MindMePlay

Privacy Policy

Last updated: 17 July 2026

MindMePlay is a mental conditioning and journaling app for cricketers, including children and young people. We have written this policy in plain language so that players, parents, and guardians can understand it. If anything is unclear, contact us at founder@mindmeplay.com.

1. Who we are

MindMePlay is provided by MINDMEPLAY LTD, a company registered in England and Wales, registered office 51 Kings Square, Taunton TA1 3FN, United Kingdom ("we", "us", "our"). For UK data protection law, we are the data controller, and for India's Digital Personal Data Protection Act we are the Data Fiduciary, for the personal data described in this policy.

ICO registration number: ZC187700

For any privacy question, request, or complaint, contact us at founder@mindmeplay.com.

2. Who can use MindMePlay

How an account is created depends on age:

We do not allow under-18s to register their own accounts. If we learn that a young person has created an account without a parent or guardian, we will remove it.

3. What data we collect

The most important point first

MindMePlay is built local-first. Your journal entries, ratings, game plans, progress, streaks and practice history are stored on your device only, they are not sent to us, and we cannot see them. There is one exception: an adult member may choose to switch on cloud backup (a membership benefit from August/September 2026), which backs up that adult's own profile to our servers. Children's and teenagers' activity data is never backed up to our servers, even within a family membership.

Account information (stored on our servers)

Profile information (stored on our servers)

Date of birth — checked, not kept

When an adult account is created, we ask for a date of birth only to confirm the person is 18 or over. We use it for that check and then discard it; we store only the result of the check (adult confirmed) and a timestamp.

Activity and journaling data (stored on your device)

This data stays on the device, except for an adult's own profile if they switch on cloud backup (see section 7).

Website analytics

We use Google Analytics 4 (GA4) on this website (mindmeplay.com) to understand how visitors use the site — for example, which pages are most visited. GA4 is configured in basic measurement mode only. Analytics cookies are not set until you give consent via the banner shown on your first visit to the site. If you decline, no analytics cookies are set and GA4 does not load. Website analytics are never linked to your app account and never include any journal content. For full details of the cookies we use, see our Cookie Policy at mindmeplay.com/cookies.

Marketing and mailing list

If you sign up to our waitlist or marketing list, we collect your email address. We use it to send you launch notifications and product updates. The lawful basis is your explicit consent, given via an un-pre-ticked opt-in at signup confirmed by a double opt-in email. You can unsubscribe at any time using the link in any email we send. We use MailerLite to manage our mailing list.

Payments and membership

If you buy a Founding Membership, the payment is processed by Apple (App Store) and in future by Google (Google Play). They hold your payment details; we never see your card details. We use RevenueCat to manage subscriptions and confirm membership status: RevenueCat receives a purchase identifier and subscriber identifier linked to your account, the status of your subscription (for example, active or expired), and standard device and platform metadata. RevenueCat does not receive your card details and is never given any journal content. We receive a confirmation of the purchase so we can activate membership on your account.

Usage analytics

What we do NOT collect

We do not collect precise location. We never see your card details. We do not use crash-reporting SDKs that share data with third parties, and we do not use advertising trackers. We do not access contacts, photos, or the microphone for journaling. Audio guidance is pre-recorded and bundled with the app — using it does not send any data to a voice provider.

4. How we use data

PurposeExamples
Provide the appCreate and manage accounts and profiles; save journal entries and progress (on your device).
Provide membership you boughtActivate and manage your Founding Membership.
Optional cloud backup (adults, from August/September 2026)Back up an adult member's own profile data, with their explicit consent (section 7).
Personalise the experienceShow age-appropriate content and adjust guidance to the player's profile.
Improve the appUnderstand which features help players, using aggregated product analytics.
Keep accounts secureAuthenticate sign-in and protect parental settings.
Communicate with youRespond to support and privacy requests.
Website analyticsUnderstand how visitors use mindmeplay.com, using GA4 in basic mode with your consent.
Marketing communicationsSend launch notifications and product updates to mailing list subscribers, with their consent.

5. Legal bases (UK) and grounds (India)

6. Children's and young people's privacy

We take the privacy of young athletes seriously and follow the UK GDPR and the UK Age-Appropriate Design Code (Children's Code), India's Digital Personal Data Protection Act, and, for users in Australia, the Privacy Act 1988 and the Australian Privacy Principles. MindMePlay is not currently offered in the United States or the European Economic Area; if we make the app available there, we will meet the applicable requirements, including the US Children's Online Privacy Protection Act (COPPA), before doing so and will update this policy.

If you are a parent or guardian with any concern about your child's data, contact us at founder@mindmeplay.com.

