Privacy at Memvid

1. Scope

This Privacy Statement explains how Memvid collects, uses, shares, and protects personal information when you visit our websites, sign in to the Memvid application, communicate with us, or use Memvid through your organization. If your organization has a signed agreement, order form, data processing addendum, or other written terms with Memvid, those documents control if they conflict with this page.

2. Customer and user roles

• When an organization provides Memvid to its employees, contractors, or invited users, that organization controls the workspace, connected applications, user access, retention choices, and instructions for processing customer content.
• Memvid generally acts as a service provider or processor for customer content and workspace personal data. Memvid acts as an independent controller for its own website, billing, sales, support, security, and business operations.
• If you use Memvid through your employer or another organization, direct requests about workspace content, connector access, account removal, or retention first to that organization.

3. Information we collect

• Account and profile information, such as name, email address, organization, role, workspace membership, authentication status, and preferences.
• Customer content selected by the customer, such as documents, files, messages, emails, calendar records, CRM records, tickets, notes, metadata, permissions, access-control lists, and other data from connected applications.
• Connector and integration information, such as provider names, connection status, OAuth metadata, sync status, folder or scope selections, webhook events, and operational health data.
• Usage, security, and diagnostic information, such as browser type, device data, IP address, request identifiers, audit events, logs, feature usage, errors, latency, and system health telemetry.
• Commercial and support information, such as billing contacts, order details, support messages, meeting notes, feedback, and communications preferences.

4. How we use information

• Provide, secure, maintain, monitor, and improve Memvid, including enterprise search, chat, agent workflows, connector sync, document processing, indexing, citations, audit logs, and administration tools.
• Authenticate users, enforce tenant boundaries, apply workspace roles, preserve source-system permissions, and help administrators manage access.
• Generate answers, summaries, extracted metadata, embeddings, workflow outputs, and other AI-assisted results requested by users or configured by administrators.
• Detect, investigate, and prevent abuse, unauthorized access, security incidents, service degradation, policy violations, and reliability issues.
• Provide support, onboarding, billing, notices, product updates, compliance artifacts, and legally required communications.

5. AI and model provider processing

• Memvid may send prompts, retrieved context, files, extracted text, metadata, and user instructions to third-party AI, embedding, OCR, or document-processing providers when necessary to provide a requested feature.
• Memvid does not sell customer content or use customer content to train a Memvid-owned foundation model. Third-party model retention, logging, and training restrictions depend on the provider, deployment mode, and customer configuration in effect for the workspace.
• If a customer configures its own AI provider key, gateway, or model account, that customer's agreement with the provider may govern provider-side processing in addition to Memvid's terms.
• AI outputs may be incomplete or incorrect. Memvid logs enough operational metadata to debug, audit, secure, and improve the service, subject to customer agreements and retention settings.

6. How we share information

• Service providers and subprocessors that help operate Memvid, including cloud infrastructure, authentication, connector orchestration, email delivery, billing, observability, support, security, and AI or document-processing providers.
• Customer administrators and authorized workspace users, according to workspace roles, source permissions, sharing settings, and product configuration.
• Legal, compliance, safety, and security recipients when disclosure is required by law, legal process, customer instruction, or to protect rights, safety, service integrity, or prevent abuse.
• Parties to a business transaction, such as a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate confidentiality and data protection commitments.
• Other parties when you or the customer instruct us to share information or give consent.

7. Security

Memvid uses administrative, technical, and organizational safeguards designed to protect information from unauthorized access, loss, misuse, or disclosure. These include tenant-aware access controls, audit logging, encryption-backed infrastructure controls, operational monitoring, and restricted internal access. No system can be guaranteed to be completely secure, and customers remain responsible for their users, connected applications, permissions, and endpoint security.

8. Retention and deletion

• Memvid retains personal information and customer content for as long as needed to provide the service, comply with customer instructions, meet legal or accounting obligations, resolve disputes, enforce agreements, maintain audit trails, and protect the service.
• Customer administrators can disconnect sources, request deletion, or export data through available product workflows or support channels, subject to contractual, legal, backup, audit, and security requirements.
• Operational logs, audit records, backups, and security evidence may be retained for limited periods after account or workspace deletion where necessary for security, compliance, and service integrity.

9. Cookies and similar technologies

Memvid may use cookies, local storage, and similar technologies to keep users signed in, protect sessions, remember preferences, measure product reliability, and understand website or application usage. Browser settings may allow you to limit cookies, but some authentication and security features may not work without them.

10. Privacy rights

• Depending on where you live, you may have rights to request access, correction, deletion, portability, restriction, objection, or withdrawal of consent for certain personal information.
• For workspace content controlled by your organization, Memvid may route your request to that organization or ask you to contact your administrator.
• To make a request, email contact@memvid.com. We may need to verify your identity and authority before fulfilling a request.

11. International transfers

Memvid and its service providers may process information in the United States and other locations where we or our subprocessors operate. Where required, Memvid uses contractual, organizational, and technical measures intended to support lawful international data transfers.

12. Children

Memvid is designed for business and enterprise use. It is not directed to children, and we do not knowingly collect personal information from children through the service.

13. Changes to this statement

We may update this Privacy Statement from time to time. When we make material changes, we will update the date above and provide notice where required by law or by customer agreement.