1. Who we are
Menquilibrium is a product and brand operated by:
When this policy says "we," "us," or "Menquilibrium," it refers to Wisdohm Strategica SRL. We act as the data controller for the personal data described below.
2. What this policy covers
This privacy policy applies to all personal data we process in connection with:
- The Menquilibrium website (menquilibrium.com and its subdomains)
- The Menquilibrium mobile application (iOS and Android)
- The Virtus newsletter and any related email communications
- Any forms, surveys, or intake processes we operate
Menquilibrium is part of the wider Wisdohm ecosystem, which may include additional products in the future. Each product will reference this policy or publish its own when applicable.
3. Data we collect
3.1 Data you provide directly
| Category | Examples | Purpose |
|---|---|---|
| Account data | Name, email address, phone OS preference | Creating and managing your account, matching you into a circle |
| Profile & personality data | Responses to our psychological compatibility questionnaire | Circle matching algorithm — grouping you with compatible members |
| Session feedback | Post-session ratings (heard, safe, connected), optional free-text reflections | Tracking circle health, detecting issues early, improving the session structure |
| Newsletter subscription | Email address, first name | Delivering the Virtus newsletter and related communications |
| Correspondence | Messages sent to us via email or contact forms | Responding to your enquiries, investor letters of intent |
3.2 Data collected automatically
| Category | Examples | Purpose |
|---|---|---|
| Device & usage data | Device type, operating system, app version, session timestamps | Maintaining app functionality, debugging, improving performance |
| Website analytics | Pages visited, referral source, approximate location (country/region level) | Understanding how visitors use our website, improving content and navigation |
| Cookies & similar technologies | Session cookies, analytics cookies | Website functionality, aggregate usage statistics (see Section 8) |
3.3 Data we do not collect
We do not record, store, or transcribe the audio content of circle sessions. What is said in the circle stays in the circle — technically as well as culturally. We also do not collect payment card details directly; all payment processing is handled by third-party providers (see Section 6).
4. Legal basis for processing (GDPR)
As a company registered in Romania and subject to the EU General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:
- Contract performance — Processing necessary to provide you with the services you've signed up for (account creation, circle matching, session facilitation).
- Consent — Where you've opted in to receive our newsletter or marketing communications. You can withdraw consent at any time.
- Legitimate interest — Analytics and usage data to improve our products, provided this does not override your rights. We perform balancing tests where required.
- Legal obligation — Where we are required to retain certain data for accounting, tax, or regulatory compliance.
5. How we use your data
We use personal data for the following purposes:
- Creating and managing your Menquilibrium account
- Running the psychological matching algorithm to place you in a compatible circle
- Facilitating and improving weekly circle sessions
- Monitoring circle health through aggregated session feedback
- Delivering the Virtus newsletter and related communications
- Responding to your enquiries and support requests
- Analysing website and app usage in aggregate to improve our products
- Complying with legal and regulatory obligations
We do not sell your personal data. We do not use your data for behavioural advertising. We do not share your data with advertisers.
6. Third-party service providers
We share personal data only with service providers who process it on our behalf and under our instructions. All suppliers listed below maintain servers in the United States and comply with applicable data protection standards.
| Provider | Service | Data shared | Server location |
|---|---|---|---|
| App hosting provider | Mobile app infrastructure and backend | Account data, profile data, session metadata | Dallas, TX, USA |
| Kit (formerly ConvertKit) | Email newsletter delivery | Email address, first name, subscriber activity | USA |
| Payment processor | Subscription billing | Billing details (processed directly by provider, not stored by us) | USA |
| Analytics provider | Website and app analytics | Anonymised usage data, device information | USA |
For transfers of personal data from the EU/EEA to the United States, we rely on the EU-US Data Privacy Framework, Standard Contractual Clauses (SCCs), or other lawful transfer mechanisms as applicable. We evaluate each provider's data protection practices before engagement.
7. Data retention
We retain your personal data only as long as necessary to fulfil the purposes described in this policy:
- Account data — Retained for the duration of your active account, plus 30 days after deletion to allow for recovery.
- Profile and matching data — Retained while your account is active. Deleted or anonymised upon account closure.
- Session feedback — Aggregated and anonymised after 12 months. Individual ratings are not retained beyond this period.
- Newsletter data — Retained until you unsubscribe. Upon unsubscription, your email is removed from active lists within 30 days.
- Financial records — Retained for the period required by Romanian and EU tax and accounting regulations (typically 10 years).
8. Cookies
Our website uses a minimal number of cookies:
- Essential cookies — Required for basic website functionality (session management, security). These cannot be disabled.
- Analytics cookies — Used to collect aggregate, anonymised data about how visitors use the website. These are only placed with your consent where required by law.
We do not use advertising cookies, tracking pixels from ad networks, or social media cookies. Our newsletter emails may contain a standard open-tracking pixel and click tracking, which you can avoid by using a privacy-focused email client or disabling image loading.
9. Your rights
Under the GDPR, you have the following rights regarding your personal data:
- Access — Request a copy of the personal data we hold about you.
- Rectification — Request correction of inaccurate or incomplete data.
- Erasure — Request deletion of your data ("right to be forgotten"), subject to legal retention obligations.
- Restriction — Request that we restrict processing of your data in certain circumstances.
- Portability — Receive your data in a structured, commonly used, machine-readable format.
- Objection — Object to processing based on legitimate interest or for direct marketing purposes.
- Withdraw consent — Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at the address provided in Section 12. We will respond within 30 days, as required by the GDPR.
You also have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) or with the data protection authority of the EU member state in which you reside.
10. Data security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:
- Encryption of data in transit (TLS/HTTPS) and at rest
- Access controls limiting data access to authorised personnel only
- Regular security reviews of our infrastructure and third-party providers
- No recording or storage of circle session audio content
While we take security seriously, no method of electronic transmission or storage is 100% secure. We encourage you to use a strong, unique password for your Menquilibrium account.
11. Children's privacy
Menquilibrium is designed for adults aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected data from a minor, please contact us and we will delete it promptly.
12. Contact us
For any questions about this privacy policy, to exercise your data protection rights, or to raise a concern about how your data is handled, you can reach us at:
We aim to respond to all privacy-related enquiries within 30 days.
13. Changes to this policy
We may update this privacy policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or through the app.
We encourage you to review this policy periodically. Your continued use of our services after changes take effect constitutes acceptance of the updated policy.
This privacy policy is provided for transparency and informational purposes. It is designed to comply with the EU General Data Protection Regulation (GDPR) and applicable Romanian data protection law. For specific legal advice regarding your data rights, consult a qualified legal professional.