Privacy Policy

This Privacy Policy explains what Ask a Mirror (askamirror.com) collects, why, and how it is protected. The Service is operated by Marcos Montero as an independent professional in Spain. The data controller is Marcos Montero; you can reach the controller at marcos.mon.rod@gmail.com.

1. The short version

• Your biography, reflections, and conversation logs are encrypted in your browser with a key derived from a passphrase only you know. They reach our database already encrypted.
• We cannot read your encrypted content. Not the operator, not Supabase, not anyone with database access. We do not have your passphrase.
• When you ask the AI a question or use voice input, the relevant text is sent (decrypted, in plaintext) to our subprocessors so they can process it. They do not store it for training, and we ask them to retain only what is operationally necessary.
• We do not run third-party analytics or advertising trackers. We use only the technical data our infrastructure providers need to operate the Service.

2. What we collect

2.1 Account data

• Your email address (from Google sign-in or magic-link sign-in).
• A Supabase user ID and authentication metadata.
• An encryption salt used together with your passphrase to derive your key.
• Timestamps of when you accepted these legal documents and which version.

2.2 Encrypted content (we cannot read this)

• Your biography document.
• Your cognitive-schemas document.
• Your raw conversation logs (questions, your answers, transcripts).
• Vector embeddings derived from your content for semantic search.

These are encrypted in your browser with AES-256-GCM using a key derived from your passphrase via PBKDF2. The plaintext never reaches our database.

2.3 Operational data

• HTTP request logs and minimal error logs from our hosting (Vercel) for security and debugging.
• Rate-limit counters keyed to your IP address.
• Payment metadata held by Stripe (we never see your card number).

3. How we use third-party providers

The following subprocessors process data on our behalf:

• Anthropic— receives the relevant excerpts of your biography, schemas, and conversation history (in plaintext) to generate the next question or reflection. Per Anthropic’s commercial terms at the time of writing, your inputs and outputs are not used to train their models.
• Deepgram— receives your voice recordings (in plaintext) to transcribe them into text. Per Deepgram’s terms, audio sent via the API is not used for training.
• Supabase— stores your account, your encryption salt, and your encrypted documents. Hosted on AWS infrastructure.
• Vercel— serves the website and runs the API routes that orchestrate calls to Anthropic and Deepgram.
• Stripe— processes payments. We receive only payment status and a customer reference; Stripe holds the card data under its own PCI-compliant systems.
• Google— only when you choose Google sign-in, Google verifies your identity and shares your email and basic profile claim with us.

We do not sell your personal data, and we do not share it with anyone except the subprocessors listed above to provide the Service to you.

4. Cookies and tracking

We use only the cookies our infrastructure requires: a Supabase authentication cookie and, where applicable, a Stripe checkout cookie. We do not run analytics, advertising, or fingerprinting trackers. Vercel and Stripe may set their own technical cookies as described in their privacy policies.

5. Legal basis (GDPR, where it applies)

Where the GDPR applies, we rely on the following legal bases: contract (to provide the Service you signed up for), legitimate interest (security, fraud prevention, basic operational logs), and consent (where you explicitly accept these documents). You can withdraw consent at any time by deleting your account.

6. Your rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data, to restrict or object to processing, and to lodge a complaint with a supervisory authority. To exercise these rights, contact marcos.mon.rod@gmail.com. Please note: because your encrypted content is unreadable to us, the strongest form of deletion we can offer is the irreversible removal of the ciphertext from our database.

7. Data retention

Your encrypted content stays in our database for as long as your account is active. When you delete your account, we delete your encrypted documents, your conversation logs, your encryption salt, and your profile. Operational logs (request logs, rate-limit counters) are retained for up to ninety days. Payment records held by Stripe are retained according to Stripe’s own retention rules and applicable tax law.

8. International transfers

Our subprocessors may process data outside the European Economic Area, including in the United States. Where required, transfers rely on the Standard Contractual Clauses or equivalent safeguards published by each subprocessor.

9. Security

We use end-to-end encryption for your sensitive content, TLS in transit, and access controls to our infrastructure. No system is perfectly secure, but the architecture is designed so that even a complete database leak would expose only ciphertext, not your actual content. The trade-off, as noted in the Terms, is that we cannot recover your passphrase if you lose it.

10. Children

The Service is not intended for individuals under the age of 18 and we do not knowingly collect data from children.

11. Changes to this policy

We may update this policy from time to time. Material changes will be communicated in the Service and require your acceptance before continued use.

12. Contact

For privacy questions, contact marcos.mon.rod@gmail.com.