Privacy Policy

Effective: April 4, 2026 · Last updated: April 8, 2026

1. Who we are

tellmint is operated by:

Klarfels
Inhaber: Dusko Susa
Amselweg 11, 37441 Bad Sachsa, Germany
Email: ...

We are the data controller for all personal data processed through the tellmint Android app and the tellmint.com website.

2. What we store

tellmint stores the data needed to make the product work. Depending on which features you use, this can include:

• Account data: your account identifier, email address if you link or sign in to an account, and a nickname/display name if you provide one or we use your sign-in name to fill it in
• Journal content: voice note transcripts, titles, summaries, tags, domains, importance ratings, due dates, reminder settings, and recurrence rules
• AI-generated data: emotion labels, AI commentary, theme words, Mint Memory items, AI profile summaries, semantic embeddings (vector representations used for search), and related structured metadata
• Chat data: Mint Chat prompts and replies in your current app session, plus cited entry references and any entries or memories the chat creates or updates for you
• Audio files: stored locally on your device for playback and review. Audio is sent to our server for transcription and then discarded from the server.
• Profile information: optional nickname, age, city, interests, important people, important places, and about-me text that you choose to provide for a more personalized experience
• Settings and preferences: consent settings, timezone, language, notification preferences, theme, and app settings
• Subscription and billing data: your plan (free, Pro, or Max), recording top-up credit balance with expiry dates, and subscription lifecycle events (purchase, renewal, cancellation, expiration)
• Diagnostics: crash reports, performance telemetry, and product usage signals such as screen opens, recording counts, durations, widget launches, and notification interactions. These signals are linked to your account (pseudonymous, not anonymous) so we can diagnose issues per user.
• Server-side operational data: usage counters (recordings per month, chat messages per month), AI processing metadata (model used, latency, token counts), rate-limit counters, and abuse-detection logs. These are linked to your account for security and quota enforcement.
• Subscription history: a log of subscription events (purchase, renewal, cancellation, expiration) and credit transactions (top-up purchases, usage) for billing accuracy and dispute resolution.
• Feedback: if you submit feedback through the app, we store your message, optional screenshot, category, rating, the screen you were on, and device information (app version, build number, OS version, device model, locale).
• Search queries: recent search terms are stored locally on your device for convenience. Search queries are also sent to our server for semantic search processing.

3. Why we process it

We process your journal data to provide the service you asked for: transcribing recordings, organizing thoughts and tasks, syncing your account, powering search, reminders, exports, Pattern Sky, Mint Memory, and Mint Chat.

Our legal bases under GDPR are:

• Contract performance (Art. 6(1)(b)): processing your journal data, managing your subscription, and providing the features you use.
• Legitimate interests (Art. 6(1)(f)): crash reports, performance telemetry, and security monitoring to keep the app stable, secure, and fast.
• Consent (Art. 6(1)(a)): analytics and marketing are processed only if you opt in. You can withdraw consent at any time in Settings.

4. Where your data is stored and processed

tellmint stores app data in Firebase/Firestore and Cloud Functions in europe-west1 (Belgium). That includes your entries, tags, domains, emotions, memories, settings, and exports.

Mint Chat conversation history is kept in the app session so the assistant can respond coherently. When you send a chat request, the current prompt, recent chat context, and relevant journal content are processed through our backend and AI providers to generate the reply.

tellmint uses Google-managed infrastructure. All data is encrypted in transit with HTTPS/TLS and at rest with server-side encryption on Google Cloud.

Mint Chat may use Vertex AI Global endpoints for reliability. That means prompts, chat context, and selected journal content sent to Mint Chat may be processed outside the EU. We call this out because region-locked EU processing is not guaranteed for that path.

5. Who can access your journal data

Your journal data is intended for you and the automated systems that run tellmint.

We do not routinely read your entries. We do not use human review as part of normal product operation. Limited human access may happen only when it is necessary for support, security, abuse prevention, maintenance, or legal compliance, and we try to keep that access restricted and logged.

6. AI providers and model training

We never use your journal content to train AI models.

When tellmint sends content to AI providers to transcribe audio, generate embeddings for search, or answer Mint Chat requests, that content is used only to provide the feature you asked for. We do not sell your content, and we do not give third parties permission to train on your journal content on our behalf.

tellmint uses AI to automatically classify entries (thought vs. task), assign emotion labels, extract tags and domains, and determine importance. This automated processing helps organize your journal but has no legal or similarly significant effects on you.

