Privacy Policy

1. Information We Collect

MemorieAI collects only what is necessary to provide the service.

From website owners (customers):

• Name and email address (account creation)
• Billing information (processed by Stripe — we never store raw card numbers)
• Registered domains and API keys
• Session usage counts (for plan limit enforcement)

From end users (visitors to embedded sites):

• Voice audio is processed in real time by Vapi's servers and is not stored by MemorieAI
• Text messages sent through the keyboard interface are processed in real time and not stored by MemorieAI
• Session start/end timestamps (anonymized, used only for usage billing)
• The domain the embed was loaded from (for key validation)

We do not collect, store, or process the content of voice conversations or text chats beyond the duration of the active session.

2. How We Use Your Information

• To authenticate API keys and validate domain permissions
• To count sessions against your plan limit
• To send usage reports and billing invoices
• To respond to support requests
• To improve the service (only using aggregated, anonymized metrics — never conversation content)

3. Data Sharing

We do not sell, rent, or trade personal data to third parties.

We share data only with:

• Vapi — real-time voice processing (their privacy policy applies to audio processing)
• Stripe — payment processing (their privacy policy applies to billing data)
• Infrastructure providers (hosting, CDN) — under strict data processing agreements

We may disclose information if required by law, court order, or to protect the rights and safety of MemorieAI users.

4. Data Retention

• Account data: retained for the life of your account + 30 days after deletion
• Billing records: retained for 7 years as required by tax law
• Session metadata (anonymized timestamps + counts): retained for 12 months, then deleted
• Voice/text content: not stored — zero retention

5. Security

We take security seriously:

• All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Vapi API keys are stored server-side and never exposed to the browser
• Domain locking prevents API key abuse from unauthorized sites
• Access to production systems is limited to essential personnel with MFA required

If you discover a security vulnerability, please report it to security@memorie.ai before public disclosure.

6. Cookies & Tracking

The MemorieAI embed script does not set cookies on end-user browsers.

The MemorieAI marketing website (this site) uses:

• A single session cookie for authentication (customers logged into the dashboard)
• No third-party analytics tracking scripts
• No advertising or retargeting pixels

7. Your Rights

Depending on your location, you may have the right to:

• Access — request a copy of the personal data we hold about you
• Deletion — request deletion of your account and associated data
• Correction — update inaccurate or incomplete data
• Portability — receive your data in a machine-readable format
• Objection — object to certain types of processing

To exercise any of these rights, email privacy@memorie.ai. We'll respond within 30 days.

8. Children's Privacy

MemorieAI is not directed at children under 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

9. Changes to This Policy

We may update this policy occasionally. When we do, we'll update the "Last updated" date above and notify active customers by email if the changes are material. Continued use of the service after changes constitutes acceptance.

10. Contact Us

Questions or concerns about this policy?

• Email: privacy@memorie.ai
• General: hello@memorie.ai