Last updated: December 25, 2025
Effective date: December 25, 2025
MNSTRY™ ("we," "us," or "our") is committed to protecting your privacy. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.
MNSTRY is a platform as a service (PaaS) provider that enables practitioners to configure, deploy, and manage client engagement systems. We act as technical infrastructure; all client care is the responsibility of the designated practitioner.
When you request access to our platform or create an account, we may collect:
•
Name and contact information (email address)
•
Professional background and practice details
•
Account credentials
•
Content you create, including session notes, journal entries, and knowledge base materials
•
Communications with us, including support requests and feedback
Our platform includes optional voice input features that allow you to dictate text. When you use voice input:
•
Audio recordings are sent to our transcription service provider (OpenAI Whisper) for conversion to text
•
Audio data is processed in real-time and is not stored after transcription is complete
•
The resulting text is returned to you and may be saved as part of your content, subject to your privacy settings
•
We do not retain audio recordings or use them for any purpose other than transcription
When you use our platform, we may automatically collect:
•
Device information (browser type, operating system, device identifiers)
•
Usage data (features accessed, time spent, interaction patterns)
•
Log data (IP address, access times, error reports)
We use the information we collect to:
•
Provide, maintain, and improve our platform and services
•
Process and respond to your access requests and inquiries
•
Authenticate your identity and manage your account
•
Enable agentic workflows and AI-powered features you configure
•
Send administrative communications about the platform
•
Ensure security and prevent fraud
•
Comply with legal obligations
Our platform uses artificial intelligence to provide agentic support features. Here is how we handle your data in relation to AI:
We do not train AI models on your data. Your content, session recordings, journal entries, and other personal information are never used to train or improve AI models, whether by MNSTRY or our AI service providers.
When your content is processed by cloud-based AI services, we employ privacy-preserving techniques including:
•
Content morphing to replace identifying information with plausible alternatives
•
Stylometric sanitization to prevent re-identification through writing patterns
•
Request batching and aggregation to prevent identity correlation
The platform supports multiple privacy tiers that you can select on a per-interaction basis:
•
Standard tier: Cloud processing with privacy-preserving techniques
•
Confidential tier: Processing on MNSTRY-controlled infrastructure
•
Secret tier: On-device processing only, with zero cloud exposure
Data ownership in MNSTRY is absolute and clearly defined:
•
Practitioners own their proprietary frameworks, methodologies, and knowledge base content
•
Clients own all personal data they generate, including journal entries, session notes, and engagement records
•
MNSTRY acts strictly as technical infrastructure and does not claim ownership of user content
•
We enforce security at the database level to ensure structural isolation
•
Data is only ever accessed or shared based on explicit, granular consent from its owner
We work with trusted third-party service providers to operate our platform:
•
Supabase: Database hosting and authentication services
•
Vercel: Web application hosting and deployment
•
OpenAI: Voice transcription (Whisper) and language model services
•
We require zero-data-retention agreements with AI providers where available
•
Resend: Transactional email delivery
We carefully select service providers that maintain appropriate security measures and only share the minimum information necessary for them to perform their services.
We implement comprehensive security measures to protect your information:
•
Encryption in transit using TLS/SSL
•
Encryption at rest for stored data
•
Row-level security (RLS) ensuring data isolation between users
•
Regular security audits and vulnerability assessments
•
Access controls limiting data access to authorized personnel
•
Client-side encryption options for sensitive content
While we strive to protect your information, no method of transmission or storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.
We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy. Specifically:
•
Account information is retained while your account is active
•
Content you create is retained until you delete it or close your account
•
Access request submissions are retained via email for processing purposes
•
Voice recordings are not retained after transcription is complete
•
Log data is retained for security and debugging purposes, typically for 90 days
When you delete content or close your account, we will delete or anonymize your information within a reasonable timeframe, except where retention is required by law or for legitimate business purposes.
Depending on your location, you may have certain rights regarding your personal information:
•
Access: Request a copy of the personal information we hold about you
•
Correction: Request correction of inaccurate or incomplete information
•
Deletion: Request deletion of your personal information
•
Portability: Request a copy of your data in a portable format
•
Objection: Object to certain processing of your information
•
Restriction: Request that we limit how we use your information
•
Consent withdrawal: Withdraw consent where processing is based on consent
To exercise these rights, please contact us at privacy@mnstry.ai. We will respond to your request within the timeframe required by applicable law.
We use cookies and similar technologies to:
•
Maintain your session and authentication state
•
Remember your preferences and settings
•
Understand how you use our platform to improve functionality
•
Ensure security and prevent fraud
We do not use cookies for advertising purposes or share cookie data with advertising networks. You can manage cookie preferences through your browser settings.
Your information may be transferred to and processed in countries other than your country of residence. We take appropriate safeguards to ensure your information remains protected in accordance with this privacy policy, including:
•
Standard contractual clauses approved by relevant authorities
•
Data processing agreements with all service providers
•
Compliance with applicable data protection frameworks
Our platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@mnstry.ai, and we will take steps to delete such information.
MNSTRY is a technology platform and does not provide medical, therapeutic, or mental health services. All client care is the responsibility of the designated practitioner using our platform. Practitioners using MNSTRY for healthcare-related purposes are responsible for their own compliance with applicable healthcare regulations, including HIPAA in the United States.
We may update this privacy policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will:
•
Update the "Last updated" date at the top of this policy
•
Notify you through the platform or via email for significant changes
•
Provide you with an opportunity to review the changes before they take effect
If you have questions about this privacy policy or our privacy practices, please contact us at:
Email: privacy@mnstry.ai
Mailing address:
Merkaba Group L.L.C.
P.O. Box 35512
Dallas, TX 75235
United States
© 2025 MNSTRY™ · Merkaba Group L.L.C. · All rights reserved.