Privacy Policy
Your privacy is important to us. This policy describes how MEMORO collects, uses, and protects your personal data in accordance with the EU General Data Protection Regulation (GDPR).
Last updated: 30 May 2026
What Data Do We Collect?
We collect only what you actively put into MEMORO. That includes: your name and email address from your sign-in provider (Apple or Google) and your date of birth (optional, used to tailor the assistant to your life stage); profile details you choose to share (role, interests, preferences); meetings and lectures you record in MEMORO Live — we transcribe the audio and build notes, then delete the raw audio; voice conversations with the AI assistant; course materials you upload (syllabus, slides, lecture notes, documents) and the lectures, handouts, and study questions MEMORO builds from them; email you forward in to, send from, or receive at your @meetmemoro.app address; calendar feeds you subscribe to via ICS URL; contacts, calendar events, or photos you import from your device; people, notes, and files you add or upload; and your messages in the AI assistant chat. From this content, MEMORO builds summaries, action items, and a connected view of the people, topics, and things you care about — so you can find, remember, and act on what matters.
Personal Data About Others
Some content you add — emails, meeting recordings, contacts, and the people you create — may contain personal data about other people. You are responsible for ensuring you have a lawful basis to share it with us. We process it only to provide the Service to you, with the same protections described in this policy.
How Is Audio Handled?
When you use voice features — voice conversations with the AI assistant, recorded meetings and lectures, and language-practice sessions — we capture audio on your device (web browser or native app) and send it in short segments for two named purposes. (a) Transcription — via Google Gemini Live, Cloudflare Workers AI (Whisper), or OpenAI Whisper — so the AI assistant can respond to you and meetings can be turned into notes. (b) Speech analysis when you use language-practice features — pacing, pauses, filler words, self-corrections, and pronunciation patterns — so MEMORO can adapt practice sessions to your level. Audio is held only for as long as transcription and speech analysis take to complete — typically seconds to minutes after your session or recording ends — and is then deleted. We do not persist raw audio beyond that window. We do not currently use your voice to identify you or to build voice biometric profiles; if that ever changes with a future feature, we will update this policy and obtain your explicit consent before it applies. We do not share your audio with third parties for AI model training, and audio is not used for any purpose beyond the two named above. What we retain after processing: meeting transcripts and notes; transcripts of your voice conversations with the AI assistant and language-practice sessions, retained as part of your session history for about 14 days before being automatically removed; and observations derived from your activity (for example, pronunciation patterns and your language-learner competence profile), retained until you delete your account. This data can be exported from Tools → Your Data, and is deleted along with your account from Tools → Settings.
Data Storage
Your account content is stored on Cloudflare infrastructure: the D1 database, R2 file storage, KV cache, and Vectorize semantic index. The files you upload or create are stored on Cloudflare R2, located in Cloudflare's EU jurisdiction. D1, KV, and Vectorize run on Cloudflare's global network, with processing governed by Cloudflare's GDPR-compliant data processing agreement and Standard Contractual Clauses. All data is encrypted in transit and at rest under Cloudflare's platform encryption (D1, R2, KV); OAuth tokens are additionally encrypted by Memoro using AES-256-GCM. Each user's data is logically isolated. Your content and the knowledge MEMORO extracts from it (entities, relationships, summaries) are retained for as long as your account exists. You can export or delete your data at any time from the Tools hub.
AI Processing
Your content is processed by AI services for transcription, summarisation, extracting structured information from your content, voice conversation, conversational assistance, image analysis, image generation, voice synthesis, and web search. The external AI providers we use are: Anthropic; OpenAI; Google (including Gemini Live for voice and Google Cloud Text-to-Speech for course audio); Cloudflare Workers AI. We do not use your content to train AI models, and we send it to these providers under terms that don't permit them to use it for training. Your content is sent to these AI providers — both when you ask for something and automatically in the background as part of the Service (for example, to transcribe, summarise, and extract knowledge from what you add). Automated processing cannot reliably filter out personal data contained in your content, so avoid putting sensitive personal information you don't need to into the Service. Most of these providers process data in the United States. See International Transfers below.
Legal Bases for Processing
We process your personal data on the following legal bases under the GDPR: Providing the Service — your account, your content, and the AI processing the Service relies on — both features you use directly and automatic background processing — under our contract with you (Article 6(1)(b)); analytics — only with your consent (Article 6(1)(a)), which you can withdraw at any time in Tools → Your Data → Privacy controls; security, fraud prevention, and rate limiting — our legitimate interests (Article 6(1)(f)) in keeping the Service safe and reliable; and billing and accounting records — to meet our legal obligations (Article 6(1)(c)), including Swedish bookkeeping law.
Third-Party Services (Sub-Processors)
We share personal data with third-party service providers (sub-processors) only as necessary to operate MEMORO. Each provider is bound by a data processing agreement. For a complete list of sub-processors, including the data they receive and their location, see the Sub-Processor List.
