Privacy Policy

This Privacy Policy explains how Mind Mapping Labs Inc ("Prana," "we," "us," or "our") collects, uses, discloses, and protects personal information when you use the Prana app, website, and related services (the "Services").

1. Scope

This Policy applies to information collected through our Services. Prana currently launches in North America (United States and Canada) and on iOS first. If we expand platforms or regions, this Policy continues to apply unless we publish an update.

2. Information We Collect

We aim to collect only what we need to operate and improve the Services.

• Account data: email and basic profile details when you sign in (for example via Apple or Google).
• Usage and diagnostics: feature usage, app events, crash reports, and technical metadata.
• Session and wellness metrics: session-level data (such as session completion, wellness summaries, and related app state).
• Apple Health data (optional): with your permission, we may read heart-rate data (and HRV when available) around sessions and write mindful sessions to Apple Health.
• Subscription metadata: entitlement and transaction state from Apple billing systems.
• Support data: information you include when contacting us.
• Website data: information submitted through website forms, such as download inquiries or support requests.
• Optional microphone input: used for onboarding calibration and processed on-device by default; raw recordings are not uploaded by default.

3. How We Use Information

• Provide, maintain, and secure the Services.
• Personalize your experience and recommendations.
• Process subscriptions and restore purchases.
• Diagnose issues and improve product quality.
• Respond to support requests and legal obligations.

4. AI Coach

When you use AI Coach, prompts may be processed by our backend and AI infrastructure providers to generate responses and maintain service reliability. Do not submit highly sensitive personal information unless necessary.

4A. In-App Event Analytics and Data Minimization

To understand product performance, reliability, and feature adoption, we collect limited in-app event data, including:

• Screen view events.
• Session lifecycle events (for example: session started, completed, or ended early).
• Authentication outcome events (for example: sign-in/sign-out success or failure stage).
• Subscription flow events (for example: paywall result, purchase success/failure, restore outcome, and manage/cancel redirect outcome).
• Reminder-related events (for example: notification permission result, reminder set, or reminder skipped).

These events are limited to metadata such as screen name, platform, feature flags, and high-level status/outcome fields.

We do not intentionally include sensitive fields in analytics payloads, such as email addresses, authentication tokens, passwords, or full payment card details.

4B. Apple Health Integration

Apple Health access is optional and requires your explicit device-level permission. You can revoke Health permissions at any time in iOS settings.

• We may read heart-rate data and HRV (when available) around sessions to power wellness features.
• We may write mindful sessions to Apple Health when enabled.
• We do not use Apple Health data for advertising, data brokerage, or cross-context behavioral profiling.

5. Sharing and Disclosure

We do not sell personal information. We also do not knowingly share personal information for cross-context behavioral advertising.

We may share information with service providers (such as authentication, analytics, cloud hosting, billing, customer support, and AI infrastructure), legal authorities when required, or transaction counterparties in a merger, acquisition, or reorganization.

6. Retention

We retain information only as long as reasonably necessary for operations, legal compliance, security/fraud prevention, dispute resolution, and contract enforcement, then delete or de-identify it where reasonably practicable.

7. Your Choices and Rights (U.S. and Canada)

• Use guest mode for limited access.
• Request access, correction, or deletion of personal information, subject to legal exceptions.
• Withdraw consent where processing is based on consent, subject to legal/contractual limits.
• Manage Apple Health and device permissions through iOS settings.
• Manage subscriptions through your Apple account settings.

Depending on your location, you may have additional rights under applicable U.S. state or Canadian privacy laws. To submit a request, contact hello@mindmappings.co. We may need to verify your identity before processing requests.

8. Cookies and Tracking Signals

Our website may use cookies or similar technologies for core site operation and limited analytics. You can manage cookie preferences through your browser settings.

Because we do not currently sell or share personal information for cross-context behavioral advertising, there is generally no separate "Do Not Sell or Share" action required for our current practices.

9. Security and Breach Notice

We implement reasonable technical and organizational safeguards, but no system is completely secure.

If a security incident occurs, we will provide notices required by applicable law to affected individuals and regulators.

10. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13.

11. International and Cross-Border Transfers

Information may be processed in the United States, Canada, and other locations where our service providers operate, which may have different data protection laws.

12. HIPAA Clarification

Prana is a consumer wellness service and is generally not a HIPAA covered entity or business associate when you use the app directly as a consumer.

13. Changes to This Policy

We may revise this Policy periodically. Updated versions are effective when posted with a revised effective date.

14. Contact

Email: hello@mindmappings.co
Company: Mind Mapping Labs Inc