7. Third-party services that process your data

We use the following services to operate tellmint. Each processes personal data only as needed to provide their part of the service:

Service	What they process	Location
Google Cloud / Firebase	Firebase Authentication + Google Sign-In / email-link sign-in: account login and identity Cloud Firestore: journal data storage Cloud Functions: server-side AI processing Firebase Storage: feedback screenshots Firebase Crashlytics: crash reports (opt-out) Firebase Performance: speed diagnostics (opt-out) Firebase Analytics: usage analytics (opt-in only) Firebase App Check: app authenticity verification Cloud Logging: server-side operational logs	EU (Belgium)
Google Vertex AI	Audio transcription, entry structuring, emotion detection, semantic embeddings, memory extraction, chat responses	EU primary, Global fallback
OpenRouter	Chat AI responses (fallback when Vertex AI is unavailable)	US (zero data retention policy)
RevenueCat	Subscription management, purchase receipt validation, entitlement tracking. RevenueCat automatically collects device identifiers, purchase history, and subscriber status.	US
Google Play Billing	Payment processing for subscriptions and in-app purchases	Google infrastructure

8. International data transfers

Most tellmint app data is stored in EU servers (Belgium). Some processing may involve international transfers:

• Mint Chat: may use Vertex AI Global endpoints (processing outside the EU).
• OpenRouter: US-based, with a zero data retention policy for API requests.
• RevenueCat: US-based, for subscription management.

Where data is transferred outside the EU/EEA, we rely on:

• the EU-US Data Privacy Framework adequacy decision (for Google and eligible US providers), and
• Standard Contractual Clauses (SCCs) approved by the European Commission.

9. Data retention

• Journal entries, memories, and profile data: stored until you delete them or delete your account.
• Deleted entries: soft-deleted for 14 days (recoverable), then permanently removed.
• Recording top-up credits: expire 12 months after purchase.
• Mint Chat session history: stays in the app until you clear the conversation, sign out, or delete the app. Chat messages are not stored on our servers after the response is generated.
• Crash reports: retained per Firebase Crashlytics defaults (typically 90 days).
• Performance telemetry: retained per Firebase Performance Monitoring defaults.
• Subscription event history: retained for billing and tax compliance purposes as required by law.
• Feedback submissions: retained until manually reviewed and resolved.

10. Android permissions

tellmint requests the following device permissions, each for a specific purpose:

• Microphone (RECORD_AUDIO): required to record voice notes. Without this, the core capture feature cannot work.
• Notifications (POST_NOTIFICATIONS): optional, used for reminders, daily/weekly digests, and task alerts.
• Exact alarms (SCHEDULE_EXACT_ALARM): used so timed reminders fire at the exact time you set, not minutes late.
• Media/storage access: used to read and save local audio files. On older Android versions (12 and below), this uses broader storage permissions; on newer versions, it uses scoped media access.
• Boot completed: restores your scheduled reminders after a device restart.

11. Just-in-time notices

Before you record for the first time, tellmint shows a notice that recordings are transcribed and stored securely on encrypted EU servers. Consent prompts and settings explain the difference between optional analytics and default crash/performance diagnostics.

12. Website analytics, cookies, and fonts

The tellmint website uses Google Analytics only after you accept the cookie banner. If you decline, we do not load Google Analytics. Your cookie consent choice is stored locally in your browser.

The website loads fonts from Google Fonts (fonts.googleapis.com). This means your browser sends a standard web request to Google's servers, which includes your IP address. This is a common practice; if you prefer to avoid it, most browsers support blocking third-party font loading.

13. Your rights under GDPR

As a user in the EU, you have the following rights:

• Access (Art. 15): request a copy of your personal data. You can export your data in the app via Settings → Export My Data.
• Rectification (Art. 16): correct inaccurate data. You can edit your entries and profile directly in the app.
• Erasure (Art. 17): delete your data. You can delete your account via Settings → Delete Account, which permanently removes all your data from our servers.
• Restriction (Art. 18): request that we limit how we process your data in certain circumstances.
• Data portability (Art. 20): receive your data in a structured format. The export feature provides JSON and CSV formats.
• Object (Art. 21): object to certain processing based on legitimate interests.
• Withdraw consent: for analytics and marketing, you can withdraw consent at any time in Settings → Analytics & Improvements.
• Diagnostics opt-out: turn off crash reports and performance diagnostics in Settings → Crash Reports & Speed Diagnostics.

To exercise any right, contact us at ... or use the in-app features listed above.

14. Right to complain

If you believe we are not handling your data correctly, you have the right to lodge a complaint with a data protection supervisory authority. The relevant authority for our business is:

Die Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5, 30159 Hannover, Germany
Website: lfd.niedersachsen.de

You may also contact any other EU supervisory authority.

15. Children

tellmint is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe a child under 16 has provided us with personal data, please contact us and we will delete it.

16. Changes to this policy

If we make material changes to this policy, we will update the "Last updated" date at the top and, where practical, notify you through an in-app notice. We encourage you to review this policy periodically.

17. Contact

If you have privacy questions or want to exercise your rights:

Email: ...
Support: tellmint.com/support
Impressum: tellmint.com/impressum