Sign-In Providers and Device Permissions
You can sign in to MEMORO with Apple or Google. We use these providers only to verify your identity — we receive your email address and name, and nothing else. MEMORO does not read, sync, or access any other data from these providers (calendar, contacts, mail, files). In our native app, you may also choose to grant on-device permissions so that MEMORO can import your contacts, calendar events, or photos directly from your device — each permission is optional, requested through the operating system's standard dialog, and can be revoked at any time in your device settings. Data stays on your device until you choose to import it into MEMORO. Additional integrations may be added in future versions of the Service; when that happens, this Privacy Policy will be updated and any new data access will require your explicit consent.
Cookies and Local Storage
On the web, we use one cookie: memoro_session — an HttpOnly, Secure session cookie that keeps you signed in. It expires after 90 days of inactivity (renewed automatically when you use the service) with a 365-day absolute cap. We also use your browser's localStorage for two purposes: (a) functional preferences such as your language choice, theme, and onboarding progress, and (b) a client-side cache of your account data (boot profile, entities, events, content, inbox) so the app loads instantly and stays responsive between views. This cache mirrors data we already hold on our servers — nothing extra is collected — and is cleared when you sign out. Your acceptance of these Terms and our Privacy Policy, and your analytics preference, are recorded against your user account in our database — not in a cookie — so the choice follows you across devices. We do not use tracking cookies, advertising cookies, or third-party cookies. In our native app, authentication uses a device bearer token stored in the device's secure storage (e.g. the iOS Keychain) rather than a cookie, and cached data is stored in the app's sandboxed storage rather than in browser localStorage. You can change your analytics preference at any time in Tools → Your Data → Privacy controls.
Analytics
We collect usage analytics to improve the service — for example, which features are used and how often, and error rates. Before analytics events are stored, your user ID is replaced with a one-way pseudonym so the analytics layer does not contain your account identifier. Because the pseudonym is deterministic, events can still be grouped into one account's activity — this is pseudonymisation under GDPR Article 4(5), not full anonymisation. You choose whether to enable analytics during onboarding, and you can change that choice at any time in Tools → Your Data → Privacy controls. When analytics is off, no events are recorded for your account.
Profiling
We use your content and activity to build a personalised model — your preferences, a language-learner profile, and the connections between the people, topics, and things in your life. This profiling is used to personalise the Service. We do not make decisions producing legal or similarly significant effects about you based solely on automated processing.
Data Retention
All personal content (meetings, notes, documents, emails, contacts, photos, courses, and the knowledge MEMORO extracts from them) is retained for as long as your account is active. If you haven't logged in for roughly a year, we send you a warning email; if you do not log in within 30 days of the warning, your account and all associated data are permanently deleted. You can export all your data at any time from Tools → Your Data → Export. When you delete your account manually, all personal data is permanently removed from all storage layers (database, files, search indexes, vector embeddings, cached sessions) immediately. Aggregate analytics metrics are kept only in a pseudonymised form that can no longer be linked to you. Rate-limiting records use pseudonymised identifiers and expire automatically.
Your Rights
Under the GDPR, you have the right to: access your personal data (export from Tools → Your Data → Export, available in JSON or ZIP); rectify inaccurate data (edit your profile in Tools → Settings; for fields you can't change yourself, contact us); erase your data (Tools → Settings → Danger Zone → Delete account permanently removes all your personal data); restrict or object to processing; withdraw consent for any processing that relies on it (for example, analytics — toggle in Tools → Your Data → Privacy controls); data portability — receive a machine-readable copy of your data that you can transfer to another service (JSON or ZIP export); and lodge a complaint with a supervisory authority (in Sweden: Integritetsskyddsmyndigheten, IMY, imy.se). For any right that is not available via self-service, contact us at support@meetmemoro.app. We will respond within one month, which we may extend by up to two further months for complex or numerous requests (Article 12(3)).
International Data Transfers
Some of our sub-processors are based outside the European Economic Area. The US-based processors are: Anthropic, Apple, Google, LiveKit, OpenAI, Resend, and Stripe. For transfers to the United States, we rely on the European Commission's Standard Contractual Clauses (SCCs) — and, where a provider is certified, the EU–U.S. Data Privacy Framework — as our Article 46/adequacy transfer mechanisms, together with supplementary technical measures including encryption in transit and at rest, and data minimisation. Primary customer data — the files you upload, your D1 database rows, and your Vectorize embeddings — is held on Cloudflare infrastructure: R2 in Cloudflare's EU jurisdiction, and D1/KV/Vectorize on Cloudflare's global network under its GDPR-compliant data processing agreement. See the Sub-Processor List for the complete list and locations.
Contact
For privacy-related questions or to exercise your data rights, contact us at support@meetmemoro.app. The data controller is Martin Forsberg, Palme Lydersgatan 20, 271 50 Ystad, Sweden.