Last Updated: April 26, 2026
Effective Date: April 26, 2026
This Privacy Policy describes how Mneva ("Mneva," "we," "us," or "our") collects, uses, stores, and shares information about you when you use our website at mneva.app, our web application, and any related services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.
If you do not agree with this policy, do not use the Service.
Mneva is an AI-assisted flashcard and study platform designed for students. We are operated as a sole proprietorship / limited liability company based in the United States. For questions about this policy, contact us at privacy@mneva.app.
When you create an account, we collect your full name, email address, and password (stored in hashed form — we never store your plaintext password). You may optionally provide a username and customize your profile avatar.
We collect the content you create while using the Service, including flashcard decks, individual cards, folder names, study circle names and messages, and feature requests submitted through our support page.
If you subscribe to a paid plan, your payment information (credit card number, billing address, and related details) is collected and processed directly by Stripe, Inc. We do not store your full credit card number or CVV on our servers. We receive and store a limited set of billing-related data from Stripe, including your subscription status, plan tier, and transaction history.
If you contact us for support or send us an email, we collect the content of that communication and your contact information.
When you use the Service, we automatically collect information about how you interact with it. This includes pages visited, features used, buttons clicked, study sessions completed, cards reviewed, games played, time spent on pages, and error events.
We collect card-level performance data including whether you answered a card correctly or incorrectly, your response time in milliseconds, and the date and time of each study interaction. This data is used to power our spaced repetition system, adaptive card rewriting features, and memory map visualization.
We collect your IP address, browser type and version, operating system, device type, screen resolution, and referring URL. This information is used for security, fraud prevention, and improving the Service.
We use cookies and similar tracking technologies to maintain your login session, remember your preferences, and analyze how the Service is used. You can control cookie behavior through your browser settings, but disabling cookies may affect your ability to use certain features of the Service.
If you choose to sign in using Google, Microsoft, or Apple, we receive your name, email address, and profile picture from that provider. We do not receive your password from these providers. Your use of these sign-in methods is also governed by the respective provider's privacy policy.
We use the information we collect for the following purposes:
When you use our card generation features, the text, PDF content, YouTube transcript, voice memo transcription, or other input you provide is sent to OpenAI's API to generate flashcard content. This means your input content is processed by OpenAI subject to their usage policies and privacy practices. We do not sell this content to third parties.
We do not sell your personal information. We share your information only in the following circumstances:
We share information with third-party companies that help us operate the Service. These providers are contractually required to protect your information and may only use it to perform services on our behalf.
Purpose: Database hosting, authentication, and file storage
Data shared: All user data stored in our database, including account information, deck content, study session data, and card performance data
Location: United States
Privacy policy: supabase.com/privacy
Purpose: AI-powered flashcard generation and adaptive card rewriting
Data shared: Text, PDF content, YouTube transcripts, voice transcriptions, and other input you provide when using generation features. Card content and your performance data when using adaptive rewriting features.
Location: United States
Privacy policy: openai.com/policies/privacy-policy
Important note: OpenAI may use API inputs to improve their models unless you have opted out through their platform. We encourage you to review OpenAI's current data usage policies.
Purpose: Payment processing and subscription management
Data shared: Name, email address, and payment information for paid subscribers
Location: United States
Privacy policy: stripe.com/privacy
Purpose: Web application hosting and content delivery
Data shared: Web traffic data including IP addresses and request logs
Location: United States
Privacy policy: vercel.com/legal/privacy-policy
Purpose: Transactional and notification email delivery
Data shared: Your email address and the content of emails sent to you
Location: United States
Privacy policy: resend.com/legal/privacy-policy
Purpose: Product analytics and usage tracking
Data shared: Usage events, feature interactions, and device information
Location: United States or EU depending on configuration
Privacy policy: posthog.com/privacy
Content you choose to make public — including public flashcard decks, your username, and your public profile — is visible to other users of the Service and may be indexed by search engines. You can change the visibility of your decks and profile in your settings at any time.
Messages, activity, and content shared within study circles are visible to all members of that circle. Circle content is not visible to the general public unless the circle is designated as public.
We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
If Mneva is involved in a merger, acquisition, financing, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you via email and a prominent notice on the Service before your information becomes subject to a materially different privacy policy.
We retain your personal information for as long as your account is active or as needed to provide the Service.
If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal, tax, or fraud prevention purposes. Aggregate, anonymized data derived from your usage may be retained indefinitely as it no longer identifies you.
Study session data, card performance data, and memory map data are retained for the lifetime of your account to power our adaptive learning features. You may request deletion of this data at any time by contacting us at privacy@mneva.app.
Backup copies of data may persist for up to 90 days after deletion due to our backup retention schedule.
You may request a copy of the personal information we hold about you by contacting us at privacy@mneva.app. We will respond within 30 days.
You can update most of your account information directly through your profile and settings pages. For corrections we cannot make through the interface, contact us at privacy@mneva.app.
You may request deletion of your account and associated personal information by going to Settings and selecting Delete Account, or by emailing privacy@mneva.app. We will process your request within 30 days subject to any legal retention obligations.
You can manage email notification preferences in Settings under Notifications. You may opt out of non-essential emails at any time. You cannot opt out of transactional emails that are necessary for account operation, such as password reset and billing receipt emails.
You can control cookies through your browser settings. Note that disabling cookies may impair your ability to log in and use the Service.
If you are a California resident, you have the following rights under the California Consumer Privacy Act:
To exercise these rights, contact us at privacy@mneva.app with the subject line "CCPA Request." We will respond within 45 days.
If you are located in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation:
Our legal bases for processing your data include:
To exercise your GDPR rights, contact us at privacy@mneva.app. You also have the right to lodge a complaint with your local data protection authority.
Note: We are a US-based service. By using Mneva, you acknowledge that your data may be transferred to and processed in the United States, which may have different data protection laws than your country.
The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, do not use the Service or provide any information to us.
If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information promptly. If you believe we may have collected information from a child under 13, please contact us at privacy@mneva.app.
Users between the ages of 13 and 18 should review this policy with a parent or guardian before using the Service.
We implement reasonable technical and organizational measures to protect your personal information from unauthorized access, loss, misuse, and disclosure. These measures include:
However, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security of your information. If you believe your account has been compromised, contact us immediately at privacy@mneva.app and change your password.
The Service may contain links to third-party websites, Discord servers, or other external services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing them with your information.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address associated with your account) and by posting a notice on the Service at least 14 days before the changes take effect. Your continued use of the Service after the effective date of the updated policy constitutes your acceptance of the changes.
We will maintain a changelog of material updates at mneva.app/privacy.
For questions, concerns, or requests related to this Privacy Policy, contact us at:
Mneva
Email: privacy@mneva.app
Support: mneva.app/support
Mailing address: [Your LLC registered address]
We aim to respond to all privacy-related inquiries within 5 business days.