privacy policy


Last updated: 24-11-2025

Owned and operated by Greenster, CVR 34109036, Copenhagen, Denmark

Contact: privacy@miigo.app


1. Introduction

This Privacy & Data Protection Policy explains how Miigo collects, uses, stores, and protects personal data.
It is designed to be compliant with the EU General Data Protection Regulation (GDPR) and written in clear, human-readable language.

Miigo is founded on a simple principle: your data belongs to you.
We use a local-first architecture, optional encrypted backup, and user-controlled personalization to ensure privacy, transparency, and control.

By using Miigo, you acknowledge this policy and the rights granted to you under GDPR.


2. Data Controller

The Data Controller responsible for Miigo is:

Greenster
CVR/VAT: 34109036
Copenhagen, Denmark
Email: privacy@miigo.app

Greenster determines the purposes and means of processing personal data in the Miigo mobile app and related services.


3. What Miigo Is & How It Uses Data

Miigo is a personal companion app that provides guidance, reflections, and insights based on information you voluntarily share.

To deliver personalized support, Miigo processes data categories such as:

  • conversations
  • journal entries
  • personality tests
  • mood logs
  • preferences
  • personal insights
  • patterns detected over time

Miigo uses this information only to provide the services you request—never for advertising, never for profiling outside the app, and never for resale.

4. Guiding Principles

Local-first architecture
Almost all personal data remains on your device by default.

Minimal data transfer
Only strictly necessary information is transmitted for generating LLM responses or encrypted backups.

User ownership & control
You control what is stored, synced, or deleted.

No ads, no profiling, no resale
Miigo does not sell user data or share it with advertisers or marketing partners.


5. Categories of Data Processed

Miigo processes the following categories of personal data:

5.1 Data Stored Locally (Default)

Unless you enable cloud sync, the following stays solely on your device:

  • Conversations
  • Memory system (facts, summaries, personality insights, patterns)
  • Journal entries & mood logs
  • Personality test results
  • Local preferences & configuration

This local storage is part of performing the service you request.

5.2 Data Stored With Service Providers (Processors)

Miigo uses external processors strictly for required functionality:

a. Authentication Provider (Clerk)

Clerk stores:

  • email
  • authentication tokens
  • optional profile data

All authentication data is processed under a Data Processing Agreement (DPA).

b. Encrypted Backup Hosting (optional)

If the user enables cloud sync:

  • Only encrypted backup blobs are stored.
  • Neither Greenster nor the hosting provider can decrypt them.
  • Encryption keys never leave your device.

These providers act strictly as data processors, not independent controllers.

5.3 Data Sent to the AI Model (LLM Processing)

To generate personalized responses, Miigo may need to send:

  • your message
  • short relevant conversation snippets
  • memory facts or summaries
  • personality test results
  • mood trends
  • selected journal excerpts
  • insights or patterns
  • other information you voluntarily provided

Purpose of processing

This data is transmitted only to:

  • generate the reply you requested
  • maintain conversational continuity
  • personalize guidance

Data minimization

Miigo never sends your full history or full database.
Only the minimal information needed for that specific reply is transmitted.

LLM retention

Our AI provider may retain processed messages for up to 30 days solely for:

  • abuse detection
  • misuse prevention
  • system monitoring

They are:

  • never used to train models
  • never used for advertising
  • never sold or shared

Your Controls

You may disable or limit:

  • personalization
  • memory usage
  • journal usage
  • mood log context
  • personality insights
  • all contextual data

You may also fully disable memory storage.


6. Optional Cloud Backup & Sync


6.1 How It Works

  1. Your device generates a random encryption key.
  2. All user data selected for backup is encrypted locally.
  3. Encrypted blobs are stored by our hosting provider.
  4. Miigo cannot decrypt any of this data.

6.2 Key Management

  • Key is stored in iCloud Keychain (iOS) or Google’s Secure Keychain (Android).
  • Miigo never sees the key.
  • Only your devices can decrypt your backup.

6.3 Data Eligible for Backup

  • conversations
  • journal entries
  • memory system
  • mood logs
  • personality results
  • settings

Users can choose categories to include or exclude.

6.4 Cross-Device Sync

When you install Miigo on another device:

  • the OS syncs your encryption key
  • Miigo downloads encrypted data
  • your device decrypts it locally

6.5 Deletion

You can delete your cloud backup anytime.
This permanently removes all encrypted data from our hosting provider.


7. Legal Basis for Processing (GDPR Articles 6 & 9)

Miigo processes data under the following bases:

Performance of a contract (Art. 6(1)(b))

Required to:

  • provide chat responses
  • maintain memory and personalization functions
  • deliver the Miigo service you requested

Consent (Art. 6(1)(a))

Required for:

  • optional personalization
  • optional encrypted cloud sync
  • optional use of additional data categories

You may withdraw consent anytime.

Legitimate interests (Art. 6(1)(f))

Used for:

  • app security
  • abuse prevention
  • maintaining service stability

Legal obligation (Art. 6(1)(c))

If required to comply with law or regulatory requests.

Special Category Data (Art. 9 GDPR)

If you voluntarily provide sensitive information (e.g., mental health reflections), processing is based on explicit consent through deliberate user input.


8. Data Security Measures

Miigo applies industry-standard protections:

  • TLS/HTTPS for all network communication
  • encrypted local SQLite database (when supported)
  • end-to-end encryption of cloud backups
  • no analytics SDKs
  • no advertising or tracking technologies
  • restricted internal access
  • documented data access logs
  • strict Data Processing Agreements with providers

Your data is never used beyond delivering Miigo’s features.


9. Data Retention

Data TypeRetention

Location

Local app data

Until user deletes itDeviceEncrypted backupsUntil user deletes themHosting provider (processor)Account dataUntil account deletionClerkLLM request messagesUp to 30 daysAI providerTechnical logsMinimal, non-identifyingService providers


10. Your Rights Under GDPR

You have the right to:

  • access your data
  • correct inaccurate data
  • delete your data
  • export your data (data portability)
  • restrict processing
  • object to processing
  • withdraw consent at any time
  • delete cloud backups
  • delete your Miigo account
  • disable personalization and memory

To exercise your rights, email: privacy@miigo.app


11. Children’s Data

Miigo is not intended for children. We do not knowingly process data of individuals below the legal age of digital consent in their country. If such data is discovered, it will be deleted.


12. Complaints

If you believe Miigo is processing your data unlawfully, you may contact the Danish Data Protection Agency:

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby
Denmark
www.datatilsynet.dk

You may also contact your local EU supervisory authority.

13. Changes to This Policy

We may update this policy periodically.The “Last updated” date will reflect the newest version.For significant changes, users will be notified in the app.

Company
AboutContact
Privacy and terms
PrivacyTerms
Social
InstagramTikTok