Skip to main content

Privacy Policy

Last updated: 7/16/2026

This Privacy Policy explains how MoldMind LLC ("MoldMind," "we," "us," or "our") collects, uses, shares, retains, and protects personal data in connection with the MoldMind Service (the "Service"). It applies to inspectors, organization administrators, billing contacts, prospective customers, and anyone else who interacts with the Service or our websites.

This Policy uses "personal data" to mean any information that identifies or could reasonably be linked to a person.

1. Who Is Responsible for Your Data (Controller and Processor)

Your data may flow through the Service in two distinct legal roles:

  • MoldMind as Controller. We act as the data controller for personal data we collect and use for our own business purposes — for example, account registration data, billing data, support requests, marketing inquiries, website analytics, and Service usage telemetry.
  • MoldMind as Processor. We act as a processor on behalf of our customers for personal data they upload into the Service in the course of an inspection — for example, photos, voice memos, lab reports, scanned forms, occupant or property information, and the structured field data that backs each Report. The customer (the inspection firm or independent inspector) is the controller for that data. Where you are an end user, occupant, or other data subject of a customer's inspection, the customer's privacy notice governs that processing. We have entered into a Data Processing Agreement with each customer setting out the processor obligations.

If you are unsure which role applies, contact privacy@moldmindai.com and we will route you appropriately.

2. Categories of Personal Data We Collect

We collect the following categories of personal data:

CategoryExamplesSource
Account & profileName, email, password hash, organization, role, profile photo, license numbers, certificationsYou
BillingBilling contact, billing address, last 4 digits of payment method, transaction history (card numbers are stored by Stripe, not us)You / Stripe
Inspection field dataPhotos, voice memos, lab reports, scanned forms, hand-written notes, moisture readings, sample IDs, chain-of-custody formsYou / your Inspectors
Property and occupant dataProperty address, building characteristics, occupant complaint type and count, occupant identifiers when uploaded by youYou / your Inspectors
Report contentStructured AI-extracted fields, generated narrative drafts, finalized Report PDFsGenerated from the above
CommunicationsSupport tickets, emails to us, recordings of support calls (if any), feedback and survey responsesYou
Device & log dataIP address, browser type, device type, language, referrer, pages viewed, links clicked, time spent, crash reports, error stack tracesAutomatic
Cookies and similar technologiesSession cookies, CSRF tokens, security/load-balancing cookies (see Cookie Policy)Automatic
Authentication dataSign-in events, multi-factor codes, organization memberships, session tokensClerk / automatic

We do not intentionally collect biometric identifiers, precise geolocation beyond IP-derived city/region, health or medical records, or financial-account credentials. If you upload such data into the inspection field data category, we will treat it as part of that category and process it on your behalf as a processor.

3. How We Use Personal Data

We use personal data to:

  • Provide, operate, secure, monitor, and improve the Service;
  • Authenticate users, manage organization memberships, and enforce role-based access;
  • Generate AI-assisted Output and finalized Reports from your Customer Content;
  • Process billing, calculate usage against plan caps, prevent fraud, and collect amounts due;
  • Send transactional and regulatory communications (account confirmations, billing receipts, security alerts, material updates to legal documents, the Connecticut Public Act 25-44 annual renewal reminder, and similar notices);
  • Send marketing communications you have requested or for which we have a lawful basis (you can opt out at any time — see Section 8);
  • Respond to your support requests and other communications;
  • Conduct aggregated, de-identified analytics about Service usage, performance, and reliability;
  • Detect, investigate, and prevent abuse, security incidents, fraud, and violations of our Terms or Acceptable Use Policy;
  • Comply with applicable law and respond to lawful requests from courts, regulators, and law enforcement (see Section 10);
  • Establish, exercise, or defend legal claims; and
  • Enforce our agreements and protect our rights, property, and the safety of our users and the public.

4. Legal Bases for Processing (GDPR / UK GDPR)

If you are in the European Economic Area, United Kingdom, or Switzerland, we rely on the following legal bases under Article 6 GDPR (and equivalents):

Legal basisWhen we rely on it
Contract (Art. 6(1)(b))To deliver the Service to you, manage your Account, process payments, and provide support.
Legal obligation (Art. 6(1)(c))To comply with tax, accounting, fraud-prevention, regulatory-reporting, and other legal duties.
Legitimate interests (Art. 6(1)(f))To secure and improve the Service, monitor for abuse, conduct aggregated analytics, and operate our business in a sustainable way, in each case balanced against your rights and interests.
Consent (Art. 6(1)(a))For optional marketing emails and for any processing that requires consent under applicable law. You may withdraw consent at any time without affecting the lawfulness of prior processing.

