Privacy Policy

IMPORTANT PRIVACY INFORMATION

COPYMIND is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website located at copymind.me and our AI-powered personal growth service (collectively, the "Service").

When you access our website, we automatically collect from your device language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, Facebook ID, and other unique identifiers (such as IDFA and AAID). We need this data to provide our services, analyze how our customers use the website, and to measure ads.

For improving the website and serving ads, we use third-party solutions. As a result, we may process data using solutions developed by Amplitude, Facebook, Google, Hotjar, Twitter, TikTok, Pinterest, Snapchat, Freshdesk, Solidgate, Supabase, Customer.io, OpenAI, and Tableau. Therefore, some of the data is stored and processed on the servers of such third parties. This enables us to (1) analyze different interactions (how often users use live chats on the Website, what sections of the Website our users viewed); (2) serve and measure ads (and show them only to a particular group of users, for example, only to those who have made a purchase).

If you decide to make a purchase or to order a service on the Website, we will ask you to provide your email, name, gender, date of birth, and other relevant information. We will use this data to fulfill your order and to render a personalized service.

USE OF OPENAI API AND AI TECHNOLOGY

COPYMIND's core functionality relies on creating an AI-powered digital twin of your consciousness to help with personal growth and decision-making. To enable this functionality:

• We use the OpenAI API as a facilitator for simulating consciousness models. Your data provided to COPYMIND may be depersonalized and transmitted to OpenAI to enable the simulation of these models.
• The AI models we create are based on your responses to questions, your decision-making patterns, and other information you provide through our Service.
• We may use your data to train and improve our AI algorithms to better serve you and other users.
• Your AI twin is stored securely and is only accessible to you, unless you explicitly choose to share insights with others.
• We implement technical safeguards to ensure that your AI twin cannot be used to impersonate you or make decisions on your behalf without your explicit consent.

CATEGORIES OF PERSONAL DATA WE COLLECT

We collect several types of information from and about users of our Service:

1. Information You Provide to Us

• Account Information: When you create an account, we collect your name, email address, password, and optionally, your date of birth and gender.
• Profile Information: Information you provide in your user profile, including profile pictures, biographical information, and personal preferences.
• Assessment Responses: Your answers to personality assessments, quizzes, and other questions that help us create your AI twin.
• Decision History: Information about decisions you've made or are considering, which you share with the Service to receive guidance.
• Communications: Records of your interactions with your AI twin, including questions, responses, and feedback.
• Payment Information: If you subscribe to our premium services, we collect payment details, billing addresses, and transaction history.

2. Information We Collect Automatically

• Usage Data: Information about how you interact with our Service, including features you use, time spent on the platform, and navigation patterns.
• Device Information: Information about your device, including IP address, device type, operating system, browser type, and device identifiers.
• Location Data: General location information derived from your IP address.
• Cookies and Similar Technologies: Information collected through cookies, web beacons, and similar technologies about your browsing behavior and preferences.
• Advertising IDs: We collect your Apple Identifier for Advertising ("IDFA"), Identifier for Vendor ("IDFV") or Google Advertising ID ("AAID") depending on the operating system of your device.

3. Information from Third Parties

• Social Media Integration: If you choose to connect your social media accounts, we may collect information from those platforms to enhance your experience.
• Third-Party Services: Information from other services you've connected to COPYMIND, such as calendar apps or productivity tools.
• Public Sources: Publicly available information that may help personalize your experience.

FOR WHAT PURPOSES WE PROCESS YOUR PERSONAL DATA

We process your personal data for the following purposes:

1. Core Service Functionality

• Creating Your AI Twin: To develop and maintain an AI model that reflects your personality, values, and decision-making patterns.
• Providing Guidance: To offer personalized insights, recommendations, and decision support based on your AI twin.
• Improving Self-Awareness: To help you understand your patterns, strengths, and areas for growth.
• Facilitating Communication: To enable interaction between you and your AI twin.

2. Service Improvement and Development

• Enhancing AI Models: To improve the accuracy and effectiveness of our AI technology.
• Developing New Features: To create new functionalities that better serve your needs.
• Quality Assurance: To ensure the reliability and performance of our Service.
• Research and Analytics: To understand user behavior and preferences for improving our Service.

3. Communication and Support

• Customer Support: To respond to your inquiries and resolve issues.
• Updates and Notifications: To inform you about changes to our Service, new features, or important information.
• Feedback Collection: To gather your input on our Service and how we can improve it.

