Sign up
Mind Masters Lab logo Mind Masters Lab
Sign in

Privacy Policy

This policy explains how Mind Masters Lab collects, uses, stores, and protects personal information. We keep things simple, privacy-first, and focused on what’s needed to provide the service safely and reliably.

Last updated: January 2026

This is a general UK GDPR template. Please tailor it to your exact features, data flows, and providers before publishing.

1. Who we are

Mind Masters Lab (“we”, “us”, “our”) provides a subscription-based toolkit designed to help children aged 9–12 build calm, focus, and everyday habits through low-pressure, child-friendly tools.

For privacy enquiries, please contact us via the Support page.

2. What information we collect

We only collect what we need to run the service:

  • Account details: parent/guardian name (if provided), email address, password (stored securely via an authentication provider), and basic account settings.
  • Subscription and payment status: plan type, billing status, and transaction references (payment card details are handled by our payment provider and are not stored by us).
  • Usage and device data: basic logs to keep the service secure and working (e.g., IP address, device/browser type, approximate location, timestamps, error logs).
  • Support messages: information you choose to share when you contact us for help.
  • Optional tool entries: if your child uses in-app tools that save progress, the text they enter may be stored so it can be retrieved later (depending on the feature).

3. What we do not collect

We are designed to avoid unnecessary collection, especially for children:

  • No public profiles or public-facing usernames.
  • No marketing profiles built from children’s behaviour.
  • No selling of personal data.
  • No collection of payment card details (handled by the payment provider).
  • No deliberate collection of “special category” data (e.g., health information) unless you voluntarily share it in support messages.

4. Why we use your information (purposes)

  • To create and manage your account and provide access to subscriber features.
  • To process payments, manage subscriptions, and prevent fraud.
  • To save and restore progress (where a tool includes a save feature).
  • To provide customer support and respond to your questions.
  • To maintain security, debug issues, and improve reliability.
  • To send essential service communications (e.g., subscription confirmations, changes to terms).

5. Lawful bases (UK GDPR)

We rely on one or more of the following lawful bases to process personal data:

  • Contract: to provide the service you subscribe to (account, access, subscription features).
  • Legitimate interests: to keep the service secure, prevent misuse, and improve reliability (balanced against your rights).
  • Legal obligation: to comply with applicable laws and record-keeping requirements.
  • Consent: where required (e.g., non-essential cookies/analytics, if used).

6. Cookies and analytics

We may use cookies and similar technologies to keep the site working (for example, sign-in sessions and preferences). If we use non-essential cookies (such as analytics), we will provide appropriate notice and options to manage your choices.

If you add analytics tools later, update this section with the provider name, what is collected, how long it’s kept, and how users can opt out.

7. Who we share information with

We only share data with trusted providers where needed to run the service, for example:

  • Payment provider (to process subscriptions and payments).
  • Authentication and hosting providers (to run the site and keep it secure).
  • Email service provider (to send essential account/service messages).
  • Customer support tools (if used to manage enquiries).

We do not sell your personal data. If we are required by law to share information with authorities, we will do so only as required and where appropriate.

8. International transfers

Some of our service providers may process data outside the UK. Where this happens, we use appropriate safeguards, such as adequacy regulations or standard contractual clauses, as required under UK GDPR.

9. How long we keep information

We keep personal data only for as long as necessary for the purposes described in this policy, including legal, accounting, or reporting requirements.

  • Account data: kept while your account is active, and for a limited period afterwards if needed for legal or security reasons.
  • Payment records: kept as required for financial and tax obligations (handled largely by the payment provider).
  • Support messages: kept for a reasonable period to manage your enquiry and improve support quality.
  • Logs/security data: retained for a limited period for security and troubleshooting.

10. How we protect information

We use practical safeguards to protect data, including:

  • Secure authentication methods and encrypted connections (HTTPS).
  • Access controls and least-privilege permissions.
  • Monitoring and logging for security and abuse prevention.
  • Trusted service providers with appropriate security measures.

11. Children’s privacy

Mind Masters Lab is designed for children aged 9–12, but accounts should be created and managed by a parent or guardian. We aim to minimise child data, avoid public sharing features, and keep the experience safe.

If you believe a child has provided personal information without appropriate consent, please contact us and we will take steps to address it.

12. Your rights (UK GDPR)

You have rights in relation to your personal data, including:

  • The right to access your data.
  • The right to correct inaccurate data.
  • The right to request deletion of your data (in certain circumstances).
  • The right to restrict processing (in certain circumstances).
  • The right to object to processing (in certain circumstances).
  • The right to data portability (where applicable).

To make a request, please contact us via the Support page. We may need to verify your identity before responding.

13. Contact us

If you have questions about this Privacy Policy, or want to exercise your rights, please contact us via: Support / Contact Us.

If you are unhappy with how we handle your data, you may have the right to complain to the UK Information Commissioner’s Office (ICO).

14. Changes to this policy

We may update this policy from time to time. When we do, we will update the “Last updated” date at the top of this page. If changes are significant, we may also provide additional notice.