Privacy Policy

How we protect and handle your personal information

1. Introduction

Welcome to MemoryHole. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our web archival service.

MemoryHole is operated by Memoryhole Inc. (“we,” “us,” or “our”). This policy applies to our website, Chrome extension, and all related services (collectively, the “Service”).

By using MemoryHole, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Username
  • Password (encrypted and never stored in plain text)
  • Account creation date

2.2 Archived Web Content

When you use our Chrome extension to archive web pages, we collect and store:

  • The URL of the archived page
  • The HTML content and associated resources (images, stylesheets, scripts)
  • The timestamp of when the archive was created
  • Any tags, notes, or metadata you add to your archives

Important: You initiate all archiving by clicking the save button in our Chrome extension. We do not automatically archive content without your explicit action.

2.3 Newsletter Subscription

If you subscribe to our newsletter, we collect:

  • Email address
  • Subscription date
  • Email engagement data (opens, clicks) to improve our communications

You may unsubscribe at any time using the link in any newsletter email.

2.4 Website Analytics

We use Simple Analytics (https://www.simpleanalytics.com/) to understand how visitors use our website. Simple Analytics is a privacy-first analytics service that:

  • Does NOT use cookies
  • Does NOT track individual users
  • Does NOT collect personal information
  • Collects only aggregate, anonymized data such as:
    • Page views
    • Referral sources
    • General geographic location (country level only)
    • Device type (desktop/mobile)

Simple Analytics is GDPR-compliant and does not require cookie consent banners.

2.5 Payment Information

We use Stripe to process payments. When you subscribe after your free trial:

  • Stripe collects your payment card information directly
  • We receive only: transaction ID, payment status, last 4 digits of card, and card expiration date
  • We do NOT store your complete payment card details on our servers
  • Subscription prices may vary based on your plan selection

Stripe’s handling of your payment information is governed by their Privacy Policy (https://stripe.com/privacy).

2.6 Technical and Usage Information

To provide and improve the Service, we automatically collect:

  • IP address (for security and fraud prevention)
  • Browser type and version
  • Operating system
  • Device information
  • Chrome extension version (if applicable)
  • Service usage data (number of archives created, storage used, login timestamps)
  • Error logs and performance data

2.7 Communications

If you contact our support team, we collect:

  • Your email correspondence
  • Any information you choose to provide
  • Support ticket history

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Delivery

  • To create and maintain your account
  • To store and organize your archived web pages
  • To provide access to your archives across devices
  • To process your subscription payments

3.2 Communication

  • To send important service updates and security notifications
  • To respond to your support inquiries
  • To send newsletters (only if you’ve subscribed)
  • To notify you about account or billing issues

3.3 Service Improvement

  • To analyze aggregate usage patterns and improve features
  • To identify and fix technical issues
  • To develop new features based on user needs
  • To optimize Service performance

3.4 Security and Fraud Prevention

  • To detect and prevent unauthorized access
  • To identify and prevent abuse of the Service
  • To comply with legal obligations
  • To enforce our Terms of Service

3.5 Legal Compliance

  • To respond to legal requests and court orders
  • To comply with DMCA takedown notices
  • To protect our legal rights and those of our users

4. What We Do NOT Do With Your Data

We want to be crystal clear about what we DON’T do:

  • No AI Training: We will NEVER use your archived content or personal data to train artificial intelligence or machine learning models
  • No Data Selling: We will NEVER sell your personal information or archived content to third parties
  • No Ad Targeting: We do not serve targeted advertisements or share data with ad networks
  • No Data Brokers: We do not share your information with data brokers or marketing companies
  • No Content Analysis: We do not read, analyze, or process your archived content for any purpose other than storage and display
  • No Cross-Service Tracking: We do not track you across other websites or services

5. Data Storage and Security

5.1 Security Measures

We implement industry-standard security practices to protect your data:

  • All data is encrypted in transit using TLS/SSL
  • Archived content is encrypted at rest on our servers
  • Passwords are hashed using strong cryptographic algorithms
  • Access to user data is strictly limited to essential personnel

5.2 Backups

We maintain encrypted backups of all data for disaster recovery purposes.

5.3 Data Breach Protocol

In the unlikely event of a data breach, we will:

  • Notify affected users within 72 hours
  • Report the breach to relevant authorities as required by law
  • Take immediate steps to secure the affected systems
  • Provide information about what data was affected and remediation steps

6. Data Sharing and Third Parties

6.1 Service Providers

We share data only with trusted third-party service providers necessary to operate our Service:

Service Provider Purpose Data Shared
Stripe Payment processing Email, transaction amount, payment method
Simple Analytics Website analytics Anonymized, aggregate usage data only
Cloud Storage Provider Data storage Encrypted archived content and account data
Email Service Provider Newsletter delivery Email address (subscribers only)

All service providers are contractually obligated to protect your data and use it only for specified purposes.

