Last Updated: April 6, 2026 — Version 1.0 | Governing Standard: GDPR (EU) 2016/679 & CCPA (California)
This Privacy Policy explains how The Millionaire Mindset Framework, operating at https://themmindset.com (“we,” “us,” or “our”), collects, uses, stores, and protects your personal information when you visit our website or purchase any of our digital products.
We are committed to protecting your privacy. This policy is written in plain language so you understand exactly what happens with your data, who is involved, and what your rights are.
1. Who We Are — The Data Controller
Under GDPR, the Data Controller is the entity that decides why and how your personal data is collected and used.
Data Controller:
The Millionaire Mindset Framework
Website: https://themmindset.com
This means we are responsible for ensuring your data is handled lawfully, transparently, and only for the purposes described in this policy.
2. Who Handles Your Data — Third-Party Stakeholders
We do not operate in isolation. The following trusted third-party services are involved in running this website and processing your data. Each acts as a Data Processor — meaning they only handle your data on our behalf and under our instructions.
Hostinger — Website Hosting
Role: Hosts all website files, databases, and
server infrastructure for themmindset.com.
What they see: Server logs, IP addresses, technical
access data.
Why: To keep the website online and secure.
GDPR basis: Legitimate interest (operating a
website).
Their policy:
hostinger.com/privacy-policy
WooCommerce & Stripe — Payment Processing
Role: WooCommerce manages the checkout process.
Stripe processes all credit and debit card payments securely.
What they see: Your name, email address, billing
address, and payment card details. We never store your card
number. Stripe handles all payment data directly.
Why: To complete your purchase and deliver your
digital product.
GDPR basis: Performance of a contract (your
purchase).
Their policy:
stripe.com/privacy
Mailchimp — Email Marketing
Role: Stores your email address and manages any
newsletters, product updates, or marketing communications you opt
into.
What they see: Your email address, first name, and
email engagement activity (opens, clicks).
Why: To send you information you requested or
consented to receive.
GDPR basis: Consent (you opted in).
Their policy:
mailchimp.com/legal/privacy
Google (Site Kit, Analytics 4, Search Console) — Analytics
Role: Measures how visitors interact with this
website — which pages are visited, how long visitors stay, and where
traffic comes from.
What they see: Anonymized behavioral data, device
type, browser, approximate geographic location, and pages visited.
No personally identifiable information is shared with
Google Analytics.
Why: To understand how the website performs and
improve the user experience.
GDPR basis: Legitimate interest (website
improvement).
Their policy:
policies.google.com/privacy
Meta (Facebook Pixel) — Advertising
Role: Tracks visitor actions on this website to
measure the performance of any Meta (Facebook/Instagram) advertising
campaigns.
What they see: Pages visited, products viewed,
purchases completed — linked to your Facebook profile if you are
logged in.
Why: To measure ad effectiveness and show relevant
content to people who have visited this site.
GDPR basis: Consent (via cookie banner).
Their policy:
facebook.com/privacy/policy
LiteSpeed Cache — Performance
Role: Stores temporary cached versions of web
pages to make the website load faster for all visitors.
What they see: No personal data. Technical page
data only.
Why: Website performance optimization.
3. What Personal Data We Collect and Why
| Data | Why We Collect It | Legal Basis |
|---|---|---|
| Name & email address | To process your order and deliver your product | Contract |
| Billing address | Tax and fraud prevention | Legal obligation |
| Payment details | To complete your purchase (handled entirely by Stripe) | Contract |
| IP address & browser | Security, fraud prevention, server logs | Legitimate interest |
| Website behavior (pages, clicks) | Analytics to improve the website | Legitimate interest |
| Email engagement (opens, clicks) | To improve communications you consented to | Consent |
4. Cookies
This website uses cookies — small text files stored in your browser — to make the site work properly and to understand how it is used. Here is what each type does:
| Cookie Type | Purpose | Can Be Declined? |
|---|---|---|
| Essential | Shopping cart, checkout, login session | No — required for the site to function |
| Analytics (Google) | Understand traffic and behavior | Yes — via cookie banner |
| Marketing (Meta Pixel) | Ad performance measurement | Yes — via cookie banner |
| Performance (LiteSpeed) | Page caching for faster load times | No — no personal data involved |
5. How Long We Keep Your Data
- Purchase records — 7 years (legal and tax obligation).
- Email subscribers — Until you unsubscribe or request deletion.
- Analytics data — 14 months (Google Analytics default retention).
- Server logs — 30 days (Hostinger default).
6. Your Rights Under GDPR
If you are located in the European Union, the United Kingdom, or California (CCPA), you have the following rights regarding your personal data:
- Right to Access — You can request a copy of all personal data we hold about you.
- Right to Rectification — You can ask us to correct inaccurate or incomplete data.
- Right to Erasure — You can ask us to delete your data, subject to legal retention requirements.
- Right to Restrict Processing — You can ask us to pause how we use your data.
- Right to Data Portability — You can request your data in a transferable format.
- Right to Object — You can object to processing based on legitimate interest or direct marketing at any time.
- Right to Withdraw Consent — Where processing is based on consent, you can withdraw it at any time without affecting past processing.
To exercise any of these rights, contact us at https://themmindset.com. We will respond within 30 days.
7. Data Security
We take reasonable technical and organizational measures to protect your personal data, including:
- SSL/HTTPS encryption across the entire website.
- Payment data handled exclusively by Stripe — we never see or store your card number.
- Regular automated backups via UpdraftPlus.
- Server-level security provided by Hostinger on LiteSpeed infrastructure.
- Limited admin access — only authorized personnel can access site data.
No method of transmission over the internet is 100% secure. While we do everything reasonable to protect your data, we cannot guarantee absolute security.
8. Data Transfers Outside the EU
Some of our third-party processors are based in the United States. Where your data is transferred outside the European Economic Area (EEA), we rely on the following safeguards:
- Stripe — EU-U.S. Data Privacy Framework certified.
- Google — EU Standard Contractual Clauses (SCCs).
- Mailchimp — EU Standard Contractual Clauses (SCCs).
- Meta — EU Standard Contractual Clauses (SCCs).
9. Children’s Privacy
This website and its products are intended for users aged 18 and older. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has submitted data to us, please contact us immediately for removal.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The “Last Updated” date at the top of this page will always reflect the most current version. Continued use of this website after any update constitutes your acceptance of the revised policy.
11. Contact & Complaints
For any privacy-related questions, data requests, or complaints,
contact us at:
https://themmindset.com
If you are an EU resident and believe we have not handled your data correctly, you have the right to lodge a complaint with your local Data Protection Authority (DPA) or with the Irish DPA (as Google and Meta’s EU headquarters are in Ireland).
© 2026 The Millionaire Mindset Framework. All rights reserved. | https://themmindset.com