4. Business Operations

• Processing Payments: To handle subscriptions and transactions.
• Preventing Fraud: To detect and prevent fraudulent activities and security breaches.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.
• Enforcing Policies: To enforce our terms of service and other policies.

5. Marketing and Personalization

• Personalized Content: To tailor content and recommendations to your interests and needs.
• Marketing Communications: To send promotional messages about our products and services (with your consent where required).
• Advertising: To deliver relevant advertisements and measure their effectiveness.

LEGAL BASES FOR PROCESSING (EU/EEA USERS)

Data Controller: GM UNICORN CORPORATION LIMITED acts as the Data Controller, responsible for collecting, processing, and storing personal data in compliance with applicable data protection laws of the Republic of Cyprus to ensure your privacy is protected.

If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:

1. Your Consent

Under this legal basis we will send you marketing communications. You have the right to withdraw your consent any time by using the unsubscribe link in the footer of our emails or by contacting us at privacy@copymind.me. If you do not want to receive marketing SMS from us, you can unsubscribe by following instructions in the marketing SMS. We will also send you push notifications if you allow us to. You can disable notifications any time in the settings of your device.

2. Performance of a Contract

Under this legal basis we:

• Provide our Service (in accordance with our Terms and Conditions of Use)
• Customize your experience
• Provide you with customer support
• Communicate with you regarding your use of our Service
• Process your payments

3. Legitimate Interests

We rely on legitimate interests:

• To communicate with you regarding your use of our Service: Our legitimate interest is to encourage you to use our Service more often.
• To research and analyze your use of the Service: Our legitimate interest is to improve our Service so that we understand users' preferences and are able to provide you with a better experience.
• To personalize our ads: Our legitimate interest is to promote our Service in a reasonably targeted way.
• To enforce our Terms and Conditions of Use and to prevent and combat fraud: Our legitimate interests are enforcing our legal rights, preventing and addressing fraud and unauthorized use of the Service, non-compliance with our Terms and Conditions of Use.

4. Legal Obligation

We process your personal data when necessary to comply with our legal obligations.

DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

• Encryption: We use industry-standard encryption to protect data in transit and at rest.
• Access Controls: We restrict access to personal data to authorized personnel only, based on the principle of least privilege.
• Regular Security Assessments: We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities.
• Employee Training: We train our employees on data protection and security best practices.
• Incident Response: We have procedures in place to respond to data breaches and security incidents promptly.
• AI Model Security: We implement additional safeguards for AI models to prevent unauthorized access or misuse.

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

WITH WHOM WE SHARE YOUR PERSONAL DATA

We may share your information with the following categories of recipients:

• Service Providers: Third-party vendors who perform services on our behalf, such as cloud hosting (Amazon Web Services), payment processing (PayPal, Solidgate), customer support (Freshdesk), and analytics (Amplitude, Facebook, Google, Hotjar, Tableau).
• AI Technology Partners: Companies like OpenAI that provide AI technologies used in our Service.
• Marketing Partners: Social media networks, marketing agencies, email delivery services (Facebook, Google, Snapchat, Pinterest, TikTok, Twitter).
• Legal Authorities: Law enforcement agencies, courts, regulators, or other government authorities when required by law or to protect our rights.
• Professional Advisors: Lawyers, auditors, bankers, and insurers who provide professional services to us.
• Corporate Transactions: Parties involved in a merger, acquisition, or sale of assets may receive your information as part of the transaction.
• With Your Consent: Other third parties with your explicit consent.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Note on AI Twin Sharing: Your AI twin and its insights are private to you by default. You can choose to share specific insights or recommendations with others, but we will never share your complete AI twin or allow others to access it without your explicit consent.

DATA RETENTION

We retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Account Information: We retain your account information for as long as your account is active. If you delete your account, we will delete or anonymize your account information within 30 days, except where we need to retain certain information for legitimate business or legal purposes.

AI Twin Data: Your AI twin data is retained for as long as your account is active. If you delete your account, your AI twin will be permanently deleted within 30 days. You can also request a reset of your AI twin at any time, which will delete the existing model and start fresh.

Usage Data: We may retain anonymized or aggregated usage data for analytical purposes even after you delete your account, but this data cannot be used to identify you.

Backup Data: For disaster recovery purposes, we may retain backup copies of your data for a limited period even after deletion from our active systems.

