Privacy Policy

Last updated: June 3, 2026 · Applies to mentalcheck.app

    TL;DR: We collect only your email address. Your test answers are processed in your browser and stored in your personal account only. We don't sell data, don't run ads, don't share with third parties except payment processing. You can delete your account and all data at any time.
  

1. Who we are

MentalCheck ("we", "us") operates mentalcheck.app — a free mental health screening tool. We are not a medical institution. Our screening tools are based on validated clinical instruments (PHQ-9, GAD-7, PSS-10, ISI-7) provided as public health education, not medical advice.

2. Legal basis for processing (GDPR)

We process your data on the following legal bases:

Explicit consent (Art. 6(1)(a) + Art. 9(2)(a) GDPR) — for storing mental health screening results. You provide this via the checkbox before saving results. You can withdraw consent at any time by deleting your account.
Contract performance (Art. 6(1)(b)) — for account management and subscription services.
Legitimate interest (Art. 6(1)(f)) — for transactional emails (magic link, receipts).

3. Data we collect

Email address — only when you create an account (via magic link). Required to save your results and send check-in reminders.
Mental health screening scores — numeric scores only (e.g. PHQ-9: 11/27), NOT your individual answers. Stored only after your explicit consent. This is special category health data under GDPR Art. 9 — we treat it accordingly.
Payment data — processed by LemonSqueezy. We never see your card number. We receive a subscription status and customer ID only.
Usage data — if analytics are enabled, we use privacy-friendly analytics (no cookies, no personal data, no cross-site tracking).

We do NOT collect: your individual test answers, location, device fingerprint, IP address, demographic data, or any data beyond what's listed above.

3. How we use data

To provide your dashboard and progress tracking
To send transactional emails: magic link, welcome, results summary, check-in reminders (you can unsubscribe from reminders at any time)
To manage your subscription (via LemonSqueezy)

4. Data storage & security

Your data is stored on Supabase (PostgreSQL database with row-level security — only you can access your own data). Servers are located in the EU. Data is encrypted at rest and in transit (TLS 1.3).

5. Third-party services

Supabase — database and authentication (EU servers) · Privacy Policy
LemonSqueezy — payment processing · Privacy Policy
Resend — transactional email delivery · Privacy Policy

6. Your rights (GDPR / CCPA)

Access — view all your data in your dashboard
Export — contact us to receive a CSV of your data
Delete — delete your account from Settings → this permanently removes all data
Unsubscribe — use the unsubscribe link in any email, or update preferences in dashboard
Portability — request a copy of your data in machine-readable format

7. Cookies

We use only essential cookies for authentication (Supabase session token). We do not use advertising or tracking cookies. No cookie consent banner needed because we don't use non-essential cookies.

8. Children

MentalCheck is not intended for users under 16 years of age. If you are under 16, please consult a parent or guardian before using this service.

9. Medical disclaimer

MentalCheck provides screening tools for educational and informational purposes only. Results are NOT a medical diagnosis. Always consult a qualified mental health professional for clinical evaluation and treatment.

10. Contact

For privacy-related questions or data requests: privacy@mentalcheck.app