Privacy Policy

Effective July 5, 2026

1. Introduction

Hivemind Inc. ("Hivemind," "we," "us," or "our") operates the Hivemind investment-intelligence platform, available on the web at hivemind.inc and as the Hivemind iOS app (together, the "Service"). This Privacy Policy describes the information we collect, how we use and protect it, and the choices you have regarding your information.

By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information

When you create an account, our authentication provider (Clerk) collects your email address, name, and authentication credentials. We receive a unique user identifier from Clerk that we use to associate your data with your account. If you sign in with a third-party provider such as Sign in with Apple or Google, we receive the name and email address (or Apple's private-relay email) that you authorize that provider to share.

Financial Account Data

If you connect a brokerage or investment account, we use Plaid Inc. to securely access information from your financial institution. Through Plaid, we receive:

  • Account information — account type (brokerage, IRA, 401(k), etc.), account names, account numbers (masked to last 4 digits), and current balances.
  • Holdings — the securities you hold (tickers, CUSIPs, ISINs), quantities, market values, and cost basis where reported by your institution.
  • Investment transactions — up to 24 months of transaction history (buys, sells, dividends, interest, fees, transfers).
  • Access tokens — long-lived credentials issued by Plaid that allow us to refresh your data on your behalf. These are stored encrypted at rest (see Section 6).

We do not receive your banking credentials (username, password, MFA codes). Plaid handles authentication directly with your institution. Plaid's use of your information is governed by its own End User Privacy Policy.

Access is read-only. Hivemind cannot initiate trades, transfers, or any other transactions on your accounts.

Portfolio and Preference Data

If you build a portfolio manually (instead of or in addition to connecting via Plaid), we store the tickers, weights, and any display preferences you set.

Purchase and Subscription Data

Hivemind offers paid subscriptions. Depending on where you subscribe, your purchase is processed by a different provider, and we receive only limited information:

  • On the web, payments are processed by Stripe. Stripe collects and processes your payment-card details directly; we receive your subscription status, plan tier, and billing metadata, but we do not receive or store your full card number.
  • In the iOS app, purchases are made through Apple In-App Purchase and managed on our side by RevenueCat. Apple processes the payment through your Apple ID; we and RevenueCat receive purchase and receipt data (product identifier, transaction and subscription identifiers, purchase/expiration dates, and renewal status). We do not receive your Apple ID password or payment-card details.

Usage, Device, and Analytics Data

We collect analytics about how you interact with the Service (pages and screens visited, features used, errors encountered, and, in the app, basic device and diagnostic information) via Google Analytics and PostHog. In the iOS app we also collect crash reports and error diagnostics (device model, OS version, and the state of the app when an error occurred) via Sentry so we can find and fix problems. This data is used to operate and improve the Service. It is not combined with your financial account contents, and we do not use it to track you across other companies' apps or websites.

3. How We Use Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Generate personalized intelligence about your portfolio (institutional ownership context, supply-chain exposure, news signals)
  • Sync your latest holdings and transactions from connected institutions
  • Process subscriptions and manage plan entitlements and access
  • Communicate with you about your account, updates, and security
  • Detect and prevent fraud or unauthorized access
  • Comply with legal obligations

We do not sell or share your personal information or financial account data to third parties for advertising or their own marketing.

4. Third-Party Services

We rely on the following third-party services to deliver the Service. Each operates under its own privacy policy:

  • Plaid — financial account connectivity (End User Privacy Policy)
  • Apple — In-App Purchase and Sign in with Apple for the iOS app. Purchases through the App Store are also subject to Apple's privacy practices.
  • RevenueCat — in-app subscription management and receipt validation
  • Stripe — payment processing for web subscriptions
  • Clerk — user authentication
  • Google Cloud Platform — hosting, databases, key management
  • OpenAI — language model used to generate brief narratives. We send only aggregated portfolio metadata and article text, never raw financial account data, account numbers, or access tokens.
  • Google Analytics & PostHog — product analytics
  • Sentry — crash reporting and error diagnostics for the iOS app

5. Cookies and Similar Technologies

On the web, we and our analytics providers use cookies and similar technologies to keep you signed in, remember your preferences, and understand how the Service is used. You can control cookies through your browser settings; disabling them may affect functionality such as staying signed in. The iOS app does not use browser cookies but may use device identifiers for analytics and diagnostics as described above.

6. Data Storage and Security

Your data is stored in Google Cloud Platform infrastructure located in the United States.

Encryption at rest: Plaid access tokens are encrypted using KMS envelope encryption — a per-record data encryption key (AES-256-GCM) encrypts the token, and that key is itself encrypted by a hardware-backed key managed by Google Cloud KMS. Decryption requires authorized service-account credentials, and every decryption is audit-logged.

Encryption in transit: All communication between your browser or the app, our servers, and third-party services occurs over HTTPS (TLS 1.2 or higher).

We restrict access to your information to employees and contractors who need it to operate the Service, and we maintain administrative, technical, and physical safeguards consistent with industry standards.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account info: retained until you delete your account.
  • Financial account data (holdings, transactions, access tokens): retained until you disconnect the institution or delete your account, whichever comes first.
  • Subscription and billing records: retained as required for tax, accounting, and legal purposes even after cancellation.
  • Aggregated analytics: retained indefinitely in anonymized form.
  • Webhook audit logs (records of automated data updates from Plaid): retained for operational and security purposes.

We may retain certain information longer when required by law, for fraud prevention, or to enforce our Terms of Service.

8. Your Rights and Choices

Disconnecting a Financial Account

You can disconnect any connected institution at any time from your Settings. When you disconnect:

  • We call Plaid's /item/remove endpoint to terminate access on Plaid's side.
  • Your access token is invalidated and removed from our database.
  • All associated holdings, transactions, and account records are deleted (cascade delete via foreign-key constraints).

Deleting Your Account

You can delete your Hivemind account at any time — directly in the iOS app and from your Settings on the web. Account deletion triggers /item/remove for every connected institution and removes your portfolio, preferences, and cached briefs. Audit-log entries may be retained in de-identified form for security and compliance.

Managing Your Subscription

You can cancel a web subscription from your billing settings. For iOS subscriptions purchased through Apple, manage or cancel at any time in your Apple ID Account Settings on your device (deleting the app does not cancel a subscription). See our Terms of Service for full billing terms.

Access, Correction, and Portability

You may request a copy of the information we hold about you, or ask us to correct or delete specific information, by emailing team@hivemind.inc. We respond to verified requests within 30 days.

Revoking Plaid Access

In addition to disconnecting through Hivemind, you can revoke Plaid's access to your financial institution directly via Plaid's consumer portal at my.plaid.com.

9. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you the right to know what personal information we collect, to request access to or deletion of that information, and to correct inaccurate information. Hivemind does not sell or share your personal information as those terms are defined under California law. You will not be discriminated against for exercising these rights. To make a request, email team@hivemind.inc.

10. Children

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

11. International Users

The Service is operated in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective" date at the top of this page and, for material changes, notify you by email or through the Service.

13. Contact Us

Questions about this Privacy Policy or our privacy practices? Email us at team@hivemind.inc.