MemoryFox (“we”, “us”) is committed to protecting your privacy. This Privacy Policy explains what personal information we collect, how we use it, and the choices you have. It applies to the MemoryFox website, applications, and services (the “Service”).
1. Information We Collect
Account information
When you sign up we collect your email address and an authentication credential (password hash or OAuth identifier). We may also store a display name and avatar if you provide one.
Content you create
We store the caches, notes, collections, links, and metadata you create on the Service so that we can render them back to you. We generate vector embeddings of your content to power semantic search and retrieval-augmented question-answering.
Usage data
We collect basic operational telemetry — request logs, error traces, feature interaction events — to keep the Service reliable and to improve it. Where possible this is aggregated or pseudonymised.
Payment information
Payments are processed by our payment provider. We do not store full card numbers. We retain a customer identifier, the last four digits of your card, billing country, and invoice history for tax and accounting purposes.
2. How We Use Your Information
- To operate, maintain, and provide the features of the Service;
- To process subscriptions, invoices, and refunds;
- To send transactional emails (account, billing, security, product updates you opt into);
- To detect, prevent, and respond to fraud, abuse, and security incidents;
- To comply with legal obligations.
3. AI Processing & Sub-processors
To provide AI features (embeddings, semantic search, RAG answers, summarisation), we send the relevant portions of your caches to trusted third-party AI providers under data-processing agreements. These providers are contractually prohibited from using your content to train their public models.
We also rely on infrastructure sub-processors for hosting, database, email delivery, and analytics. A current list is available on request at contact@lyramirae.com.
4. Sharing & Disclosure
We do not sell your personal data. We disclose information only:
- To sub-processors who help us operate the Service, under contract;
- When required by law, court order, or valid legal process;
- To protect the rights, safety, or property of MemoryFox, our users, or the public;
- In connection with a corporate transaction (e.g. merger), with continued protection of your data.
5. Data Retention
We retain your caches and account data for as long as your account is active. When you delete a cache, it is removed from our active databases and from search indices promptly, and from backups within 30 days. When you delete your account, we delete your personal data within 30 days, except where retention is required by law (for example, financial records).
6. Security
We use industry-standard safeguards including encryption in transit (TLS), encryption at rest for databases, scoped access controls, and audit logging. No system is perfectly secure; if we detect a breach affecting your data we will notify you and the relevant authorities as required by law.
7. Your Rights
Depending on where you live, you may have the right to access, correct, export, or delete your personal data, object to certain processing, or lodge a complaint with a data protection authority. You can exercise most of these rights directly from the Service (export, delete) or by emailing contact@lyramirae.com.
8. Legal Basis & International Transfers
MemoryFox is operated from the Republic of Korea and processes personal information in accordance with the Personal Information Protection Act (개인정보 보호법, “PIPA”) and related guidelines issued by the Personal Information Protection Commission (PIPC).
Your data may be processed in countries other than your own, including by our AI and infrastructure sub-processors. Where personal information is transferred outside of Korea, we obtain your consent where required by PIPA or rely on another lawful basis, and we apply appropriate safeguards such as contractual commitments with each recipient.
9. Children
The Service is not directed to children under 14, the age at which PIPA requires the consent of a legal representative. We do not knowingly collect personal data from children under 14. If you believe a child has provided us with personal data, please contact us so we can delete it.
10. Changes
We may update this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notice. The “Effective” date at the top of this page indicates when the current version took effect.
11. Contact
For privacy questions or to exercise your rights, contact contact@lyramirae.com.