Where we process personal data that we receive as a processor on a customer's behalf, the customer is the controller and is responsible for identifying the lawful basis for the processing.

5. AI Processing and Automated Decision-Making

The Service is AI-assisted, not AI-automated. We use third-party large language models and machine-learning models (currently Anthropic Claude for narrative generation, photo classification, and document parsing; Deepgram for voice transcription; and OpenAI text-embedding models for the similarity-search features that power correction-pair learning) to produce draft Output from your Customer Content. The subscribing Inspector reviews and explicitly approves every Report before it is finalized or delivered.

The Service is designed with a human-in-the-loop review step intended to ensure that inspection decisions are made by the human Inspector, not by automated processing alone. We do not believe the Service constitutes "solely automated decision-making" producing legal or similarly significant effects on data subjects within the meaning of Article 22 GDPR. If you believe a decision affecting you was made solely by automated means in connection with the Service, contact privacy@moldmindai.com and we will investigate.

Vendor data retention. For voice transcription via Deepgram, we instruct Deepgram not to retain audio or transcripts for vendor model improvement. For Anthropic (Claude) inference and our hosting provider (Vercel), we may, at our discretion, enable or disable zero-data-retention configurations subject to vendor plan tiers and our operational posture, and the current configuration may change over time. See the AI Disclosure for additional detail.

6. Aggregated and De-identified Data

We create aggregated and de-identified data derived from your use of the Service and from inspection data (the "De-identified Data"), using commercially reasonable measures intended to prevent re-identification. De-identified Data is not designed to identify you, your Inspectors, your customers, or any individual property.

Once data has been de-identified, it is no longer personal data. As described in Section 8 of the Terms of Service, MoldMind owns the De-identified Data, retains it perpetually, and may use it for any lawful purpose — including operating and improving the Service, producing aggregated insights and benchmarks, developing and training models and artificial-intelligence systems (whether or not related to the Service), and creating, licensing, or selling standalone products based on or incorporating the De-identified Data. These uses are not limited to the Service.

The De-identified Data survives account deletion and data-removal requests. Because De-identified Data is no longer personal data, a deletion, erasure, access, correction, or portability request removes your identifiable personal data and Customer Content from the live Service (see Sections 11 and 14) but does not remove, and does not require us to delete, the De-identified Data already created. We do not commit to deliver any specific aggregation product, and the De-identified Data we create may change over time. See Terms of Service Section 8 for the governing ownership and license terms.

7. How We Share Personal Data

We share personal data only as described below.

7.1 Sub-processors

We share customer data with the sub-processors listed at /subprocessors and on our Privacy Policy index below. We have entered into written data-protection agreements with each sub-processor and we remain responsible for their processing on our behalf:

Sub-ProcessorPurposeCategories
ClerkAuthentication, organization managementUser identity, organization memberships
SupabaseDatabase + object storageAll structured data, uploaded files
AnthropicAI model inference (Claude)Report generation prompt content
OpenAIText embeddings (similarity search)Short text snippets derived from correction pairs + support questions (no photos or audio)
DeepgramAudio transcriptionVoice memo audio + transcripts
StripeBillingPayment methods, billing addresses, transaction history
ResendTransactional + regulatory emailRecipient email addresses, email content
VercelApplication hostingRequest/response logs
RailwayPDF rendering (Gotenberg)Transient HTML during render only
SentryError monitoringStack traces (PII-scrubbed at client)
InngestBackground job processingEvent payloads (org IDs, job IDs)
UpstashRate limiting + ephemeral cacheNon-PII counters and cache keys
SlackInternal operational + business alertingAlert metadata — organization names, internal IDs, and limited contact identifiers (e.g. a new sign-up, lead, or support email address contained in an alert)

For the current authoritative list, see /subprocessors.

