← Back to Home

Privacy Policy

Last updated: February 22, 2026

This Privacy Policy describes how Mirroi ("we," "our," or "us") collects, uses, and protects your information when you use our AI-powered social media engagement platform.

1. Information We Collect

1.1 Information You Provide

We collect information you directly provide to us, including:

  • Account registration information (name, email address, company details)
  • Payment and billing information
  • Profile information and preferences
  • Social media account connections (Reddit, X/Twitter, LinkedIn)
  • Product context and brand information you provide for AI response generation
  • Communications with our support team
  • Feedback, surveys, and other voluntary submissions

1.2 Information We Collect Automatically

When you use our services, we automatically collect:

  • Usage data and analytics (API calls, feature usage, performance metrics)
  • Device information (IP address, browser type, operating system)
  • Log data (access times, pages viewed, actions taken)
  • Social media engagement metrics and performance data
  • Cookies and similar tracking technologies

1.3 Social Media Platform Data

As a social listening platform, we process data from connected platforms:

  • Reddit API data (posts, comments, mentions related to your tracked keywords)
  • X/Twitter API data (tweets, mentions, engagement metrics)
  • LinkedIn API data (posts, mentions, professional discussions)
  • Email integration data (if you connect email for lead tracking)
  • Search queries and keyword tracking metadata
  • Engagement statistics and response performance metrics

1.4 Google User Data

When you authenticate with Google OAuth, we access only:

  • Your email address
  • Your name (basic profile information)

We use this Google user data solely to:

  • Create and authenticate your Mirroi account
  • Display your name in your dashboard
  • Send you important service notifications

We never:

  • Transfer Google user data to third parties
  • Use Google user data for advertising or marketing
  • Allow human access to Google user data (except for security/law compliance)
  • Use Google user data to determine credit-worthiness

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our social listening and AI response generation services
  • Monitor social media platforms for relevant mentions and discussions based on your keywords
  • Generate AI-crafted responses tailored to your product context
  • Track and analyze engagement performance and impact metrics
  • Process payments and manage your subscription
  • Provide customer support and respond to inquiries
  • Ensure security and prevent fraud, spam, and platform manipulation
  • Comply with legal obligations
  • Send important service updates and notifications
  • Develop new features and services

3. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information in the following circumstances:

3.1 Service Providers

We work with trusted third-party service providers who assist us in operating our business, including:

  • Cloud hosting providers (Hetzner)
  • Payment processors (Stripe)
  • Social media platforms (Reddit, X/Twitter, LinkedIn) - only as necessary to access public data you've authorized us to monitor
  • AI/LLM providers (Google Gemini) - for generating response suggestions
  • Authentication services (Google OAuth)
  • Customer support tools
  • Security and monitoring services

3.2 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes or government requests
  • Protect our rights, property, or safety
  • Prevent fraud, spam, or security threats
  • Enforce our Terms of Service

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

3.4 Google User Data Protection

Google user data obtained through OAuth is never:

  • Sold, traded, or rented to any third parties
  • Used for advertising or promotional purposes
  • Combined with data from other sources for profiling
  • Accessed by employees except as required for security incidents or legal compliance

4. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption in transit and at rest
  • Regular security audits and monitoring
  • Access controls and authentication
  • Secure data centers and infrastructure
  • Employee training on data protection

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using industry-standard practices.

Google user data is protected with additional safeguards:

  • Stored separately from other user data
  • Access logging and monitoring
  • Encrypted with industry-standard protocols
  • Limited access controls (only automated systems, no human access)

5. AI and Data Processing

Our platform uses AI (Google Gemini) to generate response suggestions. Here's how it works:

  • We send relevant social media posts/mentions and your product context to Google Gemini API
  • The AI generates suggested responses based on this information
  • You review and approve all AI-generated responses before they're posted
  • We do not train AI models on your proprietary business data without explicit consent
  • Social media content is processed in accordance with each platform's API terms of service

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain accurate financial records

When you close your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain certain information for legal or regulatory purposes.

Google user data is retained only as long as you maintain an active account. Upon account deletion, Google user data is removed within 7 days.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You can request access to your personal information and receive a copy in a structured, machine-readable format.

7.2 Correction and Updates

You can update your account information at any time through your dashboard or by contacting us.

7.3 Deletion

You can request deletion of your personal information, subject to certain legal and legitimate business requirements.

7.4 Social Media Connections

You can disconnect your social media accounts (Reddit, X/Twitter, LinkedIn) at any time through your dashboard settings.

7.5 Marketing Communications

You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and preferences
  • Analyze website traffic and usage patterns
  • Improve our services and user experience
  • Provide security features

You can control cookies through your browser settings, but disabling certain cookies may affect the functionality of our services.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data during international transfers, including:

  • Standard contractual clauses approved by regulatory authorities
  • Adequacy decisions by relevant data protection authorities
  • Other legally recognized transfer mechanisms

10. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will delete such information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email notification to registered users
  • Providing notice through our services

Your continued use of our services after the effective date of any changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: hello@mirroi.com

Support: hello@mirroi.com

Website: https://mirroi.com

Address: IFZA Business Park, Premises No: 37897-001, Dubai Digital Park (DDP), Dubai Silicon Oasis, Dubai, UAE

We will respond to your inquiry within 30 days. For urgent privacy concerns, please mark your email as "URGENT - Privacy Request."

13. Google Limited Use Compliance

Our use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.