Privacy Policy

Overview

memrov is designed so identity data and analytical outputs are handled in separate systems where possible. This policy explains what we collect, why, how long we keep it, and your choices, including deletion.

What we collect

• Account and identity: Provided through our authentication provider and stored with that provider.
• Assessment input: Content you upload, such as an exported memory file, is processed to generate your report. It is not stored as a permanent raw archive in our application database; processing uses short-lived server-side storage that expires automatically.
• Derived results: Pseudonymous scores and report metadata may be stored so you can use the product and, if you opt in, for optional matching. We minimize direct identifiers in analytical stores.
• Payments: Handled by our payment processor; we do not store full card numbers on our servers.
• Optional matching: If you opt in, we may store a regional indicator such as a zip prefix and use a separate secrets vault to map a pseudonymous identifier to your account for matching. See Matching Service Terms.

How we use data

We use data to provide the assessment, operate and secure the service, process payments, and, only if you opt in, support matching. Automated analysis may use third-party AI infrastructure; provider terms and settings apply to those subprocessors.

Subprocessors

We use vendors for authentication, hosting, database, payments, workflow orchestration, rate limiting, secrets management, and AI routing. A current list is on our Security & Infrastructure page.

Retention

• Clerk identity and entitlements: retained until account deletion.
• Redis upload content: expires after 30 minutes.
• Redis workflow context and ownership references: expire after 2 hours.
• Supabase reports: retained under our product-defined pseudonymized retention policy.
• Infisical matching lookup entries: retained only while matching is active.

Deletion

You can delete your account from the in-app account deletion flow. When you do, we remove your account with our identity provider and attempt to remove the optional vault mapping used for matching. If the vault cleanup cannot be explicitly verified, the account deletion flow is paused rather than silently proceeding.

Research retention: Pseudonymized analytical scores derived from your use of the service may be retained in our analytical database after account deletion and cannot be tied back to your identity without the removed mapping. If you need a different arrangement, contact us before deletion.

Your rights

Depending on where you live, you may have rights to access, delete, port, or restrict processing of personal data. Use the account deletion flow for erasure of account data, or contact us for other requests. We will respond within applicable legal timelines.

Contact

For privacy questions, use the contact method we publish for support or the address in your order or account communications. For security reporting, see Security & Infrastructure.