Privacy Policy

1. Information We Collect

Clarity by MindWiz collects only three categories of information from you. There is no fourth category.

1.1 What You Enter

Diagnostic assessment responses, experience log entries (text, categories, severity, dates), relationship types and labels, individual profile responses, notes, and evidence descriptions.

1.2 Your Email and Password

Email address (required for account recovery and essential service notifications) and password (stored only as a cryptographic hash via Supabase, never in plaintext). Display name is optional — you may use any pseudonym. Authentication is handled by Supabase.

1.3 Payment Information

Payment processing is handled entirely by Stripe, Inc. We never see, store, or access your full credit card number, CVV, or bank account details. Charges appear as "HB Digital" or "HBL Services" — never "Clarity," "MindWiz," or any wording related to relationships, abuse, or mental health.

Gift Code Redemption: We record that a code was activated. We do not record who purchased it, and the purchaser never has access to your account or data.

1.4 Communication Data (only if you choose to import)

If you use the communication import feature, the following data is processed:

• Chat exports you upload (WhatsApp, SMS, messenger applications) — parsed for timestamps, sender/receiver direction, and message frequency
• Email threads you upload — parsed for sender, recipient, date, and frequency
• Call log data you upload or manually enter — parsed for date, duration, direction, and frequency
• Phone recordings or video files you upload as evidence attachments — stored but not transcribed or analyzed for content
• Social media interaction logs you manually enter

How communication data is processed: Files you upload are parsed on our servers to extract timestamps, direction (incoming/outgoing), and frequency data. We do not read, review, or analyze the content of your messages — only structural metadata (who, when, direction, frequency). Original uploaded files are stored encrypted and can be deleted at any time. Communication data is subject to the same protections as all other account data.

1.5 Server Request Logs

Our hosting provider (Vercel) records standard server request logs containing IP addresses and user-agent strings for security and abuse prevention. These logs are not linked to your account, are not used for analytics, and are retained only as long as needed for security monitoring.

1.6 What We Never Collect

We do NOT collect: location or GPS data, contacts, photos from your device (unless you explicitly upload them as evidence attachments), data from other apps, browsing history outside our platform, behavioral analytics, advertising identifiers, or device fingerprints.

1.7 Information We Never Access

Your assessment responses, log entries, relationship data, and profile information are encrypted and inaccessible to Clarity by MindWiz staff. We cannot read your entries, browse your account, or view your scores.

2. How We Use Your Information

We use your information solely to: provide the platform service, calculate your Relationship Health Score, process payments (via Stripe), send essential account communications, and prevent fraud and abuse.

We do NOT use your data for: advertising, analytics, selling to third parties, training AI models, research (unless you opt in), profiling, behavioral tracking, or sharing with partners.

3. Who Can Access Your Data

You — and only you. No employee, contractor, Professional Partner, or gift code purchaser can access your account content. This is enforced by encryption at rest (AES-256), row-level security, and no admin access to content.

When you export a PDF report, you create a file on your device. You decide who receives it. We are not involved in or aware of this sharing.

We may disclose information if required by valid legal process (court order, subpoena). We will notify you unless legally prohibited.

4. Data Security

In transit: TLS 1.3 encryption. At rest: AES-256 encryption. Passwords: bcrypt hashing. Infrastructure hosted on SOC 2 Type 2 certified platforms. Safety features include quick-exit button, neutral email sender names, "HB Digital" billing descriptor, and one-click account deletion.

5. Cookies and Tracking

We use only essential cookies required for authentication and session security. We do NOT use advertising cookies, tracking pixels, behavioral analytics scripts, social media widgets, browser fingerprinting, or cross-site tracking of any kind. There is no Google Analytics, no Facebook Pixel, no Hotjar, no Mixpanel, no Vercel Analytics, and no third-party advertising or behavioral tracking on this platform — period.

6. Third-Party Services

Stripe (payment processing), Supabase (database and auth), Vercel (hosting). We do not share your personal content with any third party.

7. Your Rights

Access: View all data anytime. Correct: Edit any entry. Delete: Permanently delete all data with one click (erased within 24 hours, backups within 30 days). Export: Download as PDF. CCPA: We never sell your data. GDPR principles: Data minimization, purpose limitation, right to erasure, data portability applied to all users.

8. Children's Privacy

Not intended for children under 13. Users 13-18 may use the platform. If under 18 and need help: Childhelp National Hotline 1-800-422-4453.

9. Data Retention

Active accounts: retained while active. Deleted accounts: erased within 24 hours, backups within 30 days. Inactive 24+ months: notification sent, deleted after 30 days if no response.

10. Changes to This Policy

Material changes communicated through the platform (not email, to protect users whose email may be monitored).

11. Contact

Data Controller: MindWiz LLC
Product: Clarity by MindWiz (healthyboundaries.living)
Privacy: privacy@healthyboundaries.living
Security: security@healthyboundaries.living

© 2026 MindWiz LLC. Clarity by MindWiz is a MindWiz product.