Your trust matters

Privacy Policy

We are committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, and safeguard your information when you use our mental health services.

Introduction

At MyMind, we are committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, and safeguard your information when you use our mental health services. By accessing or using our platform, you agree to the terms outlined in this policy.

🔒 We never sell your personal information. Your mental health journey is private, and we treat it with the highest ethical and legal standards.

Information We Collect

Personal Information

  • Name, email address, and contact information
  • Date of birth and demographic information
  • Insurance information and payment details

Health Information

  • Mental health assessments and session notes
  • Session notes and treatment plans
  • Communication with healthcare providers
  • Technical data such as device information and usage patterns (anonymized where possible)

How We Use Your Information

  • Providing mental health services and treatment coordination
  • Connecting you with appropriate healthcare providers
  • Tracking your progress and treatment outcomes to improve care
  • Improving our services and developing new features based on aggregated insights
  • Complying with legal and regulatory requirements
  • Billing and payment processing (securely via third-party processors)

HIPAA Compliance

We are fully compliant with the Health Insurance Portability and Accountability Act (HIPAA). Your protected health information (PHI) is handled with the highest level of security and confidentiality. We will never share your health information without your explicit consent, except as required by law (e.g., mandated reporting for risk of harm, court orders). All employees and contractors undergo annual HIPAA training, and we maintain strict access controls to your data.

Data Security

We implement industry-standard security measures to protect your information:

  • End-to-end encryption for all data transmission (TLS)
  • Secure data storage with AES-256 encryption and regular backups
  • Multi-factor authentication for account access and administrative panels
  • Strict role-based access and activity logging

In the unlikely event of a data breach, we will notify affected users within 72 hours as required by law and provide guidance on protective measures.

Data Retention

We retain your personal and health information only for as long as necessary to provide our services and comply with applicable legal obligations. The following retention periods apply:

  • Account & Profile Data: Retained for the duration of your active account, plus up to 30 days after account deletion to allow for recovery requests.
  • Health & Session Records: Retained for a minimum of 7 years following your last session, as required by healthcare regulations and applicable law.
  • Billing & Payment Records: Retained for 7 years in accordance with financial and tax regulations.
  • Usage & Analytics Data (anonymized): Retained for up to 2 years to improve our services.
  • Communications (e.g., support emails): Retained for up to 3 years for quality and compliance purposes.

After the applicable retention period, data is securely deleted or anonymized so it can no longer be linked to you. You may request early deletion of non-essential data by contacting our Privacy Officer (subject to legal retention obligations).

Your Privacy Rights

  • Access & Copy: You can request a copy of your health records at any time.
  • Correction: You may ask us to correct inaccurate or incomplete information.
  • Deletion: You can request deletion of non-essential records (subject to legal retention requirements).
  • Restriction: You may request restrictions on how we use or disclose your information.
  • Portability: You can receive a machine-readable copy of your data to transfer to another provider.

Cookies & Tracking Technologies

We use strictly necessary cookies to operate the platform (e.g., authentication, session management). Optional analytics cookies are used only with your consent to improve user experience. We do not use third-party advertising cookies or trackers. You can manage cookie preferences in your browser settings or via our cookie consent banner.

Contact Us

If you have any questions about this Privacy Policy, how we handle your information, or wish to submit a data request, please contact our Privacy Officer:

  • Email: hello@mymindmymind.com

Last updated: June 12, 2026