Privacy Policy

Last updated: May 8, 2026

Overview

mySecond ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services at mysecond.ai.

By using mySecond, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (stored as a cryptographic hash)

PM Operating System Information

When you subscribe to the PM Operating System, you may provide:

  • Company name and mission
  • Product name and description
  • User persona descriptions
  • Competitor names and websites
  • Website URLs for AI-powered context extraction

This information is used solely to personalize your PM OS files and is not shared with third parties.

Usage Information

We automatically collect:

  • Pages you visit on our site
  • Skills you download
  • Browser type and version
  • Device information
  • IP address (anonymized)

Email & Newsletter Information

If you subscribe to our email list, you may provide:

  • Email address
  • First name and other optional profile information

Email subscriptions are managed by ConvertKit (now Kit). We retain your email address to send you requested communications. Your email data is retained as long as you remain subscribed. You can unsubscribe at any time using the link in any email, or by contacting us at ron@mysecond.ai. When you unsubscribe, your email will be removed from our list.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card information. Stripe collects and processes payment information according to their privacy policy.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the mySecond service
  • Process your subscriptions and deliver the PM Operating System
  • Personalize your context files with your company and product information
  • Send you skill files and updates you've requested
  • Improve our website and services
  • Respond to your questions and support requests
  • Send occasional product updates (you can unsubscribe anytime)
  • Detect and prevent fraud or abuse

3. Information Sharing

We do not sell your personal information.

We share your information only in these situations:

Service Providers

We use third-party services to operate mySecond:

  • Supabase - Authentication and database hosting
  • Vercel - Website hosting and analytics
  • Anthropic Claude API - AI-powered context extraction and personalization
  • Stripe - Payment processing
  • Resend - Transactional emails
  • Kit (formerly ConvertKit) - Email newsletter and marketing communications (if you subscribe)
  • PostHog - Product analytics

These providers have access only to the information necessary to perform their functions and are obligated to protect your data.

Legal Requirements

We may disclose your information if required by law or to:

  • Comply with legal processes (subpoenas, court orders)
  • Enforce our Terms of Service
  • Protect the rights, property, or safety of mySecond, our users, or others

4. Data Storage & Security

Your data is stored securely using industry-standard practices:

  • All data transmission uses HTTPS encryption
  • Passwords are hashed using bcrypt before storage
  • Database hosted by Supabase with encryption at rest
  • Regular security updates and monitoring

While we implement reasonable security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

5. Your Rights

You have the right to:

  • Access your data - Request a copy of the personal information we hold about you
  • Update your data - Correct any inaccurate information through your account settings
  • Delete your account - Request deletion of your account and associated data
  • Export your data - Download your context files and skill files at any time
  • Opt out of emails - Unsubscribe from marketing emails (transactional emails required for service)

To exercise these rights, contact us at ron@mysecond.ai

6. Cookies and similar technologies

We split storage into two buckets: essential (always on, required for the site to work) and analytics (optional, helps us improve the site).

Visitors from the EU, EEA, and UK see a consent banner on first visit. Analytics stay off until you click Accept; if you click No thanks, we never load our analytics provider for you. Visitors elsewhere are opted in by default and can opt out below.

What we collect

NamePurposeStorageRetentionProvider
Supabase authKeeps you signed in (essential).CookiesUp to 1 yearSupabase
PostHogAnonymous product analytics (page views, feature use). No content from your files or messages.Cookies + localStorageUp to 1 yearPostHog
Vercel AnalyticsAggregated, anonymized site performance (Core Web Vitals).No cookies; in-memory onlySessionVercel
Consent recordRemembers your choice so we don’t re-prompt.localStorage12 monthsFirst-party

Change your mind

You can clear your stored choice and re-show the banner on your next visit:

Current state: unknown

You can also configure your browser to refuse cookies, but some features may not work properly. Email tracking (Kit) can be turned off by configuring your email client or unsubscribing from our list.

7. International Users

mySecond is operated from the United States. If you are accessing our service from outside the US, your information will be transferred to, stored, and processed in the United States.

By using mySecond, you consent to the transfer of your information to the United States and the application of US privacy laws.

8. Email Retention & Marketing Preferences

When you unsubscribe from our email list, Kit removes your email address from our marketing communications. We retain only the information necessary to honor your unsubscribe request. You can manage your subscription preferences at any time by:

  • Clicking the unsubscribe link in any email
  • Updating your preferences through your Kit account
  • Contacting us at ron@mysecond.ai

9. Children's Privacy

mySecond is not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. California Privacy Rights

We do not sell or share personal information as defined under the CPRA.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect
  • Right to know if we sell or disclose your personal information (we do not sell)
  • Right to request deletion of your personal information
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at ron@mysecond.ai

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For material changes, we will notify you by email or through a prominent notice on our website.

Your continued use of mySecond after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

Email: ron@mysecond.ai
Website: mysecond.ai