PastMinds
Back to Home

Privacy Policy

Last updated: 9/2/2025

1. Introduction

Welcome to PastMinds ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered historical conversation platform.

2. Information We Collect

Personal Information

  • Account Information: Email address, name, and password when you create an account
  • Payment Information: Billing details processed securely through Stripe (we do not store payment card details)
  • Profile Information: Any additional information you choose to add to your profile

Usage Information

  • Conversation Data: Messages you send to historical AI personalities and their responses
  • Usage Analytics: Information about how you use our service, including features accessed and time spent
  • Technical Data: IP address, browser type, device information, and usage patterns

3. How We Use Your Information

Purposes and Legal Basis

Service Provision (Contractual Necessity)

To provide, maintain, and improve our AI conversation platform, manage your account, and process payments.

Legitimate Interests

To personalize your experience, analyze usage patterns for service improvement, ensure security, and prevent fraud.

Consent

To send promotional communications, use cookies for analytics, and any other processing requiring explicit consent.

Legal Compliance

To comply with legal obligations, respond to legal requests, and protect our rights and users' safety.

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party providers (like Stripe for payments, OpenRouter for AI services) who assist in operating our service
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Safety and Rights: To protect the rights, property, or safety of PastMinds, our users, or others

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes:

  • Encryption of data in transit and at rest
  • Secure authentication systems
  • Regular security assessments
  • Limited access to personal information on a need-to-know basis

6. Your Rights and Choices

For All Users

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate personal information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Opt-out: Unsubscribe from marketing communications
  • Account Deletion: Delete your account and associated data

For EU Residents (GDPR Rights)

If you are a resident of the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Object: Object to processing of your personal data for direct marketing or legitimate interests
  • Right to Restrict Processing: Request restriction of processing in certain circumstances
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority
  • Automated Decision Making: Right not to be subject to automated decision-making, including profiling

Legal Basis for Processing: We process your data based on legitimate interests (service provision), contractual necessity (account management), and consent (marketing communications).

For California Residents (CCPA Rights)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Know what personal information is collected, used, shared, or sold
  • Right to Delete: Request deletion of personal information we have collected
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising your privacy rights
  • Right to Correct: Request correction of inaccurate personal information

Categories of Information: We collect identifiers, commercial information, internet activity, and inferences as described in Section 2.

Exercising Your Rights

To exercise any of these rights, please contact us at privacy@pastminds.chat. We will respond to your request within 30 days (or as required by applicable law).

We may need to verify your identity before processing your request. For account holders, we may verify through your existing authentication. For non-account holders, we may request additional information to verify your identity.

7. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and provide personalized content. You have control over these technologies:

Types of Cookies We Use

  • Essential Cookies: Required for basic site functionality (cannot be disabled)
  • Performance Cookies: Help us understand how visitors interact with our site
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used to deliver relevant advertisements (requires consent)

Your Cookie Choices

  • Browser Settings: Control cookies through your browser preferences
  • Opt-Out Tools: Use industry opt-out tools for advertising cookies
  • Cookie Consent: Manage preferences through our cookie consent banner

For more details, see our Cookie Policy.

8. Children's Privacy

Our service is not intended for children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children under these ages.

Age Verification and Protection

  • Account Creation: Users must confirm they meet the minimum age requirement
  • Parental Consent: If we learn we have collected data from a child, we will delete it immediately
  • Educational Use: Schools and educators must obtain appropriate consent before allowing student access
  • Reporting: If you believe we have collected information from a child, contact us at privacy@pastminds.chat

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States and other countries where our service providers operate.

Safeguards for International Transfers

  • Adequacy Decisions: We transfer data to countries with adequate protection as determined by relevant authorities
  • Standard Contractual Clauses: We use EU Standard Contractual Clauses for transfers to countries without adequacy decisions
  • Service Provider Agreements: Our international service providers are bound by data protection obligations
  • Technical Safeguards: Encryption and security measures protect data during transfer and storage

For EU residents: A copy of the safeguards we have in place for international transfers is available upon request.

10. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

Specific Retention Periods

  • Account Information: Retained while your account is active and for 30 days after account deletion
  • Conversation Data: Retained while your account is active, deleted upon account deletion or upon request
  • Payment Information: Billing records retained for 7 years for tax and legal compliance
  • Usage Analytics: Aggregated and anonymized data may be retained indefinitely for service improvement
  • Support Communications: Retained for 3 years for quality assurance and legal compliance
  • Legal Hold: Data may be retained longer if required for legal proceedings or investigations

When data is no longer needed, we securely delete it using industry-standard data destruction methods.

11. Third-Party Services and Data Processing

We work with trusted third-party service providers who may process your data on our behalf:

Payment Processing

Stripe (US) - Payment processing with PCI DSS compliance

AI Services

OpenRouter (US) - AI model access with data processing agreements

Database Hosting

DigitalOcean (US) - Secure cloud database with encryption

Analytics

Internal analytics only - no third-party tracking

All service providers are required to maintain appropriate security and privacy standards and use your data only for the specified purposes.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

How We Notify You

  • Material Changes: Email notification to registered users and prominent notice on our website
  • Minor Updates: Updated "Last updated" date and notice on this page
  • Legal Requirements: Additional notifications as required by applicable law

Your continued use of our service after any changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@pastminds.chat

Website: Contact Form

Response Time: We respond to privacy requests within 30 days

Data Protection Officer: For EU-related inquiries, contact our DPO at dpo@pastminds.chat