Privacy Policy

Last updated: June 3, 2026

MemoryLens is built on one founding principle: your photos and face data are yours alone.This policy explains exactly what we collect, what we don't, and how we protect you.

What we collect

  • Account information — your email address and a hashed password, managed by Supabase Auth.
  • Subscription status — your current plan tier (Free / Basic / Pro), managed via RevenueCat. No payment card data is stored by us.
  • Device token — a single anonymous token per device used for the remote logout feature. No device identifier or IMEI is stored.

What we never collect

  • Your photos — they never leave your device.
  • Face embeddings or biometric data — all AI processing runs on-device (TFLite on Android, CoreML on iOS). Embeddings are stored only in your device's private app storage.
  • Photo metadata beyond what you explicitly share.
  • Analytics on photo contents, people detected, or your search queries.

On-device AI processing

Face detection, embedding computation, and clustering all run locally on your device. The 128-dimensional face vectors produced by our AI models are stored only in your device's private SQLite database and are never transmitted to our servers or any third party.

Third-party services

  • Supabase — stores your account profile (email, subscription tier, device logout token) on secure servers.
  • RevenueCat — manages in-app purchase entitlements.
  • Google Play / Apple App Store — handle payment processing. We do not receive your payment card details.

Data retention and deletion

You may delete your account at any time from the Settings screen. Deleting your account permanently removes your email, subscription record, and device token from our servers. All photo data, face embeddings, and folder content exist only on your device and are removed when you uninstall the app.

Children's privacy

MemoryLens is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has created an account, please contact us and we will delete it promptly.

India — DPDP Act compliance

We process personal data in accordance with India's Digital Personal Data Protection Act 2023. You have the right to access, correct, and erase your personal data by contacting us or using the in-app account deletion feature.

Waitlist sign-ups

If you join the MemoryLens pre-launch waitlist on our website, we collect your email address and the page from which you signed up. We use this data solely to send you one launch notification email. We do not share this data with third parties. Waitlist data is retained for 12 months after launch, or until you request deletion. To be removed from the waitlist at any time, email memorylens.support@gmail.com.

Australia — Privacy Act 1988

We process personal data in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles. We collect only your email address and subscription status — no photos or biometric data are transmitted to our servers. To request access to or deletion of your account data, email memorylens.support@gmail.com and we will respond within 30 days as required by the Act.

Changes to this policy

We will notify registered users by email of any material changes at least 14 days before they take effect.

Contact

Questions? memorylens.support@gmail.com