MindTwice is a brain-health app operated by Backoffiz ("we", "us") that offers cognitive assessments, brain-training games, a voice journal with memory-recall exercises, lifestyle tracking, and personalized insights. This policy explains what information the app handles, where it lives, and the choices you have.
The short version: your data is stored on your device first. We sync what's needed to run the service to our backend (Supabase). We never sell your data, we show no ads, and we use no advertising or analytics trackers. Voice recordings stay on your phone except in one narrow fallback case described below. You can permanently delete your account and all associated data from inside the app.
| Category | What it includes | Where it's stored |
|---|---|---|
| Account | Email address, authentication credentials (or your Google account identity if you sign in with Google), display name. | Our backend (Supabase). |
| Cognitive data | Assessment and game results: scores, domain sub-scores, timing data, difficulty progression. | On your device; synced to our backend. |
| Check-ins & lifestyle | Daily check-ins, sleep, activity, and supplement logs you enter manually. | On your device; synced to our backend. |
| Health data (optional) | If you connect Health Connect (Android) or Apple Health (iOS): sleep, steps, exercise, heart rate, and mindfulness data. Read-only — we never write to your health store. | On your device; aggregates synced to our backend. |
| Voice journal | Audio recordings, transcripts, and the memory questions generated from them. | Recordings: on your device only. Transcripts and questions: on your device; synced to our backend. |
| Subscription | Your subscription product and expiry, plus the purchase token issued by Google Play or the App Store. We never see or store your payment card details — billing is handled entirely by the app stores. | Our backend. |
We do not collect advertising identifiers, location data, or contacts, and the app contains no advertising or third-party analytics SDKs.
We do not sell personal information and we do not use it for advertising.
Journal entries are transcribed on your device using your phone's built-in speech recognition. Audio recordings are saved only in the app's private storage on your device and are not uploaded to our servers.
One exception: if on-device transcription fails to produce a usable transcript (for example, in a noisy environment), the app sends that recording to our transcription service (Google Gemini, via our servers) once, solely to recover the transcript. The recording itself is not retained by us after transcription.
Some features are powered by large language models, accessed only through our authenticated servers — no AI keys or direct AI connections exist in the app:
Our current AI providers are Google (Gemini) and, as an automatic fallback, DeepSeek. Providers process content to return a response under their API terms; we do not use your content to train AI models.
Health Connect and Apple Health access is optional, read-only, and used solely to display your own data in the app and correlate it with your cognitive results. Health data is never used for advertising, never sold, and never shared with third parties except the infrastructure that hosts the service. You can disconnect access at any time in your device settings, and in-app account deletion removes the synced copies.
We share data only with the service providers required to operate MindTwice:
If you use the optional family dashboard and invite family members, the members you approve can see the information that feature is designed to share. We may also disclose information if required by law.
We keep your data for as long as your account exists. You can permanently delete your account in Settings → Delete account: this removes your data from our backend (assessments, journal transcripts, lifestyle logs, family memberships, profile, and authentication record), deletes local data and voice recordings from your device, and cancels scheduled reminders. Signing out does not delete your local data.
Depending on where you live, you may have rights to access, correct, export, or delete your personal information, or to object to certain processing. The app includes an export feature (PDF report) and full account deletion. For anything else, contact us at contact@mindtwice.com.
Data in transit is encrypted (TLS). Backend access is controlled with row-level security so each account can only read its own records; entitlement and deletion operations run only on our servers. No method of storage is 100% secure, but we work to protect your information with appropriate technical measures.
MindTwice is not directed to children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it.
Our service providers may process data in countries other than your own. Where they do, we rely on their compliance frameworks and contractual safeguards.
We'll post any changes here and update the effective date. For material changes we'll notify you in the app.
Backoffiz — contact@mindtwice.com