) to read your emails and help you—not publishing your emails in a book for others to learn from.

3. Google Limited Use Policy Compliance

MindTwin.AI complies with Google's Limited Use requirements:

Minimal Scopes: We only request Google permissions you need for features you use
Secure Storage: All Google tokens are encrypted and stored securely
No Data Selling: Your Google data is NEVER sold or used for advertising
Transparent Use: We clearly explain why each permission is needed
User Control: You can revoke access anytime

4. Data Storage & Security

4.1 Storage Location

Your data is stored:

Google data (raw content): Accessed via API in real-time, not permanently stored
Derived insights: User-approved summaries or insights may be stored solely for the authenticated user's personal use
Chat history: Encrypted on our servers (200 messages, rolling)
Tokens: Encrypted in secure database

4.2 Security Measures

🔒 HTTPS encryption for all data transfer
🔒 OAuth 2.0 with PKCE for authentication
🔒 Encrypted token storage
🔒 Rate limiting to prevent abuse
🔒 Regular security audits

5. Data Retention

We retain data as follows:

Google Tokens: Until you sign out or revoke access
Chat History: Last 200 messages (local storage)
Life Story Data: Until you delete it
Logs: 30 days (with sensitive data masked)

6. Your Rights

You have the right to:

✅ Access your data
✅ Delete your data
✅ Export your data
✅ Revoke Google access anytime
✅ Opt-out of any feature

7. Third-Party Services

We use the following third-party services:

OpenAI: For AI chat functionality (messages are not used for training)
Google APIs: For Gmail, Calendar, Drive access

8. Children's Privacy

MindTwin.AI is not intended for users under 13. We do not knowingly collect data from children.

9. International Users

If you're outside the US, your data may be transferred to and processed in the United States.

10. Changes to Privacy Policy

We will notify you of material changes via email or in-app notification.

11. Contact Us

Questions about privacy?

Email: privacy@mindtwinai.com
Support: https://mindtwinai.com/support

12. Data Deletion

To delete your data:

Sign in to MindTwin.AI
Go to Settings → Delete Account
Or email us at privacy@mindtwinai.com

We will delete your data within 30 days.

Google API Services User Data Policy

MindTwin.AI's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

← Back to MindTwin.AI