Mentra Home

Privacy

Privacy Policy

How Mentra handles account data, study progress, uploads, and AI study activity.

Last updated: July 10, 2026

What we collect

We collect account information such as email, display name, authentication records, study settings, and preferences.

We store study activity such as focus sessions, XP, streaks, total focus minutes, uploaded study material metadata, AI chats or prompts where supported, generated study material where supported, and app usage needed to operate the product.

Uploads and AI chats

Uploaded files and AI chats may be processed to provide study features such as summaries, flashcards, study plans, and recommendations.

Do not upload files you do not have permission to use. Avoid uploading sensitive personal information unless it is truly needed for studying.

How we use data

We use your data to authenticate your account, save study progress, run Focus sessions, provide AI study help, protect abuse-sensitive features, improve reliability, and respond to support or deletion requests.

AI may make mistakes. Important answers should be checked with a teacher, textbook, or trusted source.

AI providers and storage

AI prompts, uploaded content, and extracted text may be sent to configured AI providers from the server to generate study help. API keys are not exposed to the browser.

Study files should be stored in private user-owned storage with row-level security. Users should not be able to access another user's files or study records.

Retention and deletion

We keep account and study data while your account is active or as needed to operate the service, resolve issues, and meet legitimate business or safety needs.

You can request deletion of account data, uploaded files, flashcards, or chat history through the Data Deletion page or support contact.

Students and guardians

Mentra is built for students. If a user is under the age required to consent to online services in their region, they should use Mentra only with parent or guardian permission.

Do not provide a false age or use another person's account.

Security basics

We use Supabase Auth, Postgres, storage rules, and row-level security patterns to protect user data. No system is perfect, but access should be limited to authenticated users and their own records.

Report security or privacy concerns through the Contact page.