Privacy policy.
Last updated June 11, 2026 · A memory product lives or dies on trust, so this is written straight.
The short version
- We store your account details and your dots — that's the product.
- Your dots are served only to tools you explicitly connected.
- We don't sell your data, run ads, or train AI models on your content.
- One session cookie, no tracking cookies, no analytics scripts today.
- Delete dots yourself anytime; email us to delete your whole account.
What we collect, and why
| Data | Why |
|---|---|
| Account — name, email, optional username, password (scrypt-hashed; we can't read it) | Sign-in, verification emails, password resets. |
| Dots — the titles, summaries, tags, and sources your connected tools (or you) save | This is the service: storing and serving your memory. |
| Activity — events like "dot saved", "context served to ChatGPT", plan changes | Your Activity page, the tokens-saved counter, the weekly digest. |
| Billing — your plan, Stripe customer and subscription ids | Running subscriptions. Card numbers go to Stripe, never to us. |
| Connections — which tools you authorized, and their access tokens | So your tools can save and recall on your behalf. |
| Server logs — IP addresses and request metadata, briefly | Security, debugging, and abuse prevention (e.g. login rate limits). |
Dots are summaries your assistant writes, not transcripts — we never receive your full conversations unless you paste one in yourself.
What we never do
No selling or renting your data. No advertising. No training AI models on your content. No reading your dots — humans access them only if needed to fix a problem you've reported, with your consent, or where the law requires.
Where your data lives
On servers run by Render (United States), with each account's dots in their own isolated database. Render keeps short-lived disk snapshots (about 7 days) for disaster recovery. Traffic flows through Cloudflare's network (DNS). Everything is encrypted in transit (HTTPS).
Services we rely on
| Service | What it handles |
|---|---|
| Render | Hosting and storage. |
| Cloudflare | DNS and network routing. |
| Stripe | Payments — card details never touch our servers. |
| Resend | Sending verification, reset, and digest emails. |
These providers process data only to provide their service to us. We share data with no one else, except if the law compels us — in which case we'll tell you unless we're legally barred from doing so.
Cookies
One cookie: mos_s, which keeps you signed in. It's
HttpOnly, Secure, and SameSite. No tracking cookies, no third-party analytics scripts.
We count visits to our public pages in aggregate, on our own server, with no cookies and no third parties. Daily visitor counts use a salted fingerprint that changes every day, can't be linked across days, and is deleted within five weeks. We never store your IP address with it.
Your rights and controls
- See everything: your graph shows every dot; your Activity page shows every event.
- Delete dots: any dot, anytime, in the app — gone from the live database immediately (snapshot copies age out within ~7 days).
- Disconnect tools: from each tool's own settings, anytime.
- Export or delete your account: email support@thememoryos.com — export delivered, or account and data deleted, within 30 days.
- If you're in the EU/UK or a similar jurisdiction, the rights you're owed (access, correction, deletion, portability, objection) are honored through that same address.
Retention
We keep your data while your account exists. Deleted dots leave the live database at once. When your account is deleted, everything goes — dots, events, account record — with snapshot copies aging out within about 7 days.
Security
Connections from tools use OAuth 2.1 with PKCE; every request is scoped to your account alone. Passwords are scrypt-hashed with per-user salts. Changing your password signs out every other session. If we ever suffer a breach that affects you, we'll notify you by email without undue delay.
Children
MemoryOS isn't for children under 16, and we don't knowingly collect their data.
Changes
If this policy changes meaningfully, we'll email account holders and update the date at the top before the change takes effect.
Contact
support@thememoryos.com — a human reads it.
← thememoryos.com · Terms of Service · support@thememoryos.com · © 2026 MemoryOS