Legal · Privacy

Privacy Policy

Memry is built on a simple promise: your notes belong to you, and we cannot read them.

Last updated · May 9, 2026

Summary in 30 seconds

  • Your notes, tasks, and journal stay on your device. We never see their content.
  • Sync uploads only ciphertext. Every byte is encrypted on your device with XChaCha20-Poly1305 before it leaves.
  • Encryption keys live in your password manager and never touch our servers.
  • Anonymous usage metrics are optional, on by default, and switchable from Settings → Privacy. They never include note content, search queries, file paths, emails, or raw IDs.
  • We collect the minimum metadata needed to bill, deliver, and secure the service.
  • We never sell your data. We have nothing to sell.

1. What this policy covers

This policy describes how Memry handles personal data in the desktop app, the marketing website, and the optional Sync service. It applies to everyone who uses Memry, regardless of country.

2. The local app keeps your content on your device

The Memry desktop application runs entirely on your computer. Your notes, tasks, journal, and files are stored as plain Markdown files in a vault folder you choose. None of that content is sent to us, period.

Optional update checks contact our update server, which sees only your IP address and app version.

3. Optional anonymous usage metrics

Memry includes an optional, anonymous telemetry stream so we can understand which features get used, where the app crashes, and where it slows down. You can turn it off at any time in Settings → Privacy → Share Anonymous Usage Metrics. It is on by default in production builds and off in development builds.

Each event is one row from a fixed list — for example app_started, note_created, search_performed, sync_run_completed, app_error_seen. We do not capture free-form strings. The schema rejects any dimension that looks like an email address, URL, file path, or raw identifier before the event ever leaves your device.

Each event ships with:

  • The event name and a short action label (both from a fixed enum).
  • An anonymous install ID and session ID. The install ID is a random UUID generated on your device — it is not derived from your hardware, account, or any personal data.
  • App version, release channel, OS platform, CPU architecture, locale, and your timezone offset.
  • Whether you are signed in to Sync (yes/no/unknown) and whether Sync is enabled.
  • Optional numeric metrics for the action — duration, item count, byte count, retry count.

Events are batched in memory and uploaded to sync.memrynote.com/telemetry/batch at most every 30 seconds. We never log your IP address against your telemetry stream beyond the standard edge access logs that every web server keeps for a short window.

Crash reporting is part of the same stream. We see that an error happened, on which surface, and an error code from a fixed list — never a stack trace that could contain your data.

4. What Sync sends to our servers

If you opt into the paid Sync service, the following is uploaded:

  • Encrypted blobs. Notes, tasks, journals, attachments, and metadata, all encrypted on your device before upload. We hold ciphertext only.
  • Routing metadata. Vault IDs, blob keys, content hashes, byte counts, and timestamps. These are needed to route updates to your other devices and to count usage against your plan.
  • Account identifiers. Your email address, a hashed password, and verification tokens.

We do not receive plaintext titles, plaintext tags, or any contents of your vault. The server's view of your notes is a stream of opaque encrypted bytes.

5. What the website collects

Memrynote.com uses minimal, privacy-respecting analytics to understand how people find the site and which pages are useful. We do not use third-party advertising trackers and do not sell visitor data.

If you join the waitlist or contact us, we store the email address you submit so we can reply or send the messages you opted into.

6. How we use the data we have

We use the data described above only to:

  • Operate, sync, and secure your account.
  • Bill you, through Paddle, for the plan you chose.
  • Send transactional email (sign-up confirmation, payment receipts, security notices).
  • Understand which features get used and where the app crashes (if you have left anonymous usage metrics on).
  • Investigate abuse and comply with legal obligations.

We do not use your data to train models, build advertising profiles, or sell anything to anyone.

7. Encryption details

Memry uses end-to-end encryption based on the libsodium primitives: XChaCha20-Poly1305 for content, Ed25519 for signatures, and Argon2id for password-based key derivation. Your master key is derived from your password on your device and is never sent to us.

Because we never hold your keys, we cannot decrypt your data. We cannot reset it for you, and we cannot disclose its contents in response to a subpoena — we have no way to read it ourselves.

8. Sub-processors

We use a small set of third-party services to operate Memry. Each is contractually bound to handle your data only for the purpose listed:

  • Cloudflare — hosts the Sync API, stores encrypted blobs in R2, and runs the marketing website's edge.
  • Paddle — merchant of record for payments. Receives billing details (name, billing address, payment method).
  • Postmark or a similar transactional email provider — delivers sign-up, billing, and security emails.

We do not share data with advertising networks, data brokers, or social media platforms.

9. International transfers

Memry is a small indie operation. Our infrastructure is global by default — encrypted blobs may be served from data centers near you for performance. Where personal data crosses borders, we rely on standard contractual clauses with our sub-processors.

10. How long we keep things

  • Encrypted blobs: kept while your subscription is active. After a lapse, kept in read-only mode for 30 days, then in cold storage until day 90, then physically deleted.
  • Account record: kept while your account exists. If you delete your account, the record and any remaining blobs are removed within 30 days.
  • Billing records: retained as required by tax law in your country (typically 7 years).
  • Anonymous usage metrics: aggregated and retained for up to 24 months, then deleted. There is no way to tie an event back to a person.
  • Server logs: retained for up to 30 days for security and debugging.

11. Your rights

Depending on where you live (GDPR, UK GDPR, CCPA, and similar laws), you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your account and associated data.
  • Export the metadata we hold about your account.
  • Object to processing or restrict it in specific cases.

To exercise any of these rights, email privacy@memrynote.com from the address tied to your account. We respond within 30 days.

You can also lodge a complaint with your local data protection authority. We would rather hear from you first, but you do not have to.

12. Children

Memry is not designed for children under 13 (or under 16 in jurisdictions that require it). We do not knowingly collect data from children. If you believe a child has signed up, email privacy@memrynote.com and we will delete the account.

13. Security incidents

If we discover an incident that affects your data, we will notify you within 72 hours of confirming the impact. Because content is end-to-end encrypted, the most likely incident types are metadata exposure, billing data exposure, or account-takeover attempts — we will tell you exactly what was affected.

14. Changes to this policy

We will update this page when our practices change. Material changes will be announced in the app and via email at least 14 days before they take effect.

15. Contact

Privacy questions: privacy@memrynote.com. Anything else: hi@memrynote.com.