← Milestone Millionaire

Privacy

Privacy Policy

Last updated · May 22, 2026

This Privacy Policy explains what data Milestone Millionaire collects, why, how long we keep it, and the rights you have over it. We follow the principles of data minimisation and purpose limitation.

1. Data we collect

  • Account data: email, display name, password hash, OAuth provider IDs.
  • Operator profile: skills, experience, situation answers you provide.
  • Business data: business names, revenue entries, milestone stamps, notes, evidence URLs.
  • AI interactions: chat messages with the AI Coach and inputs sent to the matching engine.
  • Usage data: page views, feature events, IP address, user-agent, approximate location.
  • Billing data: handled by our payment processor; we store only a customer ID and subscription state.

2. How we use it

  • Provide and improve the service (matching, dashboard, coach, health scores).
  • Authenticate you and secure your account.
  • Process payments and manage your subscription tier.
  • Send transactional and (with consent) marketing emails.
  • Detect abuse, fraud, and security incidents.
  • Comply with legal obligations.

3. AI processing

Inputs you submit to AI features are sent to third-party model providers (e.g. Google, OpenAI) via secure APIs to generate responses. We do not allow these providers to train their public models on your inputs. Treat AI features as you would any cloud service: do not paste secrets or regulated data (e.g. health records, payment card data).

4. Legal bases (GDPR)

  • Contract — to deliver the service you signed up for.
  • Legitimate interest — security, fraud prevention, product analytics.
  • Consent — marketing emails, non-essential cookies.
  • Legal obligation — tax, accounting, lawful requests.

5. Sharing

We share data only with sub-processors that help us run the service: hosting, database, AI providers, payment processing, transactional email, and analytics. We do not sell your personal data.

6. Cookies

We use essential cookies for authentication and session management. Where required, we will ask for consent before setting non-essential analytics or marketing cookies.

7. Retention

  • Account & business data — while your account is active, then 90 days after deletion.
  • Chat history — 12 months rolling, unless you delete it sooner.
  • Billing records — 7 years for tax compliance.
  • Server logs — 30 days.

8. Your rights

Subject to applicable law (including GDPR and CCPA), you can request access, correction, deletion, export, or restriction of your personal data, and you can object to certain processing. Email privacy@milestonemillionaire.com and we will respond within 30 days.

9. International transfers

Our infrastructure runs primarily in the United States and the European Union. When data is transferred outside your region, we rely on Standard Contractual Clauses or equivalent safeguards.

10. Security

We use TLS in transit, encryption at rest, Row-Level Security in the database, and strict role separation between client and server keys. No system is perfectly secure — report any suspected vulnerability to security@milestonemillionaire.com.

11. Children

The service is not directed at children under 18 and we do not knowingly collect their data.

12. Changes

We will notify you of material changes by email or in-product. Continued use after the effective date constitutes acceptance.

13. Contact

Data controller: Milestone Millionaire. Email privacy@milestonemillionaire.com.