LiftMind
Privacy Policy
Stateless Architecture & Volatile Memory Protocol
Last Updated: December 2025
True Anonymity (Stateless)
We do not know who you are. LiftMind is designed to be "Stateless." We do not require (and do not collect) your email address, phone number, real name, or government ID. This ensures you can track your data honestly without fear of judgment or exposure.
1. The "Split-Brain" Data Model
To balance privacy with utility, we operate on a "Split-Brain" model. We store your long-term data for analysis, but we treat your live AI conversations as ephemeral.
Volatile Chat (RAM Only)
We do not save your chats to a database.
- Client-Side Existence: Your conversation with the AI exists exclusively in your browser's active window (RAM).
- The "Refresh" Rule: If you refresh the page, close the tab, or log out, the conversation is permanently deleted. We have no backups to restore it.
- Transient Pipes: Our servers act as a "pipe," not a "bucket." Text passes through for processing and is immediately discarded.
2. Information We Store
Purpose of Collection: We collect and store specific data points solely to enable you to track your progress and to allow the AI to detect behavioral patterns over time. Without this historical data, the system cannot provide personalized insights.
The following data is written to our database:
- Journal Entries: Daily text notes and relapse analysis logs used to identify triggers.
- Metrics: Numerical data (Mood scores 1-5, Streak counts, Expenses) used to generate charts and trend lines.
- Goals: Your user-defined goals and task lists.
- Account Credentials: Your Username and a securely hashed version of your password.
3. Information We Do NOT Collect
- Personally Identifiable Information (PII): We do not store names, emails, or phone numbers.
- Chat Logs: As stated above, these are volatile.
4. Data Processing & AI (Third Parties)
We utilize the Google Gemini API to provide the "AI Strategist" features.
How Data is Processed
To provide personalized recovery insights, we must temporarily share specific context with the AI provider:
- Contextual Retrieval: When you send a message, our system temporarily retrieves your recent metrics (Mood, Streaks, Notes) and bundles them with your prompt.
- Why We Do This: This allows the AI to "remember" your past week (e.g., "You reported low mood yesterday") and offer relevant advice based on your actual patterns, rather than generic platitudes.
- Anonymized Transmission: This data bundle is sent to Google's API without any user identifiers (IPs or Usernames are stripped before sending).
- Enterprise Guarantee: We use the paid Enterprise tier of Gemini. Google is contractually prohibited from using your data to train their public AI models.
5. Infrastructure & Security
- IP Addresses: We log IP addresses strictly for security and rate-limiting (preventing DDoS attacks). We do not link IPs to real-world identities, nor do we use them for "account recovery" (as we have no way to verify you).
- Recovery Keys: You are provided a Recovery Key upon sign-up. We do not store a copy of this key. If you lose it, your data is mathematically inaccessible, even to us.
6. Payments
We use third-party processors. We do not store your full credit card details.
- Stripe: For credit card transactions. Stripe may collect your email for billing receipts, but this is stored on their servers, not ours.
- Crypto (Monero/Bitcoin): For maximum privacy, we accept cryptocurrency. These transactions are public on the blockchain (except Monero) but are not linked to a personal identity in our system.
7. Your Rights & Deletion
Because we do not collect emails, we cannot verify "Data Subject Access Requests" via email. You control your data directly:
- Export: You may copy/paste your journal logs at any time.
- Delete: You can permanently delete your account via the Settings page. This wipes your database row instantly. This action is irreversible.