At a glance
Collected
- Email and user ID from Sign in with Apple
- Your cards, decks and study history, synced via Supabase (US)
- AI inputs you submit: text, images, PDFs (sent to Google Gemini)
- Anonymous usage analytics
Never collected
- No location, contacts or browsing history
- Not iCloud — syncs through your Apple Account
- No third-party analytics SDKs
- No personalized ads
The full policy below is the authoritative version.
Privacy Policy
Effective: 2026-04-26 · Last updated: 2026-06-26
1. Overview
This Privacy Policy explains how Memento (“the App”) collects, uses, and protects your personal information.
2. Information we collect
- Email address — Provided by Apple during Sign in with Apple, including private relay emails. Used for authentication and account identification.
- User ID — A unique identifier provided by Apple. Used for syncing and account management.
- User content — Flashcards, decks, and study history you create. Used for syncing across devices.
- AI usage data — The text, images, PDFs, and card content you submit when using AI features. Used for generating AI responses and managing credits.
- Usage analytics — Anonymous usage events (for example, which features you use and how often), used only to analyze and improve the App. Tied to a randomly generated install identifier, and to your account identifier when you are signed in. Never used for advertising or tracking.
3. Information we do not collect
- Location data
- Contacts
- Search or browsing history
- Health or fitness data
- Advertising identifiers (the App itself does not collect them)
4. Third-party services
- Apple — Sign in with Apple: Handles user authentication. Apple's privacy policy applies.
- Supabase — Authentication & sync: Handles user authentication and card syncing. Data is stored on Supabase cloud servers in the United States.
- Google Gemini — AI responses: When you use AI features, the text, images, and PDFs you submit are sent to the Google Gemini API. Google's data handling policy applies.
- Google AdMob — Advertising: The App displays banner ads served through Google AdMob. The App is configured to request Non-Personalized Ads only. To serve ads, Google may process limited device information such as IP address and device identifiers. policies.google.com/technologies/ads
The App uses no third-party analytics SDKs (such as Firebase); usage analytics is processed only on servers we operate, and we do not sell or share your data for marketing purposes.
5. Data retention
Your data is retained until you delete your account. Upon account deletion, all cards, study history, and authentication information are permanently removed.
6. Your rights
- Access — View all your cards and study history within the app.
- Export — Download all your data in JSON format via Settings → Export.
- Deletion — Delete your account immediately via Settings → Account → Delete Account.
7. Security
All communication is encrypted via HTTPS. AI requests are verified using user authentication tokens. The App does not store passwords, as it only supports Sign in with Apple.
8. Children's privacy
The App is not directed at children under the age of 13, and we do not knowingly collect personal information from children.
9. Changes to this policy
This policy may be updated from time to time. Changes will be reflected by updating the “Last updated” date above.