Skip to main content

Mindky Privacy Policy

Last updated: 02/10/2025 Effective as of: 02/10/2025

At Mindky ("we", "our", "us"), protecting your personal data is a top priority. This Privacy Policy explains what information we collect, how we process it, and your rights under applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

By using our platform, website, mobile app, APIs, or integrations (collectively the "Service"), you agree to the practices described below.

1. Data Controller & Contact

Data Controller

  • Company: Mindky SAS
  • Registered office: 10 Rue Du Mont Ste Croix, 57600 Forbach, France
  • Country of incorporation: France

Contact for privacy inquiries

You may contact us at any time to exercise your privacy rights or ask questions about this Policy.

2. Scope of this Policy

This Policy applies to all individuals using Mindky, including website visitors, registered users, administrators, and customers.

It covers:

  • Use of our website (www.mindky.com and subdomains)
  • Use of our web and mobile application
  • Access through APIs, integrations, or extensions
  • AI-powered features, including document ingestion and search
  • Analytics and usability tools (including SmartLook)
  • Customer support and communications

3. Data We Collect

3.1 Data you provide directly

  • Name, surname, display name
  • Email address, phone number
  • Account credentials (login, password – stored securely, hashed)
  • Profile information (photo, preferences, settings)
  • Content you upload (documents, files, notes, internal procedures)
  • Contacts you import (if applicable)
  • Payment details (processed via third-party provider)
  • Support requests and communications with our team

3.2 Technical data and metadata

  • IP address, browser type, operating system, device type
  • Session logs, usage metrics, interactions (pages, clicks, time spent)
  • Cookies and similar tracking technologies (see Section 5)
  • Device identifiers, app version, crash/error logs
  • Metadata of uploaded files (e.g. name, size, creation date)

3.3 Data from third-party services

  • If you connect integrations (Google Drive, Microsoft 365, Slack, SharePoint, etc.), we may receive basic account data (name, email, documents)
  • Data from analytics and communication providers (e.g. Mailchimp for email campaigns)

We process personal data for the following purposes:

PurposeLegal Basis
Provide and operate the ServiceContract performance
Authenticate and secure your accountContract performance
Process documents into embeddings for internal search and onboardingContract performance / Legitimate interest
Respond to support requestsContract performance
Send service-related notificationsContract performance / Legal obligation
Improve features and user experienceLegitimate interest
Analyze usage and perform analyticsLegitimate interest / Consent (where required)
Marketing and campaigns (e.g. newsletters)Consent
Comply with legal obligations (e.g. tax, accounting)Legal obligation

Important: Uploaded documents are processed into embeddings for internal search and onboarding features. We do not use your documents to train external AI models (e.g. OpenAI, Mistral).

5. Cookies & Tracking Technologies

5.1 Types of cookies we use

  • Essential cookies – required for login, authentication, security
  • Analytics cookies – measure usage and performance
  • Marketing cookies – track campaigns (if applicable)
  • Session replay tools – analyze usability (SmartLook)

Non-essential cookies (analytics, marketing) require your prior consent. You may manage preferences through our cookie banner or browser settings.

5.3 SmartLook session replay

  • We use SmartLook to record pseudonymized user interactions (navigation, clicks) for UX improvements.
  • Sensitive content (documents, passwords, financial data) is excluded.
  • You may opt out via the cookie banner.

6. Sharing of Data

We may share your personal data with:

  • Hosting & cloud services: AWS Bedrock (EU servers)
  • LLM provider: Mistral (EU) for AI processing
  • Email services: Mailchimp for newsletters and campaigns
  • Analytics & session replay: SmartLook, as described above
  • Authorized third-party integrations: Google Drive, Microsoft 365, Slack, SharePoint (only if you connect them)
  • Legal authorities: where required by law or regulation
  • Corporate transactions: in case of merger, acquisition, or restructuring
  • Aggregated/anonymized data: that cannot identify you

All providers are bound by confidentiality and data processing agreements.

7. International Transfers

Mindky stores and processes data within the European Union.

If data must be transferred outside the EEA, we apply appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Explicit consent, if no other safeguard applies

8. Data Retention

We retain data for as long as necessary to provide the Service or as required by law.

  • Account data: as long as the account is active + 1 year after closure
  • Uploaded documents: retained while account is active, deleted upon closure or request
  • Logs: 6–24 months
  • Marketing data: until you unsubscribe, or max 3 years of inactivity
  • Support communications: 1–5 years depending on legal obligations

When retention expires, data is deleted or irreversibly anonymized.

9. Data Security

We apply technical and organizational measures to protect data, including:

  • TLS encryption in transit, encryption at rest (where applicable)
  • Role-based access controls
  • Multi-factor authentication
  • Activity and audit logs
  • Secure redundancy and backups
  • Vulnerability testing and incident response plan

In case of a data breach posing a high risk, we will notify you and the CNIL (French authority) as required by GDPR.

10. Your Rights (GDPR)

As a data subject in the EU, you have the following rights:

  • Access – obtain a copy of your data
  • Rectification – correct inaccurate or incomplete data
  • Erasure – request deletion ("right to be forgotten")
  • Restriction – limit processing in certain cases
  • Objection – to processing based on legitimate interest or direct marketing
  • Portability – receive your data in machine-readable format
  • Withdraw consent – when processing is based on consent
  • Lodge a complaint – with the CNIL or your local data protection authority

To exercise these rights, contact us at contact@mindky.com.

