Legal
Privacy Policy
Last updated: July 2, 2026
1. Introduction
This Privacy Policy explains how ABDEL PRIME LLC (“we”, “us”, “our”) collects, uses, and protects information when you use the Mentalis mobile application (the “App”) and the website mentalisapp.com (together, the “Services”).
Mentalis is built privacy-first. Three commitments shape everything below: we do not sell personal data, we do not show ads, and we do not read your private content (messages, passwords, keystrokes, or screen contents).
2. Information we collect
Account information
When you create a Mentalis account we collect your email address and a password (stored by our authentication provider in hashed form — we never see or store your plain-text password), along with basic account metadata such as your chosen display name and language preference (English or French).
Wellness and app activity data
To make the App work, we store the data you create in it: your routines and their completion state, guided-pause (intervention) sessions and their outcomes, wake/sleep time preferences, reminder settings, and consistency information such as your Discipline Score inputs. This data exists to show you your own patterns — it is never used for advertising or profiling.
Journal and reflection data
Reflections and journal entries you write are stored so they can be shown back to you across your devices. They are treated as the most sensitive data in Mentalis: they are never sold, never used for advertising, and never shared with third parties for their own purposes.
Protection and focus settings
If you enable the optional focus-protection features, we store your protection rules (which apps you chose to protect, and during which hours). If you grant the Android accessibility permission, it is used only to detect that an app you chose to protect is being opened so a mindful pause can be shown first. The permission is configured so the system does not share window content with Mentalis — the App does not read messages, passwords, keystrokes, or on-screen content, and does not take screenshots. Protection is off by default and can be disabled by you at any time.
Diagnostics and crash reports
To keep Mentalis reliable, the App can send crash reports and technical error diagnostics. These reports are configured privacy-first: they exclude personal identifiers and are scrubbed before leaving the device so that journal text, reflections, emails, and authentication tokens are never included. Diagnostic data is limited to technical context such as app version, device model, operating-system version, and the error itself.
3. How we use information
- To provide, operate, and personalize the App’s features;
- To sync your data across sign-ins on your devices;
- To send transactional emails (such as email verification for your account);
- To diagnose crashes and improve reliability;
- To process Premium subscriptions through the app-store billing systems, when enabled;
- To respond to support requests you send us;
- To meet legal, security, and fraud-prevention obligations.
We do not use your information for third-party advertising, and we do not sell or rent personal data to anyone.
4. Service providers
Mentalis relies on a small number of infrastructure providers that process data on our behalf, under their own security and privacy commitments:
- Supabase — authentication and database hosting for your account and app data.
- Sentry — privacy-first crash reporting and error diagnostics, as described above.
- Resend — delivery of transactional emails, such as account verification messages.
- RevenueCat and Google Play Billing (and Apple’s App Store billing, once Mentalis launches on iOS) — subscription management and payment processing when Premium subscriptions are enabled. Payment card details are handled by the app stores; we never see or store your card number.
We also use an AI service to power the optional AI Discipline Guide. Requests to it are made through our own backend, contain only the limited context needed to generate a supportive response, and are not used to build advertising profiles.
5. Data retention
We keep your information for as long as your account is active. Diagnostic data is retained only as long as needed to investigate and fix issues. When data is no longer needed, it is deleted or anonymized.
6. Account deletion
You can request deletion of your Mentalis account and associated app data at any time by following the steps on our Delete account page, or by emailing support@mentalisapp.com with the subject “Mentalis account deletion request”. Account data is deleted or anonymized unless limited retention is required for legal, security, fraud-prevention, or compliance reasons.
7. Your rights
Depending on where you live, you may have rights to access, correct, export, restrict, or delete your personal data, and to object to certain processing. You can exercise these rights by contacting support@mentalisapp.com. We will respond to verified requests within a reasonable timeframe and as required by applicable law.
8. Children
Mentalis is not directed at children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect personal data from them.
9. Changes to this policy
We may update this Privacy Policy as the Services evolve. Material changes will be reflected on this page with an updated “Last updated” date, and — where appropriate — highlighted in the App.
10. Contact
Privacy questions and requests: support@mentalisapp.com
Company contact: admin@mentalisapp.com
ABDEL PRIME LLC