Mondai

Privacy Policy

Last updated: 2026-04-11

1. Who we are

Mondai is operated by Vychodil. We build AI tools that help creators run their social media. This policy explains what data we collect, why we collect it, and what you can do about it.

2. Data we collect

  • Account info: the email and name you provide at signup, and a hashed version of your password.
  • Onboarding answers: your niche, voice, visual style, and content pillar preferences.
  • Connected social accounts: when you connect Instagram, we store an OAuth token, your username, follower counts, and metadata about your account.
  • Posts: we fetch your recent Instagram posts (caption, image URL, engagement metrics) so Mondai can learn your style.
  • Photos you upload: the photos you put into the content library, plus AI-generated descriptions of those photos.
  • Drafts and published posts: the content Mondai creates with you, including AI confidence and reasoning metadata.

3. How we use your data

  • To run the Mondai service - generate recommendations, publish posts on your behalf, show you analytics.
  • To send your data to AI providers (Anthropic Claude) so they can analyze your photos and write captions in your style.
  • To send your data to Meta (Instagram Graph API) so we can read your history and publish your approved drafts.
  • To improve Mondai - understand which features work and where users get stuck.

We do not sell your data. We do not use your photos or captions to train any model.

4. Third parties

  • Anthropic - AI generation and image analysis
  • Meta (Instagram) - reading your posts and publishing on your behalf, only after you authorize
  • Stripe - payment processing (when you upgrade to a paid plan)

5. Your rights

You can edit your profile, disconnect any social account, and delete your Mondai account from the Settings page. Account deletion is permanent and removes all your data: drafts, photos, context profile, content pillars, connected accounts.

6. Data location and security

Your data is stored in encrypted databases. OAuth tokens for connected accounts are stored server-side and never exposed in the browser. Passwords are hashed with bcrypt.

7. Contact

Questions about this policy? Email us at hello@heymondai.com.

← Back to home