MemoraCore

Privacy Policy

Last updated: January 2026

TL;DR: We collect only what's necessary. We never sell your data. You control your data.

1. Information We Collect

Account Information

  • Email address
  • Hashed password (never stored in plaintext)
  • Account preferences and settings

Billing Information

Processed by Stripe. We only receive the last 4 digits of your card and billing address.

Agent & Conversation Data

  • Agent configurations and prompts
  • Conversation transcripts
  • Extracted memories (per your memory policy)
  • Escalation records

Technical Data

  • IP addresses and browser type
  • API request logs
  • Error logs and performance data

2. How We Use Your Information

To Provide the Service

  • Process AI agent requests
  • Store and retrieve memories
  • Handle escalations
  • Provide dashboard access

To Improve & Secure

  • Analyze usage patterns
  • Debug issues
  • Detect and prevent abuse
  • Maintain audit logs

3. Data Storage & Security

Your data is stored on secure infrastructure:

Encryption

AES-256 at rest, TLS 1.3 in transit

Isolation

Row-level security policies

Infrastructure

Supabase + Vercel (SOC 2)

4. Data Retention

Memory retention varies by plan:

7

days (Free)

30

days (Starter)

90

days (Pro)

365

days (Scale)

Account data is retained while active + 30 days after deletion. Audit logs are kept for 2 years.

5. Data Sharing

We never sell your data.

We share data only with service providers:

Stripe

Payment processing

Supabase

Database infrastructure

OpenAI / Anthropic / Google

AI model providers

Qwen / DeepSeek / Zhipu

China region providers

6. Your Rights

Access & Export

View and download your data anytime via dashboard or API

Correction

Update your information at any time

Deletion

Delete memories, agents, or your entire account

Objection

Object to certain processing by contacting us

7. International & Compliance

GDPR (EU)

We act as data processor for end user data, data controller for your account.

CCPA (California)

Right to know, delete, and opt-out. We don't sell data.

For China region, we offer providers (Qwen, DeepSeek, Zhipu) that process data within China-accessible infrastructure.

8. Your Responsibilities

As a customer using MemoraCore with your end users:

  • Inform your end users about data collection
  • Obtain necessary consents
  • Comply with applicable privacy laws
  • Configure appropriate memory policies
  • Respond to your end users' data requests

9. Contact

For privacy-related inquiries:

contact@memoracore.dev

10. Changes

We may update this policy from time to time. We'll notify you of material changes via email and update the "Last updated" date. Continued use after changes constitutes acceptance.