Privacy Policy

In Short

We store your memories securely. We don't sell your data. We don't train AI models on your data. Your memories are yours.

What We Collect

• Account Information: Email address, name (optional), organization name (optional)
• Memory Data: The memories you store through our MCP server
• Usage Data: API calls, search queries, feature usage
• Technical Data: IP address, browser type, device information

How We Use Your Data

• Provide and maintain the rembr service
• Store and retrieve your memories
• Monitor usage for billing and plan limits
• Improve service performance and reliability
• Send important service updates (you can opt out of marketing emails)

Data Security

We implement industry-standard security measures:

• All data encrypted in transit (TLS)
• All data encrypted at rest
• Row-level security for complete tenant isolation
• Regular security audits and updates
• API keys hashed and never stored in plain text

Data Retention

We retain your data as long as your account is active. When you delete your account:

• All memories are permanently deleted within 30 days
• API keys are immediately revoked
• Backups are purged within 90 days

Third-Party Services

We use these trusted third-party services:

• Authentication: GitHub OAuth (optional)
• Email: Resend (for magic links)
• Payments: Stripe (we never see your credit card)
• Hosting: Self-hosted on our infrastructure

Your Rights

You have the right to:

• Access all your data
• Export your memories
• Delete your account and all data
• Opt out of marketing communications
• Request data corrections

Contact

Questions about privacy? Email us at privacy@rembr.dev