OVERVIEW
MindMaking Inc. provides a B2B SaaS platform for conversation intelligence. We act as a data processor for our business customers who are the data controllers.


Important: If you are an end user whose communications are being analyzed (e.g., a customer calling a business that uses MindMaking), your data is controlled by that business, not by us. Contact them directly about your privacy rights.
1. WHO WE ARE
MindMaking Inc. is a conversation intelligence platform that processes audio recordings and emails using AI. We provide services to businesses (our customers), who submit communications data for analysis.


Data Processor: We process data on behalf of our business customers
Data Controller: Our business customers control what data is processed and why
2. WHAT DATA WE COLLECT
From Business Customers:
Account information (name, email, company, billing details)
Communications data they submit (audio, email, text)
Usage data and service analytics


From Website Visitors:
Basic analytics (IP address, browser, pages visited)
Contact form submissions
Cookies for website functionality


From End Users (processed on behalf of customers):
Voice recordings and transcripts
Email content and metadata
Sentiment and conversation insights
3. HOW WE USE DATA
Provide conversation intelligence services
Generate AI-powered transcripts and insights
Improve and develop our platform
Billing and account management
Comply with legal obligations
4. LEGAL BASIS FOR PROCESSING
Business Customers:
Contract performance (providing the service)
Legitimate interests (service improvement)


End Users:
Processed on behalf of our customers per their instructions
Our customers are responsible for obtaining proper consent
5. DATA SHARING
We do NOT sell your data


We share data only with:
Sub-processors necessary to provide the service (cloud, AI providers)
As required by law or court order
With your explicit consent


Complete sub-processor list available at: mindmaking.com/sub-processors
6. DATA RETENTION
Active accounts: Data retained while account is active
Terminated accounts: Data deleted within 30 days
Backups: Deleted within 90 days
Legal requirements: May retain longer if required by law
7. YOUR RIGHTS (GDPR/CCPA)
Business Customers:
Access your data
Request deletion
Request correction
Data portability (vCon format)
Withdraw consent


End Users:
Contact the business that recorded you – they control your data. We assist them in responding to your requests but cannot respond directly.


To exercise rights: Email privacy@mindmaking.com
Response time: Within 30 days
8. SECURITY
Encryption in transit (TLS 1.3) and at rest (AES-256)
Multi-factor authentication
Role-based access controls
Regular security monitoring and testing
Security incident response procedures


Data Breach Notification:
We notify affected customers within 72 hours of discovering a breach
9. INTERNATIONAL DATA TRANSFERS
Data may be processed in the United States. For transfers from EU/EEA/UK:
Standard Contractual Clauses implemented
Supplementary security measures in place
Transfer impact assessments available upon request
10. CHILDREN’S PRIVACY
Our service is not directed to individuals under 16. Our customers are responsible for obtaining parental consent before submitting data of minors.
11. COOKIES
Essential cookies: Required for website functionality
Analytics cookies: Google Analytics with IP anonymization
You can disable cookies in your browser settings
12. CHANGES TO THIS POLICY
We may update this policy with 30 days notice to customers. Material changes will be highlighted. Continued use constitutes acceptance.
13. CALIFORNIA RESIDENTS (CCPA)
Right to know what data we collect
Right to delete your data
Right to opt out of data sales (we don’t sell data)
Right to non-discrimination


To exercise rights: Email privacy@mindmaking.com
14. EU RESIDENTS (GDPR)
Right of access
Right to rectification
Right to erasure (“right to be forgotten”)
Right to restriction of processing
Right to data portability
Right to object


Supervisory Authority: Contact your local data protection authority
15. CONTACT US


MindMaking Inc.
6304 Briarcliff Way
Frederick, MD 21701

Privacy questions: privacy@mindmaking.com
General inquiries: contact@mindmaking.com
Website: https://www.mindmaking.com




For Business Customers:
Contact us at privacy@mindmaking.com for data requests or questions


For End Users:
Contact the business that submitted your data to our platform. They are the data controller and handle your privacy requests.


For EU/EEA Residents:
Contact your local supervisory authority: https://edpb.europa.eu
KEY POINTS SUMMARY
Who We Are:
B2B SaaS platform for conversation intelligence


Our Role:
Data processor for business customers (not data controller)


What We Collect:
Account info, communications data, usage analytics


How We Use It:
Provide AI-powered conversation analysis services


Your Rights:
Access, deletion, correction, portability, opt-out


Security:
Encryption, access controls, 72-hour breach notification


Data Selling:
We do NOT sell your data


End Users:
Contact the business that recorded you, not us




Last Updated: February 1, 2026
Version: 1.0


Complete Privacy Policy available at: https://www.mindmaking.com/privacy