Effective Date: 2026-03-10 Last Updated: 2026-03-25
Thank you for using MemoryAI! This Privacy Policy explains how we handle your information when you use our mobile application. Your privacy is our top priority, and we are committed to protecting it. This policy is compliant with the General Data Protection Regulation (GDPR) and applicable Italian data protection laws.
This policy is available in English and Italian.
MemoryAI is a private, offline-first application. All your data — including notes, voice recordings, images, and AI interactions — is stored locally on your device by default. We have no backend infrastructure that receives your information. The app’s network activity is limited to downloading AI model files from third-party repositories (e.g., HuggingFace) and, if you choose to enable it, backing up your data to your personal cloud storage (Google Drive on Android, iCloud on iOS).
The data controller for the MemoryAI app is:
MemoryAI Development Team Email: alessandro.facchini@facchinits.it
Bug Reports & Feature Requests: github.com/alessandrofacchini/memoryai-feedback
If you are located in the European Union, you may also contact your local data protection supervisory authority. For users in Italy, this is the Garante per la protezione dei dati personali (www.garanteprivacy.it).
We process your data based on the following legal grounds under GDPR Article 6:
MemoryAI does not collect, transmit, or store any of your personal data or user-created content on our servers. All data you create and use within the app is processed and stored on your device by default. This includes:
We collect minimal, anonymous usage analytics through TelemetryDeck, a privacy-first analytics service based in the European Union (Germany). These analytics help us understand how the app is used and improve it. The data collected is fully anonymous — it contains no personal information, no device identifiers, no IP addresses, and no user-generated content. Examples of anonymous signals include: “the app was opened,” “a model was loaded,” “a message was sent” (never the message itself). For more details, see Section 9. You can learn more about TelemetryDeck’s privacy practices at telemetrydeck.com/privacy. No user-created content is sent to any server owned or operated by MemoryAI. Data only leaves your device if you explicitly choose to back up to your personal cloud storage or share content via the Share feature (see Section 5).
To provide its core features, MemoryAI may request the following device permissions:
| Permission | Purpose |
|---|---|
| Microphone | To record voice inputs for transcription and AI interactions. |
| Camera | To capture images for text recognition and note-taking. |
| Storage / Photos | To access images from your gallery, to import LoRA adapter files, and to store app data locally. |
| Network / Internet | To download AI model files from third-party repositories (e.g., HuggingFace) and, if enabled, to back up and restore your data via cloud storage. No data is sent to MemoryAI servers. |
| Google Account (Android) | Required only if you enable the Google Drive backup feature. Used to authenticate with your Google account and access your Google Drive storage. |
You can revoke any of these permissions at any time through your device’s system settings. Revoking a permission may disable the corresponding feature but will not affect the rest of the app.
All processing of your information happens locally on your device. We use the data you provide to:
Since we have no access to your data, we do not and cannot use it for advertising, profiling, analytics, or any other purpose beyond providing the app’s functionality to you.
MemoryAI offers an optional cloud backup and restore feature to help you safeguard your data or transfer it between devices:
This feature is not enabled by default — you must explicitly choose to create a backup or restore from one. When you initiate a backup, a copy of your app data (notes, conversations, preferences, and related content) is uploaded to your personal cloud storage account. MemoryAI does not have access to your cloud storage account and cannot read, modify, or delete your backups. Your backed-up data is subject to the privacy policies and security practices of Google or Apple, respectively.
You can delete your cloud backups at any time through Google Drive or iCloud directly.
When you use the Share/Export feature, your conversation data is passed to your device’s native share functionality (via the operating system’s share sheet). From there, the data may be sent to other apps or services that you choose. MemoryAI has no control over how those third-party apps handle your data.
All your data is stored in a local database on your device by default. It is not encrypted by the app by default, but it benefits from your device’s built-in security features (e.g., device encryption, lock screen).
If you use the cloud backup feature, your data is additionally stored in your personal Google Drive or iCloud account. The security of your backed-up data is governed by Google’s or Apple’s security practices, including their encryption standards for data in transit and at rest.
We recommend that you:
We take reasonable measures in app design to protect your data, but we cannot guarantee absolute security of your device or third-party cloud storage services.
Your data is retained on your device for as long as you choose to keep it. You have full control over your data:
We do not retain any copy of your data on our own servers, as we do not operate any.
MemoryAI does not transfer any of your data to its own servers, as we do not operate any.
However, if you choose to use the cloud backup feature, your data will be stored on servers operated by Google (for Google Drive) or Apple (for iCloud). These companies may store your data in data centers located outside your country of residence, including outside the European Economic Area (EEA). Google and Apple have their own mechanisms for ensuring compliance with international data transfer requirements, including Standard Contractual Clauses and other safeguards. For more information, please refer to their respective privacy policies:
Additionally, the downloading of AI model files from third-party repositories (e.g., HuggingFace) involves network requests to servers that may be located internationally. No personal data is transmitted during this process.
MemoryAI is built using third-party libraries. The majority operate on-device and do not transmit your data to external servers. Key third-party components include:
If we integrate any new third-party service in the future, we will update this policy accordingly.
As a user in the European Union, you have the following rights under GDPR. Since all your data is stored locally on your device (and optionally in your personal cloud storage), you can exercise most of these rights directly:
To exercise any right that requires our assistance, please contact us at alessandro.facchini@facchinits.it.
MemoryAI is not intended for use by children under the age of 16 in the European Union, or under the age of 13 in other jurisdictions. We do not knowingly collect any personal information from children. Since all data is processed locally, we have no means to identify the age of our users. If you are a parent or guardian and believe your child is using the app inappropriately, you can delete the app data by uninstalling the app from the device and removing any cloud backups from Google Drive or iCloud.
We may update this Privacy Policy from time to time. When we do:
We encourage you to review this Privacy Policy periodically.
If you have any questions, concerns, or requests related to this Privacy Policy or your data, please contact us:
We aim to respond to all inquiries within 30 days, as required by GDPR.