Last updated: April 1, 2026
This Privacy Policy describes how Mentatype LLC (“Mentatype,” “Company,” “we,” “us,” or “our”) collects, uses, processes, and protects your Personal Data when you access or use our website located at mentatype.com and related services (collectively, the “Services”).
This Privacy Policy should be read together with our Terms and Conditions and Cookie Policy.
Company refers to Mentatype LLC, a limited liability company incorporated in the State of Delaware, United States, with its registered address at 501 Silverside Rd Ste 105 No 5487, Wilmington, DE 19809, United States.
Services refers to all features, functionalities, software, personality assessments, AI features, content, subscriptions, and related services provided by Mentatype.
Platform refers to our website, applications, and digital infrastructure used to deliver the Services.
User (“you” or “your”) refers to any individual who accesses, uses, or interacts with the Services.
Account refers to a registered user account created to access certain features of the Services.
Personal Data means any information relating to an identified or identifiable natural person, including but not limited to name, email address, IP address, device identifiers, and usage data.
Processing means any operation performed on Personal Data, including collection, storage, use, transmission, analysis, or deletion.
Data Controller means Mentatype LLC, which determines the purposes and means of processing Personal Data.
Data Processor means any third party that processes Personal Data on behalf of the Company. Usage Data means data automatically collected when using the Services, including IP address, browser type, device information, and interaction data.
Cookies means small text files stored on your device to enable functionality, analytics, and security.
AI-Generated Content means any content generated by artificial intelligence systems based on User inputs or interactions.
Authentication means the process used to verify User identity and secure access to Accounts. Encryption means the use of cryptographic methods to protect data from unauthorized access.
Access Credentials means information used to verify User identity, including email address and authentication tokens.
Token means a unique identifier used for secure authentication and session management.
SSL/TLS refers to security protocols used to encrypt data transmitted between your device and our servers.
Applicable Law means any applicable data protection, privacy, and consumer protection laws, including but not limited to:
Consent means any freely given, specific, informed, and unambiguous indication of your agreement to the processing of Personal Data.
This Privacy Policy explains how Mentatype LLC (“Mentatype,” “Company,” “we,” “us,” or “our”) collects, uses, processes, stores, and protects your Personal Data when you access or use the Services.
This Privacy Policy also explains your privacy rights and how you may exercise those rights under applicable data protection laws.
By accessing or using the Services, you acknowledge that your Personal Data will be processed in accordance with this Privacy Policy.
This Privacy Policy applies only to Personal Data processed by the Company in connection with the Services.
This Privacy Policy applies to:
This Privacy Policy applies regardless of the device used to access the Services, including desktop, mobile, or tablet devices.
By accessing or using the Services, creating an Account, or submitting Personal Data, you acknowledge that you have read and understood this Privacy Policy.
Where required by applicable law, we will obtain your consent before processing certain categories of Personal Data.
If you do not agree with this Privacy Policy, you must not use the Services.
The Company reserves the right to update or modify this Privacy Policy at any time.
If material changes are made, the Company may notify Users through:
The updated Privacy Policy will become effective upon posting, unless otherwise required by applicable law. Your continued use of the Services after the effective date constitutes acceptance of the updated Privacy Policy.
The Services are operated from the United States but may be accessed globally.
By using the Services, you acknowledge that your Personal Data may be transferred to and processed in the United States and other jurisdictions where data protection laws may differ from those in your country.
The Company implements appropriate safeguards to protect Personal Data in accordance with applicable laws.
We collect Personal Data that you provide directly, that is collected automatically when you use the Services, and that is provided by third-party service providers.
The types of Personal Data we collect depend on how you use the Services.
When you create an Account or use the Services, we may collect:
This information is required to create, maintain, and secure your Account.
You may voluntarily provide additional information, including:
Providing optional data is not required but may enhance your experience.
When you use personality assessments and AI features, we may collect:
Individual responses to assessment questions may be processed in real time and may not be permanently stored unless necessary to generate results, improve Services, or ensure system integrity. We may use anonymized or aggregated assessment data to improve the Services.
We automatically collect information about how you use the Services, including:
This data helps us operate, maintain, and improve the Services.
Payments are processed by third-party payment processors (such as Stripe). We do not store full payment card numbers.
We may receive limited payment-related data, including:
Payment processors handle payment data in accordance with their own privacy policies and PCI-DSS requirements.
We automatically collect technical information, including:
This information helps maintain system stability and performance.
We collect information using cookies and similar technologies, including:
These technologies help us:
For more information, please see our Cookie Policy
We may receive Personal Data from third-party service providers, including:
This data is used solely for the purposes described in this Privacy Policy.
We may create aggregated or anonymized data that does not identify individual Users.
