Privacy Policy
Effective Date: November 8, 2025 | Last Updated: November 8, 2025
Introduction
Welcome to MeasureMint ("we," "our," or "us"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your information. This Privacy Policy explains our practices regarding data collection when you use our measurement application for Miro boards.
Contact Information:
- Company: MeasureMint
- Website: https://measuremint.app
- Support Email: support@measuremint.app
1. Information We Collect
1.1 Information You Provide
Miro Authentication:
- Miro user ID (for authentication and authorization)
- Miro board access permissions
- OAuth tokens (securely encrypted and stored)
Support Requests:
- Name and email address (when you contact support)
- Support inquiry details and correspondence
- Technical information about issues you report
1.2 Information Automatically Collected
Usage Data:
- Measurement interactions (calibration points, distance measurements)
- Unit preferences (Imperial vs Metric)
- Feature usage patterns (anonymized)
- Application performance metrics
Technical Data:
- Browser type and version
- Operating system
- IP address (anonymized for analytics)
- Device type
- Session duration
1.3 Information We Do NOT Collect
- ❌ We do not read, access, or store your Miro board content
- ❌ We do not collect personal identification beyond what's required for authentication
- ❌ We do not track you across other websites or applications
- ❌ We do not sell or rent your personal information to third parties
- ❌ We do not use cookies for advertising or tracking purposes
2. How We Use Your Information
We use the collected information for the following purposes:
Service Delivery:
- Authenticate your access to MeasureMint through Miro
- Save your measurement preferences and calibration settings
- Place measurement markers on your Miro boards
- Provide accurate distance calculations
Service Improvement:
- Analyze usage patterns to improve features
- Identify and fix technical issues
- Optimize application performance
- Develop new measurement tools
Communication:
- Respond to your support inquiries
- Send important service updates or security notices
- Notify you of new features (if you opt-in)
3. Data Storage and Security
3.1 Where We Store Data
OAuth Tokens:
- Stored in encrypted SQLite database on our secure servers
- Located in: United States (Vercel infrastructure)
- Encrypted at rest using AES-256 encryption
Measurement Data:
- Stored temporarily in browser session storage
- Calibration settings saved to Miro board metadata
- No permanent server-side storage of measurement data
3.2 Security Measures
We implement industry-standard security practices:
- ✅ Encryption in Transit: All data transmitted over HTTPS/TLS 1.3
- ✅ Encryption at Rest: Sensitive data encrypted using AES-256
- ✅ Access Controls: Limited access to production systems
- ✅ Regular Updates: Security patches applied promptly
- ✅ Secure Infrastructure: Hosted on Vercel with enterprise-grade security
- ✅ No Plain Text Storage: Passwords and tokens never stored in plain text
4. Data Sharing and Disclosure
4.1 Third-Party Services
We use the following third-party services:
Miro Platform:
- Purpose: Core app functionality, authentication, board access
- Data Shared: User ID, OAuth tokens, board IDs
- Privacy Policy: https://miro.com/legal/privacy-policy/
Vercel (Hosting):
- Purpose: Application hosting and delivery
- Data Shared: Technical logs, performance metrics
- Privacy Policy: https://vercel.com/legal/privacy-policy
Resend (Email Delivery):
- Purpose: Support email delivery
- Data Shared: Name, email address, support inquiry content
- Privacy Policy: https://resend.com/legal/privacy-policy
Microsoft Clarity (Analytics):
- Purpose: Website analytics, user behavior tracking, heatmaps, and session replay to improve our products and services
- Data Captured: Behavioral metrics, heatmaps, session replays, click patterns, scroll depth, and website usage data
- Technology: First and third-party cookies and tracking technologies
- Use Cases: Site optimization, fraud/security purposes, product improvement, and understanding user interactions
- Privacy Policy: Microsoft Privacy Statement
Note: We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
4.2 When We May Disclose Information
We may disclose your information only in these limited circumstances:
- With Your Consent: When you explicitly authorize us to share data
- Legal Requirements: To comply with court orders, subpoenas, or legal processes
- Safety and Security: To protect rights, property, or safety of MeasureMint, users, or public
- Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
5. Data Retention
OAuth Tokens:
- Retained while you have an active session
- Automatically deleted when you revoke access in Miro
- Deleted upon your request
Measurement Data:
- Calibration settings stored in Miro board metadata (under your control)
- Session data cleared when you close your browser
- No long-term server-side retention
Support Correspondence:
- Retained for 2 years for customer service purposes
- Deleted upon request (subject to legal obligations)
6. Your Rights and Choices
You have the following rights regarding your personal information:
6.1 Access and Portability
- Right to Access: Request a copy of your personal data
- Right to Portability: Receive your data in a structured, machine-readable format
6.2 Correction and Deletion
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data
- Right to Revoke: Revoke Miro OAuth access at any time
6.3 How to Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: support@measuremint.app
- Subject Line: "Privacy Rights Request"
- Response Time: Within 30 days
7. Children's Privacy
MeasureMint is not intended for use by children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at support@measuremint.app, and we will delete it promptly.
8. International Data Transfers
MeasureMint is operated from the United States. If you access our service from outside the United States, your information may be transferred to, stored, and processed in the United States.
For EU/EEA Users:
- We comply with applicable data protection laws
- Data transfers use appropriate safeguards (Standard Contractual Clauses)
- You have rights under GDPR (see Section 6)
9. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights:
- Right to Know: What personal information we collect, use, and share
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt-out of sale of personal information (Note: We do not sell personal information)
- Right to Non-Discrimination: Equal service regardless of privacy rights exercise
To Exercise California Rights: Email support@measuremint.app with "California Privacy Rights Request" in the subject line.
10. EU/UK Privacy Rights (GDPR)
Legal Basis for Processing:
- Consent: For optional features and communications
- Contract Performance: To provide the MeasureMint service
- Legitimate Interests: Service improvement, security, analytics
- Legal Obligation: Compliance with applicable laws
Additional GDPR Rights:
- Right to lodge a complaint with your supervisory authority
- Right to withdraw consent at any time
- Right to data portability in machine-readable format
11. Cookies and Tracking
Essential Cookies:
- Session authentication (required for service)
- User preferences (unit settings, UI state)
Analytics:
- Vercel Analytics: Privacy-friendly, cookieless analytics
- Microsoft Clarity: Behavioral analytics, heatmaps, and session replay (uses cookies and tracking technologies - see Section 4.1 for details)
Your Control: You can disable cookies in your browser settings. Disabling cookies may limit functionality.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, legal or regulatory requirements, or new features. When we make significant changes, we will notify you via email (if you've provided contact information) or through a prominent notice in the application.
Continued use of MeasureMint after changes constitutes acceptance of the updated policy.
13. Security Incident Response
In the unlikely event of a data breach:
- We will notify affected users within 72 hours
- We will provide details about the incident and affected data
- We will outline steps taken to prevent future incidents
- We will comply with applicable breach notification laws
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy:
Email: support@measuremint.app
Subject: Privacy Policy Inquiry
Website: https://measuremint.app/privacy
Response Time: We aim to respond within 3-5 business days
15. Acknowledgment
By using MeasureMint, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree, please do not use our service.
Version: 1.1
Effective Date: November 8, 2025
Last Updated: November 17, 2025
Changes: Added Microsoft Clarity disclosure (Section 4.1)