7. Cloud backup for adult members (from August/September 2026)

Adult members can choose to back up their own profile's activity data — journal entries (including free text), ratings, streaks and practice history — to our servers, so it survives a change of device. Because a personal journal can reveal information about your wellbeing, we treat this as sensitive and switch it on only with your explicit consent, asked separately when you turn backup on, naming exactly what will be stored. You can withdraw at any time in settings: backup stops, and you can ask us to delete the server copy. Backed-up data is encrypted in transit and at rest. Children's and teenagers' profiles are excluded from cloud backup.

8. Who we share data with

We do not sell personal data. We share data only with service providers that help us run the app, under agreements that require them to protect it:

We may disclose data if required by law, or to protect users' safety.

9. Where data is stored

Personal data in our own database is stored in the United Kingdom (Supabase, AWS eu-west-2 region, London). PostHog (product analytics), MailerLite (mailing list), and MailerSend (transactional email) host their data in the European Union. Some service providers that support payments, subscriptions, email delivery, and website analytics (Apple, Google, RevenueCat, MailerSend, and Google Analytics) may process limited account, subscription, or analytics data outside the United Kingdom and the European Union, under appropriate contractual safeguards including Standard Contractual Clauses and the UK International Data Transfer Addendum. If you use MindMePlay from India or elsewhere, your account data in our database is stored in the United Kingdom under appropriate safeguards. We do not transfer personal data to any country restricted under applicable law. On-device data stays on your device.

10. How long we keep data

We keep personal data while an account is active. If an account or profile is deleted, we delete the associated personal data (backups purge within 90 days), except where we must keep limited information to meet legal obligations, for example, consent records are retained for six years after account closure as evidence of lawful processing. You can ask us to delete data at any time.

11. Your rights

Depending on where you live, you may have the right to: access the data we hold about you or your child; correct it; delete it; object to or restrict certain processing; withdraw consent at any time (as easily as you gave it); request a portable copy; and, in India, nominate someone to exercise your rights if you are unable to.

To exercise any right, email founder@mindmeplay.com. For children's data, requests can be made by the managing parent or guardian. We aim to respond within one month (UK) and to resolve grievances within 90 days (India). UK users may also complain to the Information Commissioner's Office (ico.org.uk); India users may complain to the Data Protection Board of India (section 14); Australia users may complain to the Office of the Australian Information Commissioner (section 15).

12. Security

We use appropriate technical and organisational measures to protect personal data, including encrypted connections (TLS in transit, AES-256 at rest), secure authentication with multi-factor authentication on all service accounts, and access controls. We are adding app-level encryption of on-device data and will update this policy when it ships. No system can be guaranteed completely secure, but if a breach affects your personal data we will inform you, and the relevant authority, as the law requires.

13. Changes to this policy

We may update this policy as the app develops. When we make a significant change, we will update the date at the top and, where appropriate, notify users in the app; material changes affecting a child's data will be notified to the consenting parent.

14. India — additional information (DPDP)

For users in India, MINDMEPLAY LTD is the Data Fiduciary under the Digital Personal Data Protection Act 2023 and the DPDP Rules. The data and purposes are itemised in sections 3 to 4; your rights are in section 11. Grievance contact: founder@mindmeplay.com (Grievance Officer: the Founder, MINDMEPLAY LTD), we resolve grievances within 90 days. You may also complain to the Data Protection Board of India, whose complaint channel we will publish as it is operationalised. You can withdraw consent at any time via the app or by email. We obtain verifiable parental consent before processing any child's data, and we do not undertake behavioural monitoring of, or targeted advertising to, children. This notice is provided in English; contact us if you need help accessing it in another language.

15. Australia — additional information (Privacy Act)

For users in Australia, MINDMEPLAY LTD handles personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). The data we collect and the purposes are itemised in sections 3 to 4; your rights, including access and correction (APPs 12 and 13), are in section 11 and can be exercised via founder@mindmeplay.com.

Overseas disclosure (APP 8): our service providers are located overseas. Account and consent data is hosted in the United Kingdom (Supabase, AWS eu-west-2, London); product analytics (PostHog), our mailing list provider (MailerLite), and our transactional email provider (MailerSend, a US company with data hosted in the European Union, Google Cloud Belgium) host data in the European Union; our subscription platform (RevenueCat) is hosted in the United States, alongside Apple and Google for app distribution and payments. Before disclosing personal information to these providers we take reasonable steps to ensure they handle it consistently with the APPs, through binding data processing agreements and contractual safeguards including Standard Contractual Clauses and the UK International Data Transfer Addendum.

Complaints: contact us first at founder@mindmeplay.com and we will respond as set out in section 11. If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

16. Contact us

MINDMEPLAY LTD · 51 Kings Square, Taunton TA1 3FN, United Kingdom · founder@mindmeplay.com

Cookie Policy: mindmeplay.com/cookies