Such data may be used for:
Anonymized data is not considered Personal Data
We process Personal Data only where permitted by applicable law and for legitimate business purposes related to the operation of the Services.
We use Personal Data to:
Legal basis (GDPR): Contract performance and Legitimate Interests.
We process Personal Data to:
Payments are processed by third-party payment processors.
Legal basis (GDPR): Contract performance, Legal obligation, and Legitimate Interests.
We use Personal Data to communicate with you, including:
Legal basis (GDPR): Contract performance and Legal obligation.
We process Personal Data to:
Where possible, we use anonymized or aggregated data.
Legal basis (GDPR): Legitimate Interests.
We use Personal Data to:
Analytics data may be anonymized where appropriate.
Legal basis (GDPR): Legitimate Interests or Consent.
We process Personal Data to:
Legal basis (GDPR): Legitimate Interests and Legal obligation.
We may process Personal Data to:
Legal basis (GDPR): Legal obligation and Legitimate Interests.
If you are located in the European Economic Area or the United Kingdom, we process your Personal Data under the following legal bases:
Processing necessary to provide the Services, including:
Processing necessary to comply with legal requirements, including:
Processing necessary for legitimate business interests, including:
We ensure such processing does not override your privacy rights.
Where required by law, we rely on your consent for:
You may withdraw your consent at any time.
We use automated systems, including artificial intelligence, to generate personality assessments and insights.
This processing may involve automated analysis of User inputs.
Such processing is necessary to provide the Services requested by you.
We do not use automated decision-making that produces legal or similarly significant effects without appropriate safeguards.
Mentatype LLC implements appropriate technical, organizational, and administrative measures to protect Personal Data against unauthorized access, loss, misuse, alteration, or disclosure.
However, no system can guarantee absolute security.
Personal Data may be stored and processed in secure data centers operated by the Company or its service providers.
These data centers may be located in:
Personal Data may be transferred internationally where necessary to provide the Services.
Where Personal Data is transferred outside the European Economic Area or United Kingdom, the Company implements appropriate safeguards, including:
By using the Services, you acknowledge that your Personal Data may be transferred internationally.
The Company maintains industry-standard security measures designed to protect Personal Data.
We implement security controls including:
Access to Personal Data is restricted to authorized personnel.
We use encryption and secure transmission protocols, including:
These safeguards help prevent unauthorized access
Payments are processed by third-party payment processors compliant with PCI DSS standards.
The Company does not store full payment card numbers.
Payment processors use secure tokenization and encryption.
The Company receives limited payment information as necessary to manage subscriptions.
We implement technical safeguards including:
These safeguards help protect against unauthorized access and cyber threats
We maintain backup and recovery systems to protect against data loss, including:
These measures help ensure continuity of the Services.
We implement organizational safeguards including:
In the event of a confirmed Personal Data breach, the Company will take appropriate steps in accordance with applicable law.
This may include:
Where required under GDPR, affected Users will be notified without undue delay.
We retain Personal Data only for as long as necessary to:
Retention periods vary depending on the type of data and legal requirements.
When Personal Data is no longer required, it will be securely deleted or anonymized.
While the Company implements appropriate security measures, no method of transmission or storage is completely secure.
The Company cannot guarantee absolute security of Personal Data.
Users are responsible for maintaining the confidentiality of their Account access credentials.
We use third-party services to operate, secure, analyze, and improve the Services, and to support marketing and advertising activities.
These third parties may process Personal Data on our behalf in accordance with their privacy policies and applicable laws.
We use analytics and infrastructure providers to understand how Users interact with the Services and to improve performance, reliability, and functionality.
These providers may include:
These providers may collect or process information such as:
This information helps us improve the Services and maintain system stability.
Legal basis (GDPR): Legitimate Interests and Consent (where required).
We use error monitoring tools such as Sentry to identify and fix technical issues.
These tools may collect technical and diagnostic data, including:
Where session replay or diagnostic tools are used, safeguards are implemented, including:
These tools are used solely to maintain and improve the Services.
Legal basis (GDPR): Legitimate Interests.
We may work with third-party advertising partners to promote the Services and measure advertising performance.
These partners may include:
These partners may collect or receive information such as:
These partners may use such information to:
Legal basis (GDPR): Consent.
We may share Personal Data with third-party service providers that assist us in operating the Services, including:
These providers are authorized to process Personal Data only as necessary to provide services to us.
We require service providers to implement appropriate security safeguards.
Third-party services operate independently and have their own privacy policies.
We encourage you to review their privacy policies to understand how they process Personal Data.
We do not control third-party privacy practices.
You may control tracking and data collection through:
You may opt out of interest-based advertising through:
Please note that disabling certain tracking technologies may affect functionality of the Services.
