Privacy Policy

Last Updated: November 20, 2025

At Bespoke Mentis, we design intelligence systems with governance at their core. This extends to how we handle your data: with transparency, security, and respect.

Who We Are

Bespoke Mentis, Inc. develops constitutional AI systems for enterprises that demand both velocity and governance.

Contact:

What Data We Collect

When You Use Mentis (Chat Interface)

  • Your conversation messages (stored locally in your browser)
  • Anonymous session identifier (for rate limiting)
  • Your browser's IP address (for abuse prevention)

When You Book a Meeting

  • Your name (first and last)
  • Your email address
  • Meeting time preference
  • Calendar event details

Technical Data

  • Browser type and version
  • Operating system
  • Page navigation (for improving user experience)
  • Cookie consent preferences

How We Use Your Data

Mentis Conversations: Your chat messages are processed by OpenAI GPT-4 to generate responses. Conversations are stored only in your browser's localStorage and are never sent to our servers unless you book a meeting.

Calendar Bookings: When you book a meeting, we send your name, email, and preferred time to Google Calendar (via our service account) and SendGrid (for email confirmations). These services have their own privacy policies.

Security & Abuse Prevention: We use your IP address and session identifier to prevent automated abuse of our AI services. This data is temporarily stored for rate limiting purposes only.

Improving Our Services: We may analyze aggregated, anonymized usage patterns to improve Mentis's responses and user experience.

Third-Party Services

We use the following external services, each with their own privacy policies:

OpenAI: AI model provider for Mentis responses
OpenAI Privacy Policy →
Google Calendar: Meeting scheduling service
Google Privacy Policy →
SendGrid: Email delivery service
SendGrid Privacy Policy →

Data Retention

Chat History: Stored only in your browser's localStorage. You can clear it at any time by clearing your browser data or using the "Download Chat" button to save a transcript before clearing.

Calendar Events: Stored in our Google Calendar until the meeting occurs or is canceled. We do not retain calendar data beyond what is necessary for scheduling.

Email Records: SendGrid retains email delivery logs for up to 30 days for troubleshooting purposes.

Rate Limiting Data: IP addresses and session identifiers are stored temporarily (typically 1 hour) for abuse prevention, then automatically purged.

Your Rights (GDPR)

If you are in the European Union, you have the following rights:

Right to Access: Request a copy of the personal data we hold about you
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your data (subject to legal requirements)
Right to Data Portability: Receive your data in a machine-readable format
Right to Object: Object to certain types of data processing

To exercise any of these rights, with the subject line "Privacy Request".

Security

We implement security measures designed to protect your data:

All connections use HTTPS encryption (TLS 1.3)
API keys and credentials stored as environment variables (never committed to code)
Rate limiting to prevent automated abuse
Human verification before accessing Mentis
Architecture designed to support SOC 2 and ISO 27001 controls (certification in progress)

While we implement industry-standard security practices, no system is 100% secure. We continuously monitor and improve our security posture.

Cookies & Local Storage

This website uses browser localStorage (not traditional cookies) for:

Mentis Chat History: Stores your conversation messages locally in your browser so you can continue conversations across page reloads. This data never leaves your device unless you explicitly book a meeting.
Consent Preferences: Records whether you've accepted our privacy policy and data usage terms.
Human Verification: Remembers that you've passed the human verification check so you don't need to verify on every visit.

You can clear localStorage at any time through your browser settings. This will log you out and clear your Mentis chat history.

Changes to This Policy

We may update this privacy policy from time to time. When we make significant changes, we'll update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website after changes constitutes acceptance of the updated policy.

Questions?

If you have any questions about this privacy policy or how we handle your data, we're here to help.

Bespoke Mentis · Constitutional AI Engineering

Governance first. Evidence backed. Trusted by those who can't afford to fail.

Ask Mentis anything