Privacy Policy
Last updated: March 2026
1. Who We Are
Psynex is a platform for self-exploration and relationship understanding. We are not a medical product, we do not diagnose, and we do not provide therapy. Domain: psynex.app.
2. What Data We Collect
During registration and onboarding we collect: display name, gender (for AI response personalization), age, interface language, and optionally location. While using the platform, you generate behavioral data through the Explorer module (scenario responses, Deep mode dialogues). This data forms your MindID — a dynamic model of your behavioral patterns. We also collect Pulse Checks (self-reports: mood, energy, stress, social).
3. How We Use Your Data
Your data is used exclusively for platform operation: building and updating your MindID, generating micro-insights after each study, comparing MindIDs in the Match module (at your request), conducting Insight sessions, and product analytics (aggregated metrics without personal data). We never use your data for advertising, selling to third parties, or optimizing you for external KPIs.
4. AI Data Processing
Psynex uses Anthropic (Claude) models for dialogue processing and interpretation generation. Key parameter: store: false — your data is NOT stored on Anthropic servers. Data exists temporarily in RAM during processing and is deleted after the request completes. The AI provider has no access to your MindID, history, or profile. You give explicit consent to AI processing during onboarding (step 6).
5. Where Data Is Stored
All your data is stored in a Supabase (PostgreSQL) database with AES-256 encryption at rest. Connections are protected by HTTPS (TLS). Your data exists in only two places: (1) our database, which we control, (2) temporarily in RAM during AI processing. We do not use Google Analytics, Meta SDK, or any third-party SDKs that extract personal data. For analytics, we use PostHog — a privacy-friendly solution with self-hosting capability.
6. Isolation & Access Control
Row Level Security (RLS) is enabled on every database table: you can only see your own data. Even if the API is compromised, cross-user access is impossible. Critical operations (writing study results, MindID fields, ATOMs) are performed only by the server via service role — the client never writes directly. Match reports are accessible only through a special RPC function with access level control.
7. Match Privacy
When you do a Match with another person, your partner never sees your MindID directly. The Match report describes the space BETWEEN you using relational language (not "you are X, they are Y"). By default, the report shows only a summary. Detailed information is revealed only with explicit consent from both parties (Layered Reveal).
8. Ephemeral Data
Chat messages (Deep and Insight modes) are ephemeral. After a session ends, the transcript is archived and messages are deleted from the database. Archived transcripts are automatically purged after 90 days. Message limits: maximum 5,000 characters per message, 100 messages per session.
9. Your Rights
You have full control over your data. Account deletion: cascade delete of ALL 13 database tables. After deletion, zero recoverable data remains at the application layer. Note: Supabase automatic backups (Point-in-Time Recovery) may retain data for up to 30 days after deletion at the infrastructure level. You can request account deletion via /settings/delete.
10. Blocked Territories
Access to Psynex is blocked for the following territories: Russia, Belarus, Iran, North Korea. Blocking is enforced at the infrastructure level (Vercel Edge). Russian language is not supported — this is a core company policy.
11. Security
Authentication: Supabase Auth (bcrypt, JWT, magic link). Transport: HTTPS everywhere, HSTS. Injection protection: Zod validation of all server-side inputs. Rate limiting: API request throttling. CSP: strict content security policy. Classifier security: every user text input in Deep and Insight modes is checked for unsafe content.
12. Children
Psynex is not intended for persons under 16 years of age. We do not knowingly collect data from children. If you believe a minor has registered on the platform, contact us for account deletion.
13. Changes to This Policy
We may update this privacy policy. We will notify you of significant changes through the platform. By continuing to use Psynex after changes, you accept the updated policy.
14. Contact
Privacy inquiries: privacy@psynex.app General inquiries: hello@psynex.app