7.2 Other recipients

  • Within your organization. We share personal data with other members of your organization as configured by your administrator (for example, an organization admin can see all Inspectors and Reports in the organization).
  • Service providers and professional advisors. We may share data with vendors who help us run our business (such as accountants, lawyers, payment processors, and customer-support tools) under appropriate confidentiality and data-protection obligations.
  • Corporate transactions. If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, or sale of all or part of our assets, personal data may be transferred as part of that transaction. We will provide notice (and choices where required by law) before any transfer becomes subject to a different privacy policy.
  • Legal compliance and safety. We may disclose personal data when we believe in good faith that disclosure is necessary to (a) comply with applicable law, regulation, court order, subpoena, or other legal process; (b) protect the rights, property, or safety of MoldMind, our users, or others; (c) detect, prevent, or address fraud, security, or technical issues; or (d) enforce our Terms or other agreements.
  • With your consent. We share personal data with any other recipient when you direct us to do so.

We do not sell personal data for monetary consideration, and we do not share personal data for cross-context behavioral advertising. See Section 12 (California Notice).

8. Marketing vs. Transactional and Regulatory Communications

We distinguish two kinds of email communications:

  • Transactional and regulatory communications are sent in connection with the Service and your Account. Examples include sign-in confirmations, billing receipts, security alerts, material changes to our legal documents, the Connecticut Public Act 25-44 annual renewal reminder, and similar notices. You cannot opt out of transactional and regulatory communications while you have an active Account, because they are necessary for the operation of the Service or required by law.
  • Marketing communications include product announcements, newsletters, and other promotional emails. We send marketing communications only where permitted by applicable law. You can opt out of marketing communications at any time using the "unsubscribe" link in any marketing email or by emailing privacy@moldmindai.com. Opting out of marketing communications does not affect transactional and regulatory communications.

9. Cookies and Similar Technologies

We use a limited set of cookies and similar technologies that are strictly necessary to operate the Service (authentication, CSRF protection, load balancing, payment processing). We do not use third-party advertising cookies or behavioral-advertising trackers. We honor the Global Privacy Control (GPC) signal where applicable. For details, see our Cookie Policy.

10. Legal Requests and Law Enforcement

We respond to lawful requests for personal data from courts, regulators, and law enforcement. Our standard practice is to:

  • Review each request for legal validity, scope, and the production of the necessary process (subpoena, court order, search warrant, or equivalent foreign legal process).
  • Narrow the scope of any production to the minimum personal data responsive to the request, where legally permissible and operationally feasible.
  • Where legally permitted and operationally feasible, we may notify the affected customer or data subject before producing data. We are not obligated to do so and will not provide notice where we are legally prohibited from doing so (for example, by a court order with a non-disclosure component), where we determine in good faith that notification would create a risk of harm, or where notification is otherwise inadvisable.
  • Object to or seek to limit overbroad, indefinite, or improperly issued requests, in our discretion.

We do not currently publish a transparency report. We may revise this position as the volume and nature of legal requests evolve.

11. Data Retention

We retain personal data only as long as needed for the purposes described in this Policy, subject to applicable legal, accounting, and reporting requirements. The principal retention categories are:

Data categoryRetention period
Account and profile dataDuration of your Account + up to 30 days post-deletion for read-only export, then deletion per Section 14
Billing records7 years (US tax / commercial-records standard)
Finalized ReportsFor a reasonable period reflecting your professional record-keeping obligations and applicable law
Draft Reports and unfinalized inspection field dataDuration of your Account + 30 days post-cancellation; deleted at Account deletion
Voice memos and transcripts (raw audio + transcript text)Duration of your Account + 30 days post-cancellation; deleted at Account deletion
Photos, lab PDFs, scanned formsDuration of your Account + 30 days post-cancellation; deleted at Account deletion
Inspector signatures (source images)Duration of Inspector's organization membership; deleted on membership removal. Signatures already baked into finalized PDFs remain in those PDFs until the PDF itself is deleted.
Server access and security logsUp to 90 days
Error and crash data (Sentry)Up to 90 days
Cancellation reason / feedbackRetained indefinitely in anonymized form (organization identifier nullified at Account deletion) for product analytics
Legal-acceptance audit records (terms_acceptances)Retained indefinitely as the legal evidence chain, with organization identifier anonymized at Account deletion where the underlying organization no longer exists
Free-trial anti-abuse hash (trial_grants)Retained indefinitely as a one-way, irreversible HMAC-SHA256 hash of the account owner's email address (the plaintext email is never stored). This minimal record contains no reversible personal data and is kept as a fraud-prevention measure to enforce our one-time free-trial limit across account deletion and re-registration.
Database backups (weekly snapshots)MoldMind-operated weekly database snapshots, pruned on a rolling schedule (currently approximately 8 weeks); once a snapshot expires it is no longer recoverable
Media backups (disaster-recovery mirror of uploaded photos, audio, documents, branding, and report files)Maintained by MoldMind on an append-only basis for disaster recovery and not currently subject to automatic expiry; access-restricted and used solely to restore the Service after data loss

