Privacy Policy

Last updated: May 1, 2025  |  Effective: May 1, 2025  |  Applies to: MyCS mobile app and mycsapp.com

Overview

Quantum Command Systems, LLC ("we," "us," or "our") operates the MyCS — My Command System mobile application and the website at mycsapp.com. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have regarding your data. By using MyCS, you agree to the practices described in this policy.

Your data serves one purpose: helping you take better command of your own life. We do not sell your personal information. We do not use it to serve advertising. We collect only what is necessary to operate and improve MyCS.

Data We Collect

Information you provide directly:

  • Account information: First name, last name, email address, and password (stored encrypted) when you create a MyCS account.
  • Command data: Objectives, strategies, tasks, habits, daily scores, operational period plans, morning briefings, evening debriefs, and personal command intent.
  • Health and activity data: Food intake, nutritional information, activity data, and health metrics you voluntarily log.
  • Financial data: Financial KPIs, budget categories, and financial goals you voluntarily enter into the Financial Command Center.
  • Household data: Household member information, shared objectives, and household operational data for Household tier users.
  • Communications: Messages you send to our support team.

Information collected automatically:

  • Device information: Device type, operating system, app version, and identifiers for crash reporting.
  • Usage data: Features accessed, screens viewed, and session duration — used to improve functionality.
  • Subscription data: Purchase history and billing timestamps processed through Apple, Google, or Stripe.

How We Use Your Data

  • Create and maintain your MyCS account and command dashboard.
  • Provide, operate, and improve the MyCS application and features.
  • Generate your daily command scores, domain scores, and progress reports.
  • Power AI-assisted planning features.
  • Send transactional communications: account confirmations, password resets, and security alerts.
  • Process subscription payments and manage billing.
  • Provide customer support.
  • Detect and prevent fraudulent transactions.
  • Comply with applicable legal obligations.

We do not use your data to serve targeted advertising, sell to data brokers, or train third-party AI models.

Data Sharing

We do not sell your personal information. We share data only in these limited circumstances:

  • Service providers: Vetted third-party providers for cloud hosting, database services, email delivery, and analytics. They are contractually prohibited from using your data for other purposes.
  • Payment processors: Apple, Google, and Stripe process subscription payments. We receive only transaction confirmation, not full payment details.
  • AI services: When you use AI features, your objective and planning data is sent securely to an AI inference service. It is not used to train models without your consent.
  • Household members: Data you designate as household-shared is visible to other members of your household group.
  • Legal requirements: As required by applicable law or to protect rights, property, or safety.
  • Business transfers: In the event of a merger or acquisition, with advance notice and the opportunity to delete your data.

Data Storage and Security

  • Passwords are hashed using industry-standard bcrypt — we cannot see your password.
  • All data is transmitted over encrypted HTTPS/TLS connections.
  • Database access is restricted to authenticated backend services and authorized personnel.
  • We implement rate limiting, input validation, and injection protection on all API endpoints.
  • Security updates are applied promptly when vulnerabilities are identified.

Health and Financial Data

  • Health and financial data is not shared with third parties for any purpose other than operating the features you use.
  • We do not share this data with insurers, employers, advertisers, financial institutions, or data brokers.
  • You can delete all health and financial data at any time by deleting your account or contacting privacy@mycsapp.com.

MyCS is not a covered entity under HIPAA. Health data in MyCS is personal self-tracking data and is not a substitute for professional medical advice.

AI Features and Your Data

  • When you use AI features, your input is sent to an AI inference API to generate a response.
  • We do not permanently store your AI conversation history beyond what is necessary to provide the feature session.
  • Your data is not used to train AI models without your explicit consent.
  • AI-generated suggestions are tools to support your command — not professional advice of any kind.

Data Retention

  • Active accounts: All data is retained while your account is active.
  • Cancelled subscriptions: Account data is retained for 90 days after cancellation, then deleted.
  • Deleted accounts: Personal data is deleted within 30 days of deletion request, except financial transaction records retained for 7 years as required by law.
  • Anonymized aggregate data: De-identified usage statistics may be retained indefinitely for product improvement.

Your Rights and Choices

  • Access: Request a copy of all personal data we hold about you.
  • Correction: Update or correct your account information in the app or by contacting us.
  • Deletion: Delete your account and all associated data. See our Account Deletion page.
  • Portability: Export your command data in CSV or PDF format from app settings.
  • Opt-out of marketing: Unsubscribe from marketing emails at any time.

To exercise any of these rights, contact us at privacy@mycsapp.com. We will respond within 30 days.

California Residents (CCPA/CPRA)

California residents have additional rights including: Right to Know, Right to Delete, Right to Opt-Out of Sale (we do not sell data), Right to Non-Discrimination, Right to Correct, and Right to Limit Use of Sensitive Information.

To submit a CCPA request, contact privacy@mycsapp.com.

European Users (GDPR)

If you are in the EEA, UK, or Switzerland, your data is processed in accordance with GDPR. Legal bases include contract performance, legitimate interests (fraud prevention, security), consent (marketing), and legal obligation.

You have the right to lodge a complaint with your local data protection authority. Contact privacy@mycsapp.com for data transfer inquiries.

Children's Privacy

MyCS is not directed to children under 13 (or 16 in the EEA). If you believe we have inadvertently collected data from a child, contact privacy@mycsapp.com immediately.

Changes to This Policy

We may update this policy periodically. When we make material changes, we will update the "Last updated" date and notify active users via in-app notification and/or email.

Contact Us

Quantum Command Systems, LLC
Privacy & Data: privacy@mycsapp.com
Support: support@mycsapp.com
Website: mycsapp.com