Core functionality of the Services will remain available.
Where required under applicable law, including GDPR, we rely on:
You may withdraw consent at any time through your privacy or cookie settings.
You have certain rights regarding your Personal Data, subject to applicable law.
These rights may vary depending on your jurisdiction.
Subject to applicable law, you may have the right to:
These rights may be subject to legal exceptions
If you are located in the European Economic Area or United Kingdom, you have the following rights under the GDPR:
You have the right to request access to your Personal Data.
You have the right to request correction of inaccurate Personal Data.
You have the right to request deletion of your Personal Data, subject to legal limitations.
You may request restriction of processing under certain conditions.
You may request a copy of your Personal Data in a structured, commonly used, machine-readable format.
You may object to processing based on legitimate interests.
Where processing is based on consent, you may withdraw consent at any time.
You have the right to lodge a complaint with a supervisory authority.
If you are a California resident, you may have the right to:
These rights are subject to legal exceptions.
If you are a Canadian resident, you may have the right to:
If you are an Australian resident, you may have the right to:
You may exercise your privacy rights by contacting us at: [email protected] or [email protected]
We may require identity verification before processing your request.
Verification may include:
We will respond to privacy requests within the time required by applicable law.
Typically:
We may extend response time where permitted by law.
Where applicable, Personal Data may be provided in a machine-readable format, such as JSON or CSV.
Certain requests may be limited where required to:
We retain Personal Data only as long as necessary to fulfill the purposes described in this Privacy Policy.
We retain Personal Data for the following general periods:
Retention periods may vary depending on legal requirements.
You may request deletion of your Account at any time.
Upon Account deletion:
Complete deletion may take up to ninety (90) days due to backup and system processes.
We may retain Personal Data where required to:
We may retain anonymized or aggregated data that does not identify you.
Such data is not considered Personal Data.
When Personal Data is no longer required, we securely delete or anonymize the data using appropriate safeguards.
Mentatype LLC operates globally. As a result, your Personal Data may be transferred to and processed in countries outside your country of residence, including the United States.
If you are located in the European Economic Area, United Kingdom, or other jurisdictions with data transfer restrictions, we implement appropriate safeguards, including:
These safeguards are designed to ensure that your Personal Data receives an adequate level of protection.
By using the Services, you acknowledge and consent to the transfer of your Personal Data to countries outside your jurisdiction, subject to applicable legal protections.
This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to conflict of law principles.
Mentatype LLC is the Data Controller responsible for processing Personal Data under this Privacy Policy.
If you have a privacy-related concern or dispute, you agree to first contact the Company at: [email protected] or [email protected]
We will make reasonable efforts to resolve the issue informally.
If the dispute cannot be resolved informally, it shall be resolved in accordance with the dispute resolution and arbitration provisions set forth in Section 14 of our Terms and Conditions.
If you are located in the European Economic Area, United Kingdom, or another jurisdiction with applicable data protection laws, you may have the right to:
We will respond to requests in accordance with applicable law.
If you are located in the European Economic Area or the United Kingdom, you have the right to lodge a complaint with your local data protection authority if you believe your Personal Data has been processed unlawfully.
A list of EU supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en
The Services are intended only for individuals who are at least eighteen (18) years of age.
We do not knowingly collect, solicit, or process Personal Data from individuals under the age of eighteen (18).
By using the Services, you represent and warrant that you are at least eighteen (18) years old.
If we become aware that Personal Data has been collected from an individual under the age of eighteen (18), we will take reasonable steps to:
If you believe that a minor has provided Personal Data, please contact us at: [email protected]
The Company reserves the right to modify or update this Privacy Policy at any time to reflect changes in:
Material changes include, but are not limited to:
For material changes, we may provide notice through:
Material changes will become effective on the date specified in the notification.
Non-material changes may include:
Non-material changes may become effective immediately upon posting.
Your continued use of the Services after the effective date of the updated Privacy Policy constitutes acceptance of the changes.
If you do not agree with the updated Privacy Policy, you must discontinue use of the Services.
Mentatype LLC is the Data Controller responsible for processing Personal Data under this Privacy Policy.
Company Name: Mentatype LLC
Registered Address: 501 Silverside Rd Ste 105 No 5487, Wilmington, DE 19809, United States
If you have any questions, requests, or concerns regarding this Privacy Policy or your Personal
Data, you may contact us at:
Support Email: [email protected]
Legal Email: [email protected]
You may exercise your privacy rights by contacting us using the contact information above.
We will respond to requests in accordance with applicable law.
Identity verification may be required before processing certain requests.
If you are located in the European Economic Area or United Kingdom, you have the right to lodge a complaint with your local data protection authority if you believe your Personal Data has been processed unlawfully.