All is Mind
LoginSign Up

Privacy Policy

Last updated: January 2025

1. Introduction

At All is Mind, we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our platform. By using our services, you agree to the collection and use of information in accordance with this policy. This policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable.

2. Data Controller

All is Mind is the data controller responsible for processing your personal data. For questions about this policy or your personal data, you can contact us at:

Email: allismindapp@gmail.com

As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring compliance with data protection laws.

3. Information We Collect

We collect the following categories of personal information:

Account and Identity Information

Name, email address, phone number, date of birth, profile photo

Profile Information

Bio, service descriptions, professional qualifications, categories, availability schedules

Transaction Information

Booking history, payment details, transaction records, billing information

Communication Data

Messages exchanged with practitioners, booking-related communications, support requests

Usage Data

How you interact with our platform, pages visited, features used, session duration, device information, IP address

Technical Data

Browser type, operating system, device identifiers, connection information

Meeting Data

Meeting recordings (if authorized), meeting metadata, attendance records

We may process special categories of personal data (such as health-related information shared during sessions) only with your explicit consent and for the purpose of providing services through our platform.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: To fulfill our contractual obligations when you use our services
  • Legitimate Interests: To improve our services, ensure platform security, and prevent fraud
  • Consent: When you explicitly consent to specific processing activities (e.g., marketing communications)
  • Legal Obligation: To comply with legal requirements (e.g., tax, accounting, or regulatory obligations)
  • Vital Interests: To protect your or others' vital interests in emergency situations

5. How We Use Your Information

We use your personal information for the following purposes:

  • To provide and maintain our platform services, including booking management and online meetings
  • To process transactions, manage payments, and handle refunds
  • To facilitate communication between clients and practitioners
  • To send you service-related notifications, booking confirmations, and important updates
  • To ensure platform security, prevent fraud, and detect unauthorized access
  • To improve our services, develop new features, and conduct analytics
  • To comply with legal obligations and respond to legal requests
  • To provide customer support and respond to your inquiries

We will only send you marketing communications if you have consented. You can opt-out at any time through your account settings or by contacting us.

6. Information Sharing and Disclosure

We do not sell your personal information. We may share your data with:

Practitioners

We share necessary booking and contact information with practitioners to facilitate service delivery

Service Providers

Third-party service providers who assist our operations, including payment processors (Stripe), meeting platforms (Zoom), cloud hosting providers, and analytics services. These providers are contractually bound to protect your data.

Legal Requirements

When required by law, court order, or government regulation, or to protect our rights and the safety of our users

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction

We do not share your personal data with third parties for their marketing purposes without your explicit consent.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Account data: Retained while your account is active and for 3 years after account closure for legal and accounting purposes
  • Transaction data: Retained for 7 years as required by tax and accounting regulations
  • Communication data: Retained for 2 years after the last communication
  • Meeting data: Retained only if explicitly authorized, and deleted according to your preferences

You can request deletion of your data at any time. We will delete or anonymize your data unless we are required to retain it by law.

8. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions recognizing the recipient country's data protection standards
  • Other legally recognized transfer mechanisms

You have the right to obtain information about the safeguards we use for international transfers by contacting us.

9. Your Rights

Under applicable data protection laws, you have the following rights:

Right of Access

You can request a copy of the personal data we hold about you

Right to Rectification

You can request correction of inaccurate or incomplete data

Right to Erasure

You can request deletion of your personal data in certain circumstances

Right to Restrict Processing

You can request that we limit how we use your data

Right to Data Portability

You can request your data in a structured, machine-readable format

Right to Object

You can object to processing based on legitimate interests or for marketing purposes

Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time

Right to Lodge a Complaint

You can file a complaint with your local data protection authority

To exercise these rights, contact us at allismindapp@gmail.com. We will respond within one month.

10. Children's Privacy

Our platform is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately. If we discover we have collected data from a child without parental consent, we will delete it promptly.

11. Data Security

We implement comprehensive security measures to protect your personal data:

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms
  • Regular backups and disaster recovery procedures

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

12. Data Breach Notification

In the event of a data breach that may affect your rights and freedoms, we will:

  • Notify the relevant data protection authority within 72 hours of becoming aware of the breach
  • Notify affected users without undue delay if the breach poses a high risk to their rights
  • Provide clear information about the nature of the breach and recommended protective measures

13. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Cookies help us:

  • Remember your preferences and login status
  • Analyze platform usage and improve functionality
  • Provide personalized content and recommendations
  • Ensure platform security

For detailed information about our cookie usage, please see our Cookie Policy.

14. Third-Party Services

Our platform integrates with third-party services that may collect and process your data:

Payment Processors (Stripe)

Payment information is processed by Stripe. Please review Stripe's privacy policy for details on how they handle your payment data.

Meeting Platforms (Zoom)

Online meetings are conducted through Zoom. Zoom may collect meeting data according to their privacy policy.

Cloud Hosting (Supabase)

Our platform is hosted on Supabase, which processes and stores your data according to their security standards.

These third-party services have their own privacy policies. We encourage you to review them.

15. Automated Decision-Making and Profiling

We may use automated processing to:

  • Match clients with relevant practitioners based on preferences and categories
  • Detect fraudulent activities and security threats
  • Provide personalized recommendations

You have the right not to be subject to decisions based solely on automated processing that significantly affect you, unless such processing is necessary for contract performance or you have given explicit consent.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will:

  • Notify you of significant changes via email or platform notification
  • Update the "Last updated" date at the top of this policy
  • Obtain your consent for material changes where required by law

We encourage you to review this policy periodically to stay informed about how we protect your data.

17. Contact Us and Data Protection Officer

For questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us:

Email: allismindapp@gmail.com

For data protection requests (access, deletion, etc.), please include sufficient information to verify your identity. We will respond within one month of receiving your request.

You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data in accordance with applicable law.