Privacy Policy

Last updated: December 13, 2025

MIR (My Internet Reputation) is built on transparency. This policy explains what data we collect, why we collect it, and how you control it. We believe you should understand exactly what happens with your information.

The Short Version: We collect only what's needed to provide reputation services. We don't sell your data. We don't track you across the web. You can export or delete your data anytime.

1. Who We Are

MIR is operated by phpMyDEV, LLC. We provide a reputation infrastructure service that helps users build portable trust across the internet.

Website: myinternetreputation.org
Contact: hello@myinternetreputation.org
Address: Phoenix, Arizona, USA

2. Data We Collect

2.1 Account Information

When you create an account, we collect:

Data	Purpose	Retention
Email address	Account login (magic links), notifications	Until account deletion
Display name (optional)	Personalization	Until account deletion

2.2 Reputation Data

The core of MIR is reputation signals submitted by partner platforms:

Data	Purpose	Retention
Events (transactions, verifications, etc.)	Building reputation signals	Until disputed/removed or account deletion
Linked accounts (partner user IDs)	Connecting you across platforms	Until unlinked or account deletion

2.3 Technical Data

We automatically collect:

Data	Purpose	Retention
IP address	Security, rate limiting	30 days in logs
Browser/device info	Session security	With session (30 days max)
Access logs	Security, debugging	30 days

2.4 Partner Application Data

If you apply as a partner:

Company/app name, website, contact info
Use case description
Expected API volume

This is retained for the duration of the partnership plus 1 year.

3. How We Use Your Data

We use your data only for:

Providing the service: Managing your account, calculating reputation, responding to queries
Security: Preventing fraud, abuse, and unauthorized access
Communication: Account notifications, service updates (you can opt out of non-essential emails)
Improvement: Aggregated analytics to improve the service (never individual tracking)
Legal compliance: Responding to lawful requests

We do NOT: Sell your data. Show you ads. Track you across websites. Build profiles for advertising. Share data with data brokers.

4. Data Sharing

4.1 With Partners

When a partner queries your reputation:

They receive only signals relevant to their specific request
They do not receive your full history
They cannot see unrelated reputation dimensions
All queries are logged and visible to you

4.2 With Service Providers

We use limited third-party services:

Hosting: DigitalOcean (servers, database)
Email: Transactional email provider for notifications

These providers process data only on our behalf and under strict agreements.

4.3 Legal Requirements

We may disclose data if required by law, court order, or to protect rights and safety. We will notify you unless legally prohibited.

5. Your Rights

You have full control over your data:

Access

View all data we have about you in your account dashboard

Export

Download your complete data in standard formats

Correct

Update inaccurate information or dispute events

Delete

Request complete account and data deletion

Restrict

Limit how your data is processed

Object

Opt out of certain processing activities

To exercise these rights:

Use the controls in your account settings
Email us at hello@myinternetreputation.org
Use our contact form

We respond to all requests within 30 days.

6. Data Security

We protect your data with:

Encryption: TLS 1.2+ for all connections; encrypted database
Passwordless authentication: Secure magic links sent to your email—no passwords to steal or leak
Access controls: Principle of least privilege for all systems
Monitoring: Intrusion detection and security logging
Updates: Regular security patches and updates

No system is 100% secure. If we discover a breach affecting your data, we will notify you promptly.

7. Cookies

We use minimal cookies:

Cookie	Purpose	Duration
`mir_session`	Keeps you logged in	30 days (or until logout)

We do not use:

Advertising cookies
Third-party tracking cookies
Analytics cookies that identify individuals

8. International Transfers

Our servers are located in the United States. If you are outside the US, your data will be transferred to and processed in the US. We apply appropriate safeguards for international transfers.

9. Children's Privacy

MIR is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, please contact us immediately.

10. Data Retention

We retain data only as long as needed:

Active accounts: Data retained while account is active
Deleted accounts: Data deleted within 30 days, except as required by law
Logs: Retained for 30 days for security purposes
Backups: Cycled out within 90 days

11. Changes to This Policy

We may update this policy. For significant changes:

We'll email registered users
We'll post a notice on the website
We'll update the "Last updated" date

Continued use after changes constitutes acceptance.

12. Contact Us

For privacy questions or to exercise your rights:

Email: hello@myinternetreputation.org
Contact form: /contact
Subject line: "Privacy Request"

We aim to respond within 30 days.

13. Jurisdiction-Specific Rights

California Residents (CCPA)

You have the right to:

Know what personal information we collect
Request deletion of your data
Opt out of sale of personal information (we don't sell data)
Non-discrimination for exercising your rights

European Residents (GDPR)

Additional rights include:

Legal basis for processing (consent, contract, legitimate interest)
Right to lodge a complaint with a supervisory authority
Right to data portability

Our legal bases for processing are: contract performance (providing the service), legitimate interest (security, improvement), and consent (optional communications).

Questions? We're committed to transparency. If anything in this policy is unclear, please contact us and we'll explain.