What we hold, and what we do with it

We want Mimso AI to be useful without being creepy. This page is the plain-English version of what that looks like.

What we hold

• Your account: the email you sign up with, a hashed password (we can't read it), the date you joined, and the date you last signed in.
• Your chats: the messages you send and the replies, kept on our server so you can come back to them.
• Files you upload: stored on our server so chats and the code sandbox can use them. They sit in a folder linked only to your account.
• A session cookie: one cookie called cc_uid so we know it's you on the next request. No tracking cookies, no analytics cookies.

That's the lot.

What we don't do

• We don't sell your data.
• We don't use your chats to train any model.
• We don't share your details with advertisers.
• We don't read your chats unless we genuinely have to (an outage, an abuse report, a law enforcement request).

How chats get answered

To reply to you, the relevant chat turns are sent to the language model that's answering. That model may be hosted by a third party. They process the request to produce a reply and then it comes back to you through Mimso AI. We try to send the minimum needed.

If you turn on web search or the code sandbox for a turn, that turn's data is also passed to the search provider or run in our isolated container.

How long we keep it

• Chats and files: until you delete them, or until you delete your account.
• Account row: until you delete the account.
• Logs: we keep brief technical logs (errors, request rates) for a few weeks so we can fix things. They don't include chat contents.

Your controls

Open Settings → Data inside the app:

• Export: downloads a JSON file with your account row and every chat you have.
• Delete all chats: wipes every conversation and every file you uploaded. Account stays.
• Delete account: wipes the account row, all chats, and all uploaded files. Cannot be undone.

Security

Passwords are hashed with bcrypt before they hit the database; we never see the plain text. The server is the only thing that can decrypt your session cookie. We patch the stack regularly. If we spot something has gone wrong with your account or your data, we'll tell you.

Children

Mimso AI isn't for under-13s. If you're a parent and you think your child has signed up, get in touch and we'll close the account.

If you're in the UK or EU

You have the right to ask us what we hold, to correct it, to delete it, or to take a copy of it. The fastest route is Settings → Data. If something there doesn't do what you need, email us and we'll sort it. You also have the right to complain to your local data protection authority.

Changes to this page

If we change anything material, we'll say so on this page and bump the "Updated" date at the top. If a change really matters we'll also flag it inside the app.

No spin, no dark patterns. If something feels off, please tell us.