Mimesys AI LogoMimesys AI
Sign InHighlights

Privacy Policy

Effective Date: June 28, 2025

Welcome! This privacy policy explains how we collect, use, and protect your personal information. We follow California privacy laws, including the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

1. What Information Do We Collect?

We collect the following information from you:

  • Email address (required to sign up): Used for account creation and authentication.
  • Profile information: You may provide a username, display name, and a personal description.
  • Prompts and responses: We store prompts you send to AI services and responses returned from AI services.
  • Local storage data: We use your browser's local storage to remember things like your theme preference. No personal information is stored this way.
  • Log data: Our servers may record IP addresses for standard logging, but we do not actively use or analyze them except in special circumstances.

Supabase Authentication may collect additional data such as IP address or device information. See Supabase's Privacy Policy for more at https://supabase.com/

We do not use cookies, and we do not track your geolocation.

2. How Is Information Collected?

We collect information through:

  • Direct user input (e.g., AI prompts, sign-up, profile editing)
  • Automatic logs such as server logs, created during normal system operation
  • Local storage in your browser (non-personal data only)

Most data in the system is stored securely in the relational database Supabase, and some data may pass through other systems in transit. For example, Google Pub Sub is used to securely transfer data from the application website to the backend services.

We do not use cookies or tracking pixels.

3. Why Do We Collect This Information?

We collect this information to:

  • Create and manage your account
  • Authenticate you during sign-in
  • Operate and maintain our system
  • Deliver your prompts to AI services and return responses

We do not use your data for advertising, personalization, or selling to third parties.

4. Who Do We Share Data With?

We only share data with third parties as needed to operate the service:

  • AI service providers: User-provided artificial intelligence prompts are shared with service providers such as Anthropic, OpenAI, Google, and OpenRouter. These providers also return responses to our system that may process the information that was provided by the user in their prompt.
  • Infrastructure providers: Vercel (front-end), Supabase (authentication, database), and Redis (backend infrastructure).

These providers have their own privacy policies. We do not share any personal data beyond what's required for service operation.

5. Do We Sell Your Personal Information?

No. We do not sell, rent, or share your personal data with advertisers, data brokers, or anyone else.

6. Your Rights Under California Law

As a California resident, you have the right to:

  • Know what personal data we collect and share
  • Delete personal data you have provided
  • Opt out of the sale or sharing of personal data (not applicable here)
  • Correct inaccurate information
  • Limit use of sensitive personal data

7. How Can You Exercise Your Rights?

If you want to request data deletion or access, email us at: info@dotterandpop.com

Please email us from the same address linked to your account. We may not be able to verify or process requests from other addresses. We typically do not respond to requests that appear to be inauthentic, automated, contain spam, solicitations, or other requests that are not directly related to a request from a verified account holder email address.

We'll make commercially reasonable efforts to honor your request, limited to data that you directly provided (e.g., prompts, responses, profile info).

8. How Do We Protect Your Information?

We seek follow industry standard practices for data protection:

  • All user data is stored in services that require authentication and authorization
  • No backend data services with used data are exposed without authentication and other security checks
  • Our partners (e.g., Google, Supabase) maintain high security standards as well. Please refer to their websites to learn more about their terms of service.

9. Cookies and Tracking

  • We do not use cookies or tracking pixels.
  • We use local storage for user convenience (like remembering the visual theme the user has selected). No personal information is stored in local storage.
  • We use Supabase Authentication to authenticate account holders, which routinely uses local storage as part of their authentication flow. Please refer to the company website for details on their specific policies.

10. Children's Privacy

We do not knowingly collect personal data from anyone under:

  • Age 13 (per COPPA)
  • Age 16 (per CPRA)

If you believe we have collected data from a child, please contact us.

11. Policy Updates

This privacy policy is subject to change without notice. Any updates will be posted on this page.

We recommend checking this policy periodically to stay informed.

12. Do Not Track Signals

We currently do not respond to browser "Do Not Track" signals. This is consistent with current industry standards.

If you have any questions about this policy, feel free to contact us at info@dotterandpop.com.