Mirror

Privacy Policy

Last Updated: May 2026

Mirror is built on three main data objects: decisions, reasoning, and outcomes. The more honestly you use Mirror, the more powerful it becomes. This policy explains what Mirror stores, what it does not store in readable form, and when your content leaves your device.

Mirror is operated by MQ, LLC, a California limited liability company.

1. What Mirror Does Not Store in Plaintext

Mirror does not store readable decision logs, reasoning, expected outcomes, or outcome narratives in the cloud vault. Your data is encrypted in your browser before it is saved to your cloud vault. Mirror stores the encrypted blobs so you can access your history across devices, but Mirror does not store your vault key.

Your employer, team, or workspace does not receive your Mirror reasoning from us.

2. What Mirror Stores

  • Account information, including email, name, role, and a salted password hash
  • Session records needed to keep you signed in
  • Decision metadata, including decision timestamps, update timestamps, check-in dates, and whether an outcome exists
  • Encrypted decision vault blobs created in your browser before upload
  • Privacy-safe product events, such as login, save, export, import, wipe, and check-in activity, plus hashed IP and user-agent data for security
  • OAuth records needed if you connect Mirror to ChatGPT or another MCP client
  • Generalized decision patterns if you explicitly save them for hosted MCP use

Product event logs are designed not to include decision text, reasoning text, expected outcomes, or outcome narratives.

3. Encrypted Cloud Vault

Your account password is used in your browser to derive the vault key that unlocks your encrypted cloud vault. Mirror stores a password hash, not your plaintext password. If an admin resets your password and you do not still have access to the old password or an exported JSON backup, old encrypted decision content may not be recoverable.

Mirror does not keep a readable decision-log cache in browser storage. Unlocked decision content is held in memory for the active session. Mirror may keep a session-only derived vault key so a normal page refresh does not force a full login; it is cleared on logout or when the browser session ends. Exported JSON files are user-controlled copies that you create explicitly.

4. Reflection Insights

Reflection insights are separate from cloud vault storage. When Mirror shares a reflection with you, your browser decrypts the relevant decisions, reasoning, and outcomes and sends them to OpenAI through a Mirror authentication proxy to generate the reflection. The proxy validates that the request is from an authenticated Mirror user and attaches Mirror's API credentials. Mirror's proxy forwards the request and does not store the plaintext content in Mirror's database, but the content is processed transiently while the reflection is generated.

OpenAI does not use API data to train its models by default unless the API account opts in. Mirror has not opted in. OpenAI may retain API inputs and outputs for abuse monitoring or legal compliance according to its own policies, including default abuse-monitoring retention of up to 30 days unless longer retention is legally required. You can review OpenAI's API data policy at platform.openai.com/docs/guides/your-data.

5. MCP and Agent Access

Mirror's MCP tools are designed to return generalized decision guidance, not raw private history. MCP responses must not expose raw decisions, raw reasoning, company facts, client names, deal amounts, confidential terms, or outcome records.

The normal cloud decision vault is encrypted with the user's account-derived key and is not readable by the hosted MCP server. If a future MCP mode requires additional data access, it should require explicit user authorization and must preserve the same response boundary.

6. What You Should Not Submit

Mirror is in private beta. Do not submit confidential, regulated, employer-restricted, medical, legal, financial-account, credential, or highly sensitive personal information. You are responsible for what you choose to log.

7. Your Choices

Access: You can view your unlocked decision data in Mirror when you are signed in.

Export: You can download a full JSON copy of your decision history or an abstracted export that removes obvious personal and company identifiers at export time.

Deletion: You can delete your encrypted decision vault from the app and clear the active browser session. An admin can wipe server-side account data while keeping the login account active, or delete a non-admin beta account. To request deletion, contact mhquig@gmail.com.

California residents: You may request access or deletion under applicable California privacy laws. We do not sell personal data.

8. Security

Mirror uses salted password hashes, authenticated sessions, client-side encryption for cloud vault decision content, and privacy-safe event logging. No system is perfectly secure. During beta, do not log information you would be unwilling to have exposed in the event of a breach, device compromise, model-provider disclosure, or legal process.

9. Children

Mirror is not intended for users under 18. We do not knowingly collect data from minors.

10. Changes

We may update this policy as Mirror changes. Continued use after an update means you accept the updated policy.

11. Contact

MQ, LLC / Mirror
mhquig@gmail.com