6.2 Legal Requirements

We may disclose your information if required by law, such as:

  • In response to valid court orders or subpoenas
  • To comply with DMCA takedown requests
  • To report suspected illegal activity to authorities
  • To protect our rights, property, or safety, or that of our users

We will notify you of such requests unless prohibited by law.

6.3 Business Transfers

If MemoryHole is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

6.4 No Other Sharing

We do not share your personal information or archived content with anyone else for any other purpose.

7. Your Rights and Choices

7.1 Access Your Data

You can access all your personal information and archived content through your account dashboard at any time.

7.2 Correct Your Data

You can update your email address, username, and other account information in your account settings.

7.3 Export Your Data

You can export all your archived content at any time using our export feature. This provides a downloadable archive of all your saved web pages in a portable format.

7.4 Delete Your Data

You can delete your account at any time through your account settings. Upon deletion:

  • Your account information is permanently deleted within 30 days
  • All your archived content is permanently deleted within 30 days
  • Some data may be retained longer only if required by law (e.g., for tax or legal compliance)

7.5 Newsletter Opt-Out

You can unsubscribe from our newsletter at any time by:

  • Clicking the “unsubscribe” link in any newsletter email
  • Updating your preferences in your account settings
  • Contacting us at privacy@memoryhole.app

7.6 Marketing Communications

We do not send marketing emails beyond our optional newsletter. All other emails are transactional or essential service communications.

8. Data Retention

8.1 Active Accounts

While your account is active, we retain:

  • All archived content indefinitely (or until you delete it)
  • Your account information
  • Usage logs for up to 12 months (for security and optimization)

8.2 Deleted Accounts

After you delete your account:

  • Your data is permanently removed from production servers within 30 days
  • Some transaction records may be retained for up to 7 years for tax and legal compliance

8.3 Inactive Accounts

If your account is inactive for 24 months with an expired subscription, we may send you a notification and then delete your account and data after an additional 30 days if you do not respond.

9. Cookies and Tracking

9.1 Cookies We Use

MemoryHole uses minimal cookies, only for essential functionality:

  • Session cookie: To keep you logged in (deleted when you close your browser)
  • Authentication token: To securely maintain your session (expires after 30 days or on logout)
  • Preference cookies: To remember your settings (e.g., theme preference)

9.2 Third-Party Cookies

  • Simple Analytics: Uses NO cookies
  • Stripe: May use cookies during the payment process (governed by Stripe’s policies)

9.3 Tracking

We do NOT use:

  • Third-party tracking pixels
  • Behavioral advertising tools
  • Cross-site tracking technologies
  • Social media tracking plugins

10. Children’s Privacy

MemoryHole is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are under 18, please do not use the Service or provide any information to us.

If we learn we have collected information from a child under 18, we will delete that information immediately. If you believe we have collected information from a child, please contact us at privacy@memoryhole.app.

11. International Users

11.1 Data Transfers

If you are accessing MemoryHole from outside Canada, please note that your data will be transferred to and processed in Canada. By using the Service, you consent to this transfer.

11.2 PIPEDA Compliance (Canadian Users)

As a Canadian company, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). Under PIPEDA, you have the right to:

  • Know why we collect your personal information
  • Access your personal information
  • Challenge the accuracy and completeness of your information
  • Withdraw consent for certain uses of your information (subject to legal or contractual restrictions)
  • File a complaint with the Office of the Privacy Commissioner of Canada

To exercise these rights or file a complaint, contact us at privacy@memoryhole.app.

11.3 GDPR Compliance (European Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to access: Request a copy of your personal data
  • Right to rectification: Correct inaccurate data
  • Right to erasure: Request deletion of your data (“right to be forgotten”)
  • Right to restriction: Limit how we process your data
  • Right to data portability: Receive your data in a portable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@memoryhole.app.

11.4 CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (Note: We do not sell personal information)
  • Right to deletion of personal information
  • Right to non-discrimination for exercising your rights

To exercise these rights, contact us at privacy@memoryhole.app.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

How we notify you:

  • Material changes: We will email you at least 30 days before changes take effect
  • Minor changes: We will update the “Last Updated” date at the top of this policy
  • Continued use: Your continued use of the Service after changes take effect constitutes acceptance of the updated policy

We encourage you to review this policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: privacy@memoryhole.app
  • Support: support@memoryhole.app

For EU users, our Data Protection Officer can be reached at: dpo@memoryhole.app

We will respond to all privacy-related inquiries within 30 days.

14. Governing Law

This Privacy Policy is governed by the laws of Canada and the province of Ontario, without regard to its conflict of law principles.

Your privacy matters to us. We built MemoryHole to help you preserve the web content you care about, and we’re committed to protecting your data every step of the way.

Last updated: 2025-12-05

Questions? Contact us at contact@memoryhole.app