When the retention period expires, we delete or de-identify the data using commercially reasonable methods. MoldMind maintains its own operational backups for disaster recovery: (a) weekly database snapshots, which are pruned on a rolling schedule (currently approximately eight weeks), after which the data in an expired snapshot is no longer recoverable; and (b) a media backup mirror of uploaded files (photos, audio, documents, branding, and report PDFs), which is maintained on an append-only basis and is not currently subject to automatic expiry. As a result, copies of uploaded files may persist in our disaster-recovery media mirror beyond the deletion of the corresponding live records and beyond the database-snapshot window. These backups are access-restricted, are used solely to restore the Service following data loss, and are not used for any operational, analytics, or AI-training purpose. We are evaluating retention limits for the media backup mirror; to confirm backup handling for a specific deletion request, contact privacy@moldmindai.com.

12. Your Privacy Rights

Subject to applicable law and to verification of your identity, you have the following rights with respect to personal data we hold about you as a controller. Where we process personal data as a processor for one of our customers, please direct your request to that customer; we will assist them with the response.

12.1 Universal rights we honor

  • Access. Request a copy of the personal data we hold about you.
  • Correction. Ask us to correct inaccurate or incomplete personal data.
  • Deletion. Ask us to delete your personal data, subject to retention requirements and our right to retain data for ongoing legal obligations, fraud prevention, or defense of legal claims.
  • Export / Portability. Receive a copy of personal data you provided to us in a structured, commonly used, machine-readable format. Available in-Service via Settings → Account → Export.
  • Object / Restrict. Object to or request restriction of certain processing (such as processing based on legitimate interests).
  • Withdraw consent. Where processing relies on your consent, withdraw it at any time without affecting prior processing.
  • Non-discrimination. We will not discriminate against you for exercising any of these rights.

12.2 California (CCPA / CPRA)

California residents have the rights above, plus the right to (a) know the categories of personal information collected, sources, purposes, and recipients; (b) opt out of any "sale" or "sharing" of personal information for cross-context behavioral advertising; and (c) limit the use of "sensitive personal information."

We do not sell personal information for monetary consideration, and we do not share personal information for cross-context behavioral advertising. To exercise California rights or to designate an authorized agent, email privacy@moldmindai.com.

12.3 Connecticut (CT Data Privacy Act and Public Act 25-44)

Connecticut residents have rights of access, correction, deletion, portability, and to opt out of targeted advertising, the sale of personal data, and profiling in furtherance of decisions producing legal or similarly significant effects. Connecticut residents may also appeal a denial of a privacy rights request by emailing privacy@moldmindai.com. If we fail to take action on the appeal, you may contact the Connecticut Attorney General at https://portal.ct.gov/AG.

12.4 European Economic Area, United Kingdom, Switzerland

In addition to the universal rights above, you have the right to lodge a complaint with a supervisory authority. A list of EEA supervisory authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en. UK residents may contact the Information Commissioner's Office at https://ico.org.uk.

12.5 How to exercise your rights

Email privacy@moldmindai.com with your request. We will respond within forty-five (45) days (or as required by applicable law). We may need to verify your identity using information already in our records before we act on a request.

13. International Data Transfers

MoldMind is based in the United States, and our sub-processors operate primarily from data centers in the United States. If you access the Service from outside the United States, your personal data will be transferred to, stored, and processed in the United States and other jurisdictions that may have data-protection rules different from those in your country.