  • We may verify your identity before processing your request.
  • We will respond within one month (extendable as permitted by law).

11. Children's Privacy

Mindky is not intended for individuals under 18 years old.

We do not knowingly collect data from minors. If such data is found, it will be deleted promptly.

12. Policy Updates

We may update this Privacy Policy periodically.

If material changes occur, we will notify you by email or through the Service.

The "Last Updated" date indicates the latest revision.

13. Contact Us

For privacy-related inquiries:

  • Mindky SAS
  • Email: contact@mindky.com
  • Address: 10 Rue Du Mont Ste Croix, 57600 Forbach, France

Mindky Terms of Use

Last updated: 02/10/2025

These Terms of Use ("Terms") govern your access to and use of the services provided by Mindky SAS ("Mindky", "we", "our", "us"). By creating an account, accessing, or using our platform, website, mobile app, APIs, or integrations (collectively the "Services"), you agree to be bound by these Terms. If you are using the Services on behalf of an organization, you represent that you are authorized to accept these Terms on behalf of that organization.

1. Registration and Access

  • You must be at least 18 years old to use the Services.
  • You are responsible for providing accurate and complete registration information and keeping it updated.
  • You must safeguard your login credentials and are responsible for all activities under your account.
  • If you suspect unauthorized use, you must notify us immediately.

2. License to Use the Services

  • Subject to these Terms, Mindky grants you a limited, non-exclusive, non-transferable, revocable license to use the Services during your subscription.
  • All rights, title, and interest in the Services (including algorithms, models, software, and infrastructure) remain with Mindky and its licensors.
  • You may not reverse engineer, decompile, or attempt to extract source code or underlying models, except as permitted by law.

3. Input and Output

Input: Data, documents, files, text, or other content that you upload or provide to the Services. Output: The responses, insights, or results generated by the Services based on your Input.

Ownership

  • You retain all rights to your Input.
  • Subject to these Terms, you may use the Output for any purpose, including commercial use.
  • Mindky does not claim ownership of your Input or Output.

Use of Input by Mindky

  • You grant Mindky a limited license to process your Input solely to provide the Services (including indexing, embeddings, and retrieval).
  • Mindky may collect and analyze anonymized and aggregated usage data to improve performance, but this will never identify you or your confidential content.
  • Mindky does not use your Input or Output to train external AI models (e.g. OpenAI, Mistral).

Disclaimer on Output

  • Given the nature of AI, Output may not be unique, accurate, or error-free.
  • You are responsible for reviewing and verifying the accuracy of Output before relying on it.
  • Mindky is not liable for decisions or outcomes based on Output.

4. Acceptable Use Restrictions

You agree not to:

  • Use the Services in violation of any law or regulation.
  • Upload malicious code, viruses, or harmful content.
  • Infringe, misappropriate, or violate the rights of others.
  • Represent AI-generated Output as human-authored when it is not.
  • Use the Services for:
    • Fraudulent, illegal, or abusive purposes,
    • Automated decision-making with legal or financial impact without human oversight,
    • Generating or distributing harmful, discriminatory, or inappropriate content.

Mindky reserves the right to suspend or terminate accounts for violations of these restrictions.

5. Confidentiality and Security

  • Each party must protect confidential information disclosed by the other party.
  • Mindky implements industry-standard security measures (encryption, access control, monitoring) to safeguard your data.
  • If you become aware of a security breach, you must inform Mindky immediately.

6. Fees and Payment

  • Access to paid features of the Services requires payment of applicable fees as per your subscription plan.
  • Payments are non-refundable except as required by law or expressly stated by Mindky.
  • Mindky may suspend or terminate access if payments are overdue.

7. Termination and Suspension

  • These Terms apply from the moment you create an account or use the Services.
  • You may terminate your account at any time by contacting us.
  • Mindky may suspend or terminate your access if you breach these Terms, fail to pay fees, or misuse the Services.
  • Upon termination, your license to use the Services ends, and Mindky may delete your data subject to applicable law and our Privacy Policy.

8. Disclaimers and Limitation of Liability

  • The Services are provided "as is" without warranties of accuracy, reliability, or fitness for a particular purpose.
  • Mindky does not guarantee uninterrupted availability or error-free operation.
  • To the maximum extent permitted by law, Mindky's liability is limited to direct damages up to the amount you paid for the Services in the last 12 months.
  • Mindky is not liable for indirect, incidental, or consequential damages, including lost profits or data.

9. Governing Law and Jurisdiction

  • These Terms are governed by the laws of France.
  • Any dispute shall be submitted to the exclusive jurisdiction of the courts of Paris, France.

10. Changes to These Terms

Mindky may update these Terms from time to time. The "Last updated" date indicates the latest version. If we make material changes, we will notify you by email or through the Services. By continuing to use the Services after changes take effect, you agree to the revised Terms.

11. Contact

  • Mindky SAS
  • Email: contact@mindky.com
  • Address: 10 Rue Du Mont Ste Croix, 57600 Forbach, France