Privacy Policy
Learn how we collect, use, and protect your personal information.
Last Updated: April 2026
Mindrose Team ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your personal information when you visit our website at mindrose.xyz (the "Site") or use our services. Please read this policy carefully.
1. Information We Collect
We may collect the following types of information: - Information you provide: When you submit an inquiry through our contact form, we collect your name, email address, company name, job title, and message content. - Automatically collected information: When you visit the Site, we automatically collect your IP address, browser type, operating system, access timestamps, and page view history through cookies and similar technologies. - Third-party analytics: We use Google Analytics to analyze Site traffic and user behavior. Google Analytics collects anonymized visit data via cookies.
2. Cookie Usage
Cookies are small text files stored on your device to enhance your browsing experience. We use the following types of cookies: - Essential Cookies: Required for the Site to function properly, such as the CSRF security token (csrf_token), which expires after 24 hours. - Analytics Cookies: Set by Google Analytics (_ga, _ga_*), used for visit statistics and user behavior analysis, retained for up to 2 years. - Preference Cookies: Used to remember your language and theme preferences. You can manage or disable cookies through your browser settings. Note that disabling certain cookies may affect Site functionality.
3. How We Use Your Information
We use the collected information to: - Respond to your inquiries and provide requested service information. - Improve and optimize the Site's content, functionality, and user experience. - Analyze traffic trends and understand what content interests our visitors. - Maintain Site security and prevent fraud and abuse. - Comply with legal obligations and respond to regulatory requirements.
4. Data Storage & Retention
Information submitted through our contact form is stored in a Notion database (cloud service provided by Notion). We retain your personal information based on business needs and legal requirements: - Inquiry records: Retained for 3 years from the last contact. - Analytics data: Google Analytics data retained for 26 months. - CSRF tokens: Automatically expire after 24 hours.
5. Third-Party Services & Data Sharing
We share your information with third parties only as follows: - Service Providers: We use Notion (data storage), Google Analytics (website analytics), and Vercel (website hosting). These providers may process your data on their servers. - Legal Requirements: We may disclose your information if required by law, regulation, or governmental request. - Business Transfers: In the event of a merger, acquisition, or asset sale, your information may be transferred as a business asset. We do not sell your personal information to any third party.
6. Your Rights
Under applicable data protection laws, you have the following rights: - Right of Access: You may request a copy of the personal information we hold about you. - Right to Rectification: You may ask us to correct inaccurate or incomplete information. - Right to Erasure: Under certain circumstances, you may request deletion of your information ("right to be forgotten"). - Right to Restrict Processing: You may ask us to limit how we process your information. - Right to Data Portability: You may request your data in a structured, commonly used format. To exercise these rights, contact us using the details below. We will respond within 30 days.
7. Data Security
We implement reasonable technical and organizational measures to protect your personal information: - All data is transmitted over HTTPS encryption. - CSRF tokens prevent cross-site request forgery attacks. - Access to personal information is restricted to authorized personnel only. - We regularly review our security practices. Please note that no method of transmission over the Internet or electronic storage is 100% secure.
8. Children's Privacy
The Site and our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and discover that your child has provided us with personal information, please contact us and we will promptly delete the relevant data.
9. Policy Updates
We may update this Privacy Policy from time to time. The updated version will be posted on this page with the revision date at the top. Material changes will be communicated through Site announcements or email notifications. We encourage you to review this page periodically.
10. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at: - Email: hello@mindrose.xyz - Contact Form: https://www.mindrose.xyz/en/about#contact-form