Privacy policy.
last updated: 13 July 2026
What we collect
If you join the launch list, we store the email address you submit, where on this site you submitted it, and the time you joined. When product access opens and you sign in with github, we receive your github id, email address, name, and avatar url. That is what github’s oauth flow hands us, and it is what we use to identify your account. Beyond that, we store what you explicitly send to the service: the documents and content you ingest, the memories, projects, and connections you create, and configuration like api keys and connector settings.
Analytics
We use Google Analytics to understand how visitors find and use this site. Google may receive pages visited, interaction data, referral information, device and browser details, and approximate location derived from network information. Google Analytics may set or read analytics cookies. We do not use this data for advertising and we do not sell personal data. Read the Google privacy policy for details.
What we don’t collect
We do not run advertising or fingerprinting scripts. Outside Google Analytics, the console sets only the functional cookies needed to keep you signed in. We do not sell data, and we do not share your content with anyone except the processor described below.
Where it lives
Launch list emails live in a Cloudflare D1 database attached to this site. Product data lives in postgres, scoped to your organization: your workspace’s rows are scoped to your organization id and are not visible to other tenants. Api keys and connector credentials, such as oauth tokens for the connectors you enable, are encrypted at rest with AES 256 GCM before they touch the database; only the running service, with its own encryption key, can decrypt them.
Processors
To turn ingested content into memories and to support search, the service calls out to a large language model and embedding provider configured for the hosted deployment (currently a commercial API provider, the same kind of provider the self hosted binary would be pointed at if you ran it yourself). Content sent to that provider is used to generate the response memoricAI needs, such as extracted memories and embeddings; we do not control what that provider retains under its own policy, so avoid ingesting anything you would not want passing through an external model api.
Retention & deletion
You can leave the launch list or ask us to delete its record by emailing us. You can delete individual documents, memories, and connections from the console once product access opens. You can request deletion of your entire organization (all documents, memories, keys, and account data) by emailing us or using the account deletion option in settings; we remove it within a reasonable period, subject to anything we are legally required to retain.
Your rights
Wherever you are located, you can ask us to access, export, correct, or delete your personal data, or to explain what we hold, by emailing us. Because the service is designed around its API, you can also export most of your own content directly at any time without waiting on us. We may ask you to confirm you are signed in as the github account on the workspace before acting on a request, so nobody else can delete or export data on your behalf.
Contact
Questions about this policy: hello@memoric.xyz.