Privacy

Last updated 2026-05-07.

What Mindharbor is (and isn't)

Mindharbor is an AI-powered conversational space. It is not a healthcare service, not therapy, not counseling, not a substitute for professional mental healthcare. Per California Senate Bill 243 and equivalent laws in Texas, Utah, and Maine effective in 2026, we are required to disclose that Mindharbor is artificial intelligence. We are doing that now.

What we store

• Account info: your email and a hashed password (managed by Supabase Auth).
• Conversations: the messages you send and the responses Mindharbor generates, so you can come back to them.
• Preferences: Mindharbor silently learns how you like to be talked to (directive vs reflective, etc.) and stores that with your account so the conversation gets better over time.
• Operational logs: error logs, model latency, and usage counts. These do not include conversation content.

What we don't do

• We do not train models on your conversations.
• We do not sell your data.
• We do not share conversation content with third parties for advertising or analytics.

Where data lives

Mindharbor uses Supabase (Postgres) to store your account and conversations, and the Vercel AI Gateway to route model calls. Both providers maintain SOC 2 compliance and process data in line with their published policies. Mindharbor itself does not retain copies of prompts or responses outside the Supabase database.

Deleting your data

Email hello@mindharbor.com with your account email and we will delete your account and all associated conversations within 7 days. We are working on an in-app delete flow.

Crisis

Mindharbor cannot help you in a mental-health emergency. If you are in crisis, please use the resources at /crisis or call 988 (US) immediately.

Changes

If we make material changes to this policy, we'll post them here and note the change date at the top.