← Back to home

Privacy Policy

TL;DR

  • What we collect: Account info, OAuth data (if you use social login), and payment info (processed by Polar - we never see your card details).
  • Your artwork: We do NOT collect or access your creations - they stay on your device.
  • Website analytics: We use Meta Pixel and Google Analytics on our marketing website - you can decline these via the consent dialog on your first visit.
  • App analytics: We use Vercel Analytics (cookie-free, no personal info) across all our apps.
  • Error tracking: We use Sentry to catch bugs - it's anonymized and contains no personal info.
  • We never sell your data. Period.
  • Your data is encrypted and stored securely.
  • Your rights: Access, update, or delete your data anytime via the Customer Portal on the Manage page.

Last updated: 1/13/2026

1. Information We Collect

When you use Mandala Cafe, we collect the following information:

  • Account Information: Name, email address, and password (encrypted)
  • OAuth Information: If you sign in with Google, Facebook, or Apple, we receive basic profile information
  • Payment Information: Processed securely through Polar (we do not store credit card details)
  • Usage Data: Information about how you use the Service, including session data and device information
  • Analytics Data: We use Vercel Analytics (cookie-free) across all our applications to understand usage patterns. This data does not contain personally identifiable information.
  • Error Logs: We use Sentry to collect anonymized error and exception data to help us fix bugs. This data does not contain personally identifiable information.

Note: We do not collect or access your artworks in any way.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your purchases and manage your account
  • Send you technical notices and support messages
  • Monitor and analyze usage patterns to improve user experience
  • Enforce our Terms of Use and protect against fraud

3. Information Sharing

We do not sell your personal information. We may share your information with:

  • Service Providers: Polar for payment processing, authentication providers (Google, Facebook, Apple)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with any merger, sale, or acquisition

4. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Secure authentication
  • Regular security audits and updates
  • Access controls and monitoring

5. Your Rights

You have the right to:

  • Access, update, or delete your personal information
  • Object to processing of your personal information
  • Request a copy of your data
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise these rights, please contact us through the customer portal or via email.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Service. If you delete your account, we will delete your personal information within 30 days, except where we are required to retain it by law.

7. Cookies and Tracking

We use different tracking approaches depending on where you interact with us:

  • Marketing Website: We use Meta Pixel and Google Analytics. You can decline these via the consent dialog shown on your first visit.
  • Web App & Native Apps: We use Vercel Analytics, which is cookie-free and does not collect personally identifiable information. Meta Pixel and Google Analytics are not used in the web app or native applications.
  • Error Tracking: We use Sentry across all platforms to collect anonymized error logs for bug fixing. This data contains no personally identifiable information.

You can control cookies through your browser settings for website visits.

8. Third-Party Services

Our Service integrates with third-party services that have their own privacy policies. We encourage you to review their policies:

  • Payment Processing: Polar
  • Authentication: Google, Facebook, Apple
  • Website Analytics: Meta (Meta Pixel), Google (Google Analytics)
  • App Analytics: Vercel Analytics
  • Error Tracking: Sentry

9. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us through our website or customer portal.

View Terms of Use →