What we collect
When you use Memo, we collect the following: Account information- Email address (used for sign-in and attribution on captures)
- Display name and avatar (shown in your workspace alongside content you add)
- Authentication tokens (issued by our auth provider when you sign in)
- Inspirations you save: images, screenshots, links, source URLs, page titles, tags, and notes
- Which workspaces you belong to and your role in each (viewer, editor, admin, owner)
- Which workspace is currently selected in the extension
- Authentication tokens stored locally in your browser via
chrome.storage.local, used to authorize uploads to your workspace - Your selected environment (production or local development) — used only by developers; defaults to production
- Your browsing history
- Pages you visit while not actively using the extension
- Page contents that you do not explicitly capture
- Any data from third-party tracking, analytics, or advertising scripts in the extension
How we use it
Your data is used solely to operate the Memo platform:- To authenticate you and authorize uploads to your workspace
- To display the inspirations you save back to you and your workspace collaborators
- To attribute captures to the user who saved them
- To filter, search, and organize your captures using the tags you apply
- To respect role-based permissions (e.g. preventing viewers from editing)
Where it goes
When you save an inspiration:- The image (if any) is uploaded to our object storage, hosted by Supabase
- The metadata (URL, title, tags, your user ID, workspace ID) is written to our Postgres database, also hosted by Supabase
- All requests are made over HTTPS
- Supabase (database, authentication, file storage) — see Supabase’s privacy policy
- Vercel (web application hosting) — see Vercel’s privacy policy
- Stripe (billing, if you have a paid plan) — see Stripe’s privacy policy
How long we keep it
- Captures and workspace content: retained as long as the workspace exists. You can delete individual items, or an entire workspace, at any time from the Memo app.
- Account data: retained while your account is active. If you delete your account, we permanently remove your account record and de-associate your captures from your identity within 30 days.
- Extension-local data (auth token, selected workspace): cleared when you sign out from within the extension popup or when you uninstall the extension.
Your rights
Depending on where you live, you may have rights under data protection laws (such as GDPR in the EU/UK, or CCPA in California), including:- Access — request a copy of the data we hold about you
- Correction — fix inaccurate data
- Deletion — request that we delete your account and associated data
- Portability — receive your data in a machine-readable format
- Objection — object to certain types of processing
Security
- All data is transmitted over TLS (HTTPS)
- Database access is gated by row-level security policies that enforce workspace membership and roles
- Authentication tokens are stored in
chrome.storage.local, isolated to the extension’s origin and not accessible to web pages - We follow industry standard practices to prevent unauthorized access
Children
Memo is intended for users 16 and older. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.Changes to this policy
We may update this policy from time to time. Material changes will be communicated via email to your registered account, and a notice will appear in the app on your next sign-in. The “Last updated” date at the top of this page is always current.Contact
Questions, requests, or concerns about your data:- Email: support@memo.solutions
- Address: 251 Little Falls Drive, Wilmington, DE 19808, United States
This policy is also available at memo.solutions/privacy.