Skip to main content
MyBrainBestie

Privacy Policy

Last updated: February 10, 2026

Service: MyBrainBestie

Operator: Stellar Seven Systems LLC

Contact: [email protected]

1. Introduction

MyBrainBestie is a service operated by Stellar Seven Systems LLC ("we," "our," or "us"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our AI wellness companion service. We take your privacy seriously and have designed our systems with data protection as a core principle.

2. Information We Collect

Account Information

  • Email address and display name
  • Account credentials (passwords are hashed, never stored in plain text)
  • Subscription tier and billing information
  • User preferences and settings

Conversation Data

  • Messages you send and receive during conversations with MyBrainBestie
  • Conversation metadata (timestamps, session identifiers)
  • Patterns and insights derived from your conversations (synthesis data)

Usage Data

  • Feature usage patterns (which features you use and how often)
  • Session duration and interaction patterns
  • Device type and browser information (for service optimization)

Synthesis Data

  • Relationship maps and interest profiles derived from conversations
  • Behavioral patterns and emotional trend analysis
  • Proactive insights and suggestions generated for you

3. Google API Data

If you choose to connect your Google account, MyBrainBestie may access the following data through Google APIs. These integrations are entirely optional and can be revoked at any time.

Google Calendar

  • Calendar events (read and write) to help you prepare for your day
  • Event titles, times, descriptions, and locations
  • Used for: daily briefings, calendar preparation insights, scheduling assistance

Gmail (Read-Only)

  • Email subject lines, senders, and urgency indicators
  • Action items detected in emails
  • Email data is cached temporarily (24 hours maximum) and then deleted
  • Used for: email urgency detection, daily briefing, follow-up reminders

Google Tasks

  • Task lists and individual tasks (read and write)
  • Task titles, due dates, and completion status
  • Used for: task management, daily briefing, task nudge insights

MyBrainBestie's use of Google API data complies with the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google data for advertising, do not sell Google data to third parties, and do not use Google data for purposes unrelated to the features described above.

4. How We Use Your Data

  • Personalization: To provide personalized wellness conversations that remember your preferences, relationships, and interests
  • Synthesis: To run nightly analysis that identifies patterns, generates insights, and improves the quality of your interactions
  • Integration Features: To provide calendar, email, and task intelligence when you've opted into those features
  • Proactive Insights: To generate helpful suggestions based on patterns in your conversations (e.g., habit reminders, wellness checks)
  • Service Improvement: To improve our AI models and service quality (see Section 5)
  • Account Management: To manage your subscription, preferences, and authentication

5. AI Processing

MyBrainBestie uses AI models provided by Anthropic (Claude) to process your conversations and generate responses.

  • Your conversations are not used to train AI models. Anthropic does not use API customer data for model training.
  • Conversations are processed in real-time and retained by Anthropic only for the duration necessary to provide the service (typically 30 days for safety monitoring).
  • We use multiple AI model sizes (Claude Sonnet for conversations, Claude Haiku for lightweight tasks like urgency detection) to optimize both quality and cost.

6. Data Security & PHI Protection

We implement robust security measures to protect your personal and sensitive data:

  • Encryption at rest: Sensitive personal health information (PHI) is encrypted using AES-256 (Fernet) encryption before storage
  • Encryption in transit: All data is transmitted over TLS 1.2+ encrypted connections
  • OAuth token protection: Google OAuth tokens are encrypted at rest and never exposed to frontend code
  • Session security: Secure, HTTP-only session cookies with strict SameSite policies
  • Input validation: All user input is validated and sanitized to prevent injection attacks
  • Prompt injection protection: External content (emails, calendar data) is sanitized before AI processing
  • HIPAA-aligned practices: Our data handling follows HIPAA-aligned security and privacy practices

7. Data Retention

Data Type Retention Period
ConversationsWhile your account is active
Synthesis dataWhile your account is active
Email cache24 hours (auto-deleted)
Proactive insights7 days (auto-expired)
Account dataUntil account deletion
After account deletionAll data deleted within 30 days

8. Third-Party Services

We use the following third-party services to provide MyBrainBestie:

  • Supabase: Database and authentication infrastructure (data stored in secure cloud infrastructure)
  • Anthropic: AI language model provider (Claude) for conversation processing
  • Google: Optional Calendar, Gmail, and Tasks integrations (user-authorized)
  • ElevenLabs: Optional voice synthesis for text-to-speech responses (Pro tier)
  • Render: Application hosting platform

Each third-party service has its own privacy policy. We encourage you to review them. We only share the minimum data necessary for each service to function.

9. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Deletion: Request deletion of your account and all associated data
  • Export: Export your conversation history and synthesis data
  • Opt-out: Disable specific features (email intelligence, daily briefing, proactive insights, voice analytics) in your Settings
  • Revoke Google access: Disconnect your Google account at any time through Settings or through your Google Account permissions
  • Correction: Request correction of inaccurate personal data

To exercise any of these rights, please contact us at [email protected].

10. Children's Privacy

MyBrainBestie is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our service or by email. Your continued use of MyBrainBestie after changes are posted constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: