Privacy Policy

This Privacy Policy explains how BridgeMind handles personal information when you use bridgemind.ai, the BridgeMind API, BridgeSpace, BridgeVoice, related downloads, waitlists, events, and support channels.

This policy covers both browser-based services and our desktop applications. Some data is processed on our servers, and some data is stored or processed locally on your device.

• Account and identity data, such as email address, password or social-login flow details, user ID, roles, email-verification status, and subscription tier.
• Billing and subscription data, such as Stripe customer IDs, subscription IDs, plan, status, renewal dates, and limited transaction metadata. We do not store full payment card numbers.
• Product content you create or store with us, such as projects, prompts, agents, agent messages, project knowledge, skills, resources, vocabulary entries, API-key metadata, and related workspace data.
• Communications and submissions, such as contact messages, newsletter and waitlist signups, job applications, bug reports, bug bounty submissions, event registrations, project-sharing submissions, and vibeathon entries.
• Usage, device, and security data, such as IP address, browser and device information, session and CSRF cookies, auth refresh activity, rate-limit and audit logs, and error telemetry.
• Desktop-app local data, such as encrypted sign-in credentials, device fingerprints, local settings, selected microphones, custom dictionaries, local database files, and downloaded Whisper model files.
• AI and audio data when you use AI features. In BridgeVoice local mode, audio is processed on-device. In BridgeVoice cloud mode, audio files and optional prompt/language hints are sent to the BridgeMind API for transcription.

We collect information directly from you when you create an account, buy a subscription, submit a form, create content, or contact us.

We also collect information automatically from browsers, desktop apps, and APIs, including analytics events, security logs, cookie data, and device or app configuration data needed to run the service.

We may receive information from third parties you choose to use with BridgeMind, including authentication providers, payment processors, analytics providers, and AI service providers.

• Provide, secure, maintain, and improve BridgeMind, BridgeSpace, BridgeVoice, and related services.
• Authenticate users, manage accounts, issue and refresh sessions, and enforce subscription or feature-access controls.
• Process purchases, renewals, cancellations, invoices, and customer-support requests.
• Store, sync, and return user content and settings across our web and desktop products where applicable.
• Provide AI features such as cloud transcription, prompt enhancement, and related product functionality you request.
• Detect abuse, spam, fraud, policy violations, and security incidents, including by using CAPTCHA, audit logging, rate limits, and monitoring.
• Analyze usage and product performance, subject to your consent choices where required.
• Comply with legal obligations and enforce our agreements.

BridgeVoice supports both local and cloud processing. In local mode, speech is transcribed on your device using local Whisper models. In cloud mode, audio is transmitted over the network to the BridgeMind API and then to our transcription provider to return text.

BridgePrompt may send the transcript and the code/context you provide to our prompt-enhancement provider so we can rewrite the request for coding workflows.

BridgeSpace and BridgeVoice may also store encrypted sign-in data, settings, model files, dictionaries, and other app state on your device. BridgeSpace may access local folders, files, terminal sessions, clipboard, or system permissions when you invoke those features.

We share information with service providers that help us operate BridgeMind, including infrastructure, authentication, billing, email delivery, analytics, error monitoring, CAPTCHA, and AI providers. Depending on the feature, those providers may include AWS, Stripe, SendGrid, Cloudflare Turnstile, PostHog, Google Analytics, Sentry, Groq, OpenRouter, and OpenAI.

We may also share information when required by law, to protect rights or security, in connection with a merger or asset sale, or with your direction.

We do not currently sell personal information for money.

BridgeMind uses cookies and similar storage technologies for authentication, session security, CSRF protection, preferences, and analytics. Our website stores theme preferences and analytics consent choices in browser storage.

The current web stack includes Google Analytics and PostHog, and analytics collection is gated by the site's consent banner in the browser experience. Desktop apps may store settings locally outside of browser cookies.

We retain personal information for as long as needed to provide the services, maintain legitimate business records, resolve disputes, comply with law, and enforce agreements.

Local desktop-app data remains on your device until you delete it or remove the app. On the server side, deactivated accounts and related data may be purged after our retention window if they are no longer needed.

We use administrative, technical, and organizational safeguards intended to protect personal information. These include encrypted local credential storage in our desktop apps, authentication and session controls, rate limiting, audit logging, access controls, and third-party infrastructure and monitoring tools.

No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

Depending on where you live, you may have rights to access, correct, delete, export, or restrict the use of your personal information, and to appeal certain decisions. You may also have rights relating to cookies, targeted advertising, or sensitive personal information.

You can also manage many data points directly through your account settings, billing portal, local app settings, and operating-system permission controls.

BridgeMind and our service providers may process information in the United States and other countries. Those locations may have data-protection laws that differ from the laws where you live.

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us so we can review and address it.

We may update this Privacy Policy from time to time. If we make a material change, we will update the date above and, when appropriate, provide additional notice.

Privacy questions or requests may be sent to privacy@bridgemind.ai.