Privacy Policy

Memora Bond ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Chrome extension and web application (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

• Account Information: When you sign in with Google, we receive your Google account identifier, display name, email address, and profile picture from Google. We do not request or store your Google password.
• Payment Information: Subscription payments are processed through PayPal. We do not collect, store, or have access to your credit card number, bank account details, or PayPal login credentials. We only receive your subscription status from PayPal.
• User Preferences: Settings you configure within the app, such as data retention preferences, notification settings, and sensitivity filters.

1.2 Information Collected Automatically

• Browsing Data: When you use the Chrome extension, we collect the URL, page title, and content snippets of web pages you visit. This data is stored as "memories" in your personal account and is used solely to provide the memory search and recall features.
• Session Data: Information about your browsing sessions, including session duration, active project context, and task descriptions you provide.
• Usage Analytics: Aggregated, anonymized data about how you interact with the Service, such as features used, search queries (in anonymized form), and dashboard navigation patterns.
• Device Information: Browser type and version, operating system, and a browser fingerprint hash used to identify your device for session continuity.
• Log Data: IP address, access times, and pages viewed within our web application, collected automatically by our hosting provider (Firebase/Google Cloud).

2. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve the Service, including saving, organizing, and searching your browsing memories.
• To authenticate your identity and secure your account using Google Sign-In and Firebase Authentication.
• To process subscription payments and manage your billing status through PayPal.
• To provide AI-powered features, including memory summarization, contextual search, knowledge graph generation, and recall assistance.
• To detect and filter sensitive content (such as passwords, API keys, and personal identification numbers) through our Vault feature.
• To communicate with you about your account, subscription status, and important service updates.
• To analyze usage patterns and improve the Service's performance, reliability, and user experience.
• To comply with legal obligations and enforce our terms of service.

3. Data Storage and Security

Your data is stored in Google Cloud Firestore, a fully managed, serverless NoSQL database with encryption at rest. All data transmission between your browser, our extension, and our servers is encrypted using TLS (HTTPS). We implement Firebase Authentication with JWT tokens for secure session management. Access to your data is restricted to your authenticated account, and our backend services only access your data to provide the Service functionalities described above.

We use the Vault feature to automatically detect and redact sensitive information from your browsing memories. However, no system is perfectly secure, and we cannot guarantee the absolute security of your data. We encourage you to review sensitive memories regularly and use the Vault feature to flag content you consider sensitive.

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data to third parties. We may share your information in the following limited circumstances:

• Service Providers: We share data with Google (Firebase) for authentication, database storage, and hosting, and with PayPal for subscription payment processing. These service providers are bound by their own privacy policies and data processing agreements.
• Legal Requirements: We may disclose your information if required to do so by law, in response to valid legal process, or to protect our rights, privacy, safety, or property, or that of our users or the public.
• AI Processing: Your browsing memories may be processed by AI models (hosted by our service providers) to generate summaries, search results, and contextual insights. Your data is not used to train AI models for any purpose outside of providing the Service to you.

5. Data Retention

We retain your browsing data for the duration of your subscription and for up to 90 days after account deletion or subscription cancellation, unless you request earlier deletion. Session data and usage analytics are retained for up to 90 days. You can configure your data retention preferences in the Settings section of the dashboard. You may request deletion of your data at any time by contacting us.

6. Your Rights and Choices

You have the following rights regarding your personal data:

• Access: You can view all your stored memories, sessions, and project data through your dashboard at any time.
• Deletion: You can delete individual memories, sessions, or your entire account. Upon account deletion, we will remove all your personal data within 90 days.
• Correction: You can edit memory titles, tags, and summaries within the dashboard.
• Data Portability: You can export your memories as PDF documents through the export feature in the dashboard.
• Opt-Out: You can disable browsing tracking, auto-capture, or sensitive content filtering at any time in the Settings section. Uninstalling the Chrome extension will stop all data collection from browsing activity.
• Subscription Cancellation: You can cancel your PayPal subscription at any time through the dashboard or through your PayPal account settings.

7. Children's Privacy

The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe we have collected data from a child, please contact us immediately.

8. International Data Transfers

Your data is stored on Google Cloud servers, which may be located in different regions around the world. By using the Service, you consent to the transfer of your data to countries where Google operates data centers. Google Cloud complies with applicable data protection frameworks, including the EU-US Data Privacy Framework.

9. Chrome Extension Permissions

The Memora Bond Chrome extension requires the following permissions to function:

• Read and change your data on all websites: Used to capture page titles, URLs, and content snippets from pages you visit to create searchable memories.
• Storage: Used to store extension settings and cached data locally on your device.
• Identity: Used to authenticate with your Google account and link the extension to your Memora Bond dashboard.

The extension does not read passwords, form inputs, payment information, or any data on incognito/private tabs. All captured data is transmitted securely over HTTPS and stored in your personal, authenticated Firestore database.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this page periodically for the latest information on our privacy practices. Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: