Back to home

Privacy Policy

Last updated: March 12, 2026

1. Introduction

Appligon ("Company", "we", "us") operates Mimiq. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email address, password.
  • Payment information: processed by Stripe; we do not store full card details.
  • Platform credentials: encrypted session data for connected platforms (OnlyFans, Fansly, Fanvue).
  • AI configuration: tone profiles, banned words, custom instructions.

2.2 Information Collected Automatically

  • Usage data: pages visited, features used, interaction patterns.
  • Device information: browser type, operating system, screen resolution.
  • Log data: IP address, access times, error logs.
  • Cookies and similar technologies (see Section 7).

2.3 Information from Connected Platforms

  • Fan profiles: usernames, subscription status, spending history.
  • Messages: message content synced for AI processing.
  • Revenue data: tips, PPV purchases, subscription information.

3. How We Use Your Information

  • Provide, maintain, and improve the Service.
  • Generate AI-powered message drafts based on conversation context.
  • Calculate analytics, revenue attribution, and performance metrics.
  • Process payments and manage subscriptions.
  • Send transactional emails (account verification, billing, security alerts).
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.

4. AI Processing

Message content is processed by third-party AI providers (OpenAI, Google AI) to generate reply suggestions. We send conversation context (recent messages, fan profile data) to these providers. We do not use your data to train AI models. Our AI providers process data under strict data processing agreements.

All AI-generated content passes through our SafetyFilter pipeline before being presented to you. SafetyFilter logs are retained for 1 year for audit and safety purposes.

5. Data Security

  • Platform session data is encrypted at rest using AES-256-GCM.
  • Passwords are hashed with bcrypt (cost factor 12).
  • All data in transit is encrypted with TLS 1.2+.
  • Access tokens expire after 15 minutes; refresh tokens after 7 days.
  • We use Sentry for error monitoring (PII is scrubbed from error reports).

6. Data Sharing

We share your data with:

  • AI Providers (OpenAI, Google AI): conversation data for reply generation.
  • Stripe: payment processing.
  • Sentry: error monitoring (no PII).
  • AWS: infrastructure hosting (data processing agreement in place).

We do not sell your personal data to third parties. We may disclose information if required by law or to protect our rights.

7. Cookies

We use the following types of cookies:

  • Essential cookies: authentication tokens, session management. Required for the Service to function.
  • Analytics cookies: usage patterns, feature adoption. Help us improve the Service.

You can manage cookie preferences through the cookie consent banner displayed on first visit.

8. Data Retention

  • Account data: retained while your account is active.
  • Messages and fan data: retained while your account is active.
  • SafetyFilter logs: retained for 1 year.
  • Billing records: retained for 7 years (legal requirement).
  • Upon account deletion: personal data is deleted within 30 days.

9. Your Rights (GDPR / CCPA)

You have the right to:

  • Access: request a copy of your personal data.
  • Rectification: correct inaccurate personal data.
  • Erasure: request deletion of your personal data.
  • Portability: export your data in a machine-readable format.
  • Objection: object to processing based on legitimate interests.
  • Restriction: request limitation of processing.

To exercise these rights, contact us at privacy@getmimiq.com or use the data management features in Settings. We will respond within 30 days.

10. International Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.

11. Children's Privacy

The Service is not intended for individuals under 18. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top indicates the most recent revision.

13. Contact

For privacy-related inquiries, contact our Data Protection Officer at privacy@getmimiq.com.