Security
Built to protect your data.
MindAgain is designed with privacy and security as foundational properties, not features added after the fact.
Privacy by design. Not by afterthought.
Encryption
Data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. Your knowledge base, reflections, and habit data are never stored in plaintext.
Access Control
Role-based access controls let you define who can read, edit, or act on each workspace. Agents operate within explicitly scoped permissions you set and can revoke at any time.
Audit Logs
Every agent action, knowledge base edit, and permission change is logged with a timestamp, actor, and context. Logs are immutable and available for review at any time.
Workspace Isolation
Each workspace is logically isolated. Data from one account is never accessible to another. Agent context does not cross workspace boundaries under any circumstances.
Backup & Recovery
Workspace data is backed up on a regular schedule with point-in-time recovery. Backup retention and recovery objectives are detailed in the Business plan agreement.
Incident Response
We maintain an incident response plan with defined escalation paths. In the event of a security incident affecting your data, we notify affected accounts promptly and transparently.
Privacy and data use
MindAgain collects the data you explicitly provide — goals, tasks, habits, reflections, knowledge base content, and account information. We use this data to operate the platform and power your AI Coach and agents within your workspace.
We do not sell your personal data. We do not use your workspace content to train models beyond your own workspace context.
Read the Privacy PolicyReporting a vulnerability
If you discover a security vulnerability in MindAgain, please report it responsibly. Do not exploit the issue or share it publicly before we have had a chance to address it.
security@mindagain.com