Privacy Policy

Effective: March 29, 2026

1. What We Collect

When you use the memoir cloud service, we store:

• Your email address (for authentication)
• Encrypted backup files (we cannot read their contents)
• Metadata: tool names, file counts, machine hostname, backup timestamps

2. What We Don't Collect

• No analytics or usage tracking
• No cookies (except authentication tokens)
• No third-party trackers or pixels
• No selling or sharing of data with advertisers

3. Encryption

All backups are encrypted on your machine with AES-256-GCM before they leave your device. We never see your plaintext data. Your encryption passphrase is never transmitted to our servers.

4. Third-Party Services

• Supabase -- database hosting and authentication (US East)
• Stripe -- payment processing for Pro subscriptions

We do not share your data with any other third parties.

5. Data Retention

Your backups are kept until you delete them or close your account. When you delete your account, all associated data is permanently removed.

6. Your Rights

• Export your data anytime via memoir view
• Delete your account via memoir account delete
• Request data deletion by emailing hello@memoir.sh

7. GDPR

Data is processed and stored in the United States (Supabase us-east-1). If you are in the EU, your data is transferred to the US. You can request deletion at any time.

8. Changes

We may update this policy. Material changes will be noted on this page with an updated effective date.

9. Contact

Questions about your data? Email hello@memoir.sh.