IQMindware

Train general intelligence, then prove carryover.

Privacy Policy

Privacy by design

Controller: HRP Lab Ltd Last updated: 7 March 2026 Contact: admin@iqmindware.com

IQMindware is local-first where possible, publishes aggregate evidence only, and follows an open-methods, protected-execution model. This policy explains how data is handled across local and hosted phases.

Privacy at a glance
💻

Local-first by default

Core training flows can run without mandatory cloud upload in local mode.

💾

User-controlled export

Users control export/import of their own trail where app controls are available.

📊

Aggregate publication only

Published evidence uses aggregate summaries. Personal raw logs are not published.

👀

Open methods, protected execution

Protocol logic and governance are inspectable; runtime code and anti-gaming logic are protected.

Last updated: 7 March 2026
1.

Who we are

IQMindware is operated by HRP Lab Ltd (controller for this site and services).

ControllerHRP Lab Ltd (IQMindware)
General privacy contactadmin@iqmindware.com
Direct contactmark@iqmindware.com
2.

Data we collect

Depending on your use path, we may process the following categories:

  • Contact and account data (email, purchase and access records).
  • Usage markers (session timestamps, app outputs, completion states).
  • Technical and security logs (request metadata, error logs, abuse-prevention signals).
  • Support and coaching admin data (messages, booking metadata, order references).
We do not publish personal raw logs in public evidence outputs.
3.

How we use data

  • Deliver purchased plans, apps, and coaching access.
  • Provide support, account recovery, and service communications.
  • Maintain reliability, security, and abuse protection.
  • Produce aggregate evidence summaries and transparency reporting.
  • Meet legal and accounting obligations.
4.

Phase A: local-first app mode

Phase A Local-first operation
Local storage
Core training data can be stored in your browser/device storage without mandatory cloud upload.
User export control
Where app controls exist, users can export their own trail and keep local copies.
Important
Clearing browser/app storage can remove locally stored records from that device.
5.

Phase B: hosted mode (Vite, Vercel, Supabase)

Phase B Hosted platform controls
Vite
Used as development/build tooling. It does not itself create a user-tracking data layer by default.
Vercel
Processes standard request/runtime logs needed to host and secure services. Optional analytics features must be configured with privacy-safe settings.
Supabase
Backend services may include auth/database/storage with access controls such as Row Level Security. Transport security (HTTPS/TLS) and platform encryption controls are used where supported.
6.

Kastel Stack data use and transparency

Kastel Stack workflows support operations and transparency reporting under review gates.

Aggregate publication only: no user-level public tables.
Suppression rules: low-count and complementary suppression applied before publication.
No free-text identifiers: personal content is excluded from published outputs.
Human approval gate: publication is reviewed before release.
Proof data summaries Open methods repository
7.

Lawful bases

Depending on context, we rely on contract, legitimate interests, consent (where required), and legal obligation.

8.

Sharing and processors

Data is shared only with service providers needed to deliver hosting, payments, scheduling, communications, and support workflows.

We do not sell personal data.

9.

International transfers

If transfers occur outside your jurisdiction, we use processor safeguards and contractual controls appropriate to applicable law.

10.

Retention

Personal data is retained only as long as necessary for delivery, support, security, and legal/accounting duties.

Published proof outputs are retained in non-identifying aggregate form.

11.

Security measures

  • Least-privilege access controls and secret management.
  • HTTPS/TLS transport protection.
  • Logging and review for abuse and reliability events.
  • Publication controls for transparency datasets.
12.

Your rights

Where applicable, you can request access, correction, deletion, restriction, objection, portability, and consent withdrawal.

🔎Access and copy
Correction
🗑Deletion
📦Portability
Objection / restriction
Contact controller

Send requests to admin@iqmindware.com.

13.

Cookies and tracking

Essential technical cookies may be used for security/session operation. Non-essential analytics should only run with appropriate disclosure and controls.

14.

Contact

Privacy requestsadmin@iqmindware.com
General contactmark@iqmindware.com
15.

Policy updates

We may update this policy as services evolve. Material changes are reflected by updating the date at the top of this page.

Boundary reminder: IQMindware is skills training and self-regulation support, not diagnosis or treatment. Outcomes vary. See claims policy and data publication notes.

Proof data Open methods repo