INTERNATIONAL DATA TRANSFERS

COPYMIND operates globally, which means your personal data may be transferred to, stored, and processed in countries outside of your country of residence, including the United States, where our main servers are located.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure that such transfers comply with applicable data protection laws by implementing appropriate safeguards, such as:

• Standard Contractual Clauses: We use EU-approved Standard Contractual Clauses in our agreements with third parties that receive data outside the EEA.
• Adequacy Decisions: We transfer data to countries that have been deemed to provide an adequate level of protection by the European Commission.
• Privacy Shield: While the EU-US Privacy Shield is no longer valid for transfers from the EU, we may still comply with its principles as an additional safeguard.

By using our Service, you consent to the transfer of your personal data to countries outside your country of residence, including countries that may have different data protection rules than those in your country.

YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal data. These may include:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can request that we correct inaccurate or incomplete personal data.
• Right to Erasure: You can request that we delete your personal data in certain circumstances.
• Right to Restrict Processing: You can request that we restrict the processing of your personal data in certain circumstances.
• Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You can object to our processing of your personal data in certain circumstances.
• Right to Withdraw Consent: You can withdraw your consent at any time where we rely on consent to process your personal data.
• Right to Lodge a Complaint: You can lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable law.

AI Twin-Specific Rights: In addition to the above rights, you have specific rights regarding your AI twin:

• Right to Reset: You can request a complete reset of your AI twin, which will delete the existing model and start fresh.
• Right to Explanation: You can request an explanation of how your AI twin makes specific recommendations or decisions.
• Right to Control Sharing: You have full control over whether and how your AI twin's insights are shared with others.

To exercise any of these rights, please contact us at privacy@copymind.me. We will respond to your request within 30 days.

CALIFORNIA PRIVACY RIGHTS

The California Consumer Privacy Act of 2018 ("CCPA") provides California residents with additional rights to know, delete and opt-out, and requires us to disclose what personal information we have collected, used, and shared over the last 12 months.

Under CCPA you as a California resident have the following rights:

• Right to Know: You have the right to request that we disclose to you the personal information we collect, use, or disclose.
• Right to Delete: You have the right to request that we delete your personal information that we have collected from you.
• Right to Opt-Out: You have the right to opt out of the sale of your personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights. We will not deny you our services, charge you different prices, or provide you a lower quality of services if you exercise your rights under the CCPA.

You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.

California's "Shine the Light" law gives California residents the right to ask companies once a year what personal information they share with third parties for those third parties' direct marketing purposes.

VIRGINIA PRIVACY RIGHTS

If you reside in the Commonwealth of Virginia, you have certain rights under the Virginia Consumer Data Privacy Act (VCDPA).

VCDPA provides Virginia residents with these data rights:

• Opt out of the Processing of your Personal Data for Targeted Advertising: You can opt out by emailing us at privacy@copymind.me.
• Confirm whether your Personal Data is being Processed: You can confirm this by emailing us at privacy@copymind.me.
• Appeal a Case with regard to your request: If we decline to take action on your data rights request or have rejected your request, you may contact us at privacy@copymind.me to initiate an appeal of this decision.

If your appeal is denied, you may contact the Office of the Virginia Attorney General via the contact details available at www.virginia.gov/agencies/office-of-the-attorney-general.

CHILDREN'S PRIVACY

Our Service is not directed to children under the age of 16, and we do not knowingly collect personal data from children under 16. If we learn that we have collected personal data from a child under 16, we will take steps to delete that information as soon as possible.

If you are a parent or guardian and believe that your child has provided us with personal data without your consent, please contact us at privacy@copymind.me.

COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies (such as web beacons and pixels) to collect information about your browsing activities and to distinguish you from other users of our Service. This helps us provide you with a good experience when you browse our Service and allows us to improve our Service.

We use the following types of cookies:

• Essential Cookies: These are necessary for the operation of our Service and cannot be disabled.
• Analytical/Performance Cookies: These allow us to recognize and count the number of visitors and see how visitors move around our Service.
• Functionality Cookies: These are used to recognize you when you return to our Service and to remember your preferences.
• Targeting Cookies: These record your visit to our Service, the pages you have visited, and the links you have followed to deliver more relevant advertisements.

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our Service may become inaccessible or not function properly.

HOW "DO NOT TRACK" REQUESTS ARE HANDLED

Except as otherwise stipulated in this Privacy Policy, this Website does not support "Do Not Track" requests. To determine whether any of the third-party services it uses honor the "Do Not Track" requests, please read their privacy policies.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the "Last updated" date displayed at the top of this Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about our collection, processing, and sharing of your personal data.