Privacy Policy

Last updated: 13 May 2026

What we collect

• Phone number, for OTP-based authentication. Stored encrypted. Never shown to other users.
• Email, only if you sign in with Google. Never shown to other users.
• Mentor verification documents (Aadhaar last-4-and-hash, ID images). Stored encrypted on Cloudflare R2. Hash is retained even after account deletion to enforce the mentor denylist.
• Profile data you provide during onboarding (year, stage, languages, etc.). Used to compute your anonymous display handle and letter avatar.
• Messages and journal entries you write inside the app. End-to-end ciphering is on the v1.1 roadmap; for MVP, content is encrypted at rest but visible to Mento administrators for moderation only.
• Usage analytics via PostHog. Autocapture is disabled. We track funnel events keyed by your anonymous user UUID only — never your phone or email.
• Error reports via Sentry, redacted of PII fields (phone, email, Aadhaar) before transmission.

What we never do

• Show your phone, email, or real name to other users.
• Sell your data to third parties.
• Store payment card details — Razorpay handles checkout.
• Use third-party advertising trackers.

Data retention

Account data is retained for as long as your account is active. On deletion request, we erase personal data within 30 days, with two exceptions: (1) the hash of your Aadhaar number (if you applied as a mentor and were banned) is retained permanently to prevent re-application; (2) anonymized analytics events are kept indefinitely.

Your rights

Under Indian data protection norms you can request access, correction, or deletion of your data. Email privacy@mento.in. We respond within 30 days.

Contact

Questions or concerns: privacy@mento.in.