Where personal data is transferred from the European Economic Area, United Kingdom, or Switzerland to a country that has not been deemed to provide an adequate level of protection by the European Commission or the UK Information Commissioner's Office, we rely on appropriate safeguards including:

  • Standard Contractual Clauses ("SCCs") approved by the European Commission, in the Module Two (Controller-to-Processor) form where the customer is the controller and MoldMind is the processor, supplemented by the UK International Data Transfer Addendum for UK-origin transfers and the Swiss FDPIC-approved version where applicable.
  • Supplementary measures including encryption in transit (TLS), encryption at rest, role-based access controls, audit logging, and contractual restrictions on sub-processors.
  • EU-US, Swiss-US, and UK Extension Data Privacy Framework certifications of our sub-processors where available.

Where you require a copy of the SCCs as applied to your account, contact privacy@moldmindai.com.

14. Account Deletion and Data Removal

You may delete your Account via Settings → Account → Delete account. On deletion:

  • The Service schedules your Account for deletion and revokes active sessions.
  • Within a reasonable period, typically not more than thirty (30) days of completion of any read-only export window, customer data tied to your Account is purged from our live database and object storage across the following storage buckets: photos, audio, documents, branding, reports, inspector-signatures. Associated rows in our database (including AI usage logs, credit grants, support feedback, lead records, and other linked tables) are deleted or, for records we are required to retain in anonymized form (such as cancellation feedback or legal-acceptance audit records), have their organization identifier nullified.
  • Inspector-membership-driven cleanup: where a single Inspector is removed from your organization (without the organization itself being deleted), that Inspector's source signature image is purged.
  • Operational backups are handled as described in Section 11: weekly database snapshots are pruned on a rolling schedule (currently approximately eight weeks), while the disaster-recovery media mirror of uploaded files is currently retained on an append-only basis and may therefore contain copies of your uploaded files for a period beyond the deletion of the live records. These backups are access-restricted and used solely for disaster recovery; once a database snapshot expires, the data in it is no longer recoverable.

Account deletion does not delete data that we are required to retain by law (such as billing records for tax purposes). Account deletion also does not delete De-identified Data already created from your data; as described in Section 6 and Terms of Service Section 8, De-identified Data is no longer personal data, is owned by MoldMind, and is retained perpetually.

15. Children's Data

The Service is intended for inspection professionals and is not directed to children. We do not knowingly collect personal data from children under the age of 16. If you believe that we have collected personal data from a child under 16, please contact privacy@moldmindai.com and we will take prompt steps to delete the data. We may impose higher age limits where required by applicable law.

16. Security

We use commercially reasonable administrative, technical, and physical safeguards designed to protect personal data, including:

  • TLS encryption for data in transit and AES-256 (or stronger) encryption at rest via the underlying database and storage providers;
  • Role-based access controls, multi-factor authentication for administrative accounts, and least-privilege access to production systems;
  • Audit logging of administrative and security-relevant actions;
  • Network segmentation, secret rotation, vendor isolation, and rate limiting;
  • Regular security review of code and configuration, with internal testing on changes that affect authentication, authorization, or data flow.

No system is perfectly secure. You are responsible for protecting your credentials and for the security of the devices you use to access the Service.

17. Data Breach Notification

If we become aware of an unauthorized acquisition or access to personal data that compromises the security, confidentiality, or integrity of that data (a "security incident"), we will notify affected customers without undue delay. Where the incident requires notification to a supervisory authority or other regulator under applicable law, we will provide that notification within the deadline required by the applicable law (for example, within seventy-two (72) hours of becoming aware of a qualifying incident under Article 33 GDPR). Where the incident involves personal data we hold as a processor on a customer's behalf, we will notify the customer (controller) without undue delay and assist them in any required notifications to data subjects and regulators.

Our notice will describe (a) the nature of the incident, (b) the categories of data and approximate number of records affected, (c) the likely consequences, and (d) the measures we have taken or propose to take in response.

18. Changes to This Policy

We may update this Privacy Policy from time to time. For changes that are minor or clarifying, we will post the revised Policy with a new "Last updated" date. For changes that are material — for example, expansions to the categories of personal data we collect, new categories of recipients, or material changes to retention periods — we will notify you by email and via an in-Service banner. Where required by applicable law, we will require your acknowledgment of material changes consistent with the Terms of Service before the change takes effect for your Account. Prior versions are available on request.

19. Contact

For privacy questions, complaints, or requests:

MoldMind LLC 2389 Main Street, Suite 100 Glastonbury, CT 06033 United States

privacy@moldmindai.com