Privacy Policy

Last updated: June 1, 2026

1. Overview

MeMind ("we," "our," or "us") is a Chrome extension and web service that helps you organize conversations from AI chat platforms. This Privacy Policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

2.1 Local Data (Extension Only — Free Tier)

By default, all conversation data is stored locally in your browser's IndexedDB. This data never leaves your device unless you opt into cloud sync. Local data includes:

  • Conversation titles and metadata from supported AI platforms
  • Message content (your prompts and AI responses)
  • Organization data (labels, favorites, archives)
  • Extension settings and preferences

2.2 Cloud Data (Opt-In)

When you enable cloud sync, your conversation data is encrypted in transit and stored securely on our servers (Supabase). Cloud data includes:

  • Synced conversation headers, metadata, message bodies, and generated chunks
  • Labels, favorites, archives, workspace artifacts, and memory-organizer suggestions
  • Your email address (for authentication)
  • Subscription and billing information (processed by Square or Stripe)

2.3 Account Data

When you create an account, we collect your email address for authentication purposes. We use Supabase Auth with OTP (one-time password) login — we do not store passwords.

2.4 Provider Keys

If you save an AI provider API key for BYOK Overlay Chat or Chat Merge, the website encrypts it server-side before storing it. Cloud clients use a saved key reference for model calls rather than exposing the raw key back to the browser. Legacy extension builds may still send a raw provider key directly to an Edge Function for compatibility.

3. Chrome Extension Permissions

The MeMind extension requires the following permissions:

  • tabs— To detect when you're on a supported AI chat platform (ChatGPT, Claude, Gemini, Grok, Perplexity, DeepSeek) and activate the extension.
  • scripting — To read conversation data from AI chat pages and sync it to your local database.
  • cookies — Required for authentication with certain platforms (e.g., NotebookLM).
  • storage — To store extension settings and preferences.
  • unlimitedStorage — To keep large local conversation archives in your browser.
  • declarativeNetRequest — To support provider-specific capture helpers without remote code.
  • activeTab — To run user-initiated actions on the currently active supported chat tab.
  • sidePanel — To provide the extension side panel experience.
  • alarms — To schedule local sync and maintenance checks while Chrome is open.
  • nativeMessaging — To support optional local/native integrations that you explicitly install.

Host permissions are limited to supported AI chat services, MeMind Cloud endpoints, and supporting Google static assets used by those services.

4. How We Use Your Data

  • To provide conversation syncing and organization features
  • To enable search and filtering across your conversations
  • To provide cloud backup and cross-device access (Pro)
  • To process payments and manage subscriptions
  • To provide the Agent API for authorized third-party integrations
  • To run BYOK or hosted model calls that you request for Overlay Chat, Chat Merge, and related agent features
  • To improve the service and fix bugs

5. Data Sharing

We do not sell your data to third parties. We share data only with:

  • Supabase — our database and authentication provider
  • Square / Stripe — our payment processors (only billing information)
  • OpenAI, Anthropic, or Google — only when you request model-powered features using your saved BYOK key or an entitled hosted/VIP model option
  • PostHog — consent-gated product analytics, only after you accept analytics cookies
  • Agent API consumers — only when you explicitly grant access, and only your own data

6. Data Retention & Deletion

Local data: Stored in your browser until you uninstall the extension or clear browser data.

Cloud data: Stored as long as you maintain an account. You can delete all cloud data at any time from the Account page in the MeMind website. When you delete your account, all cloud data is permanently removed.

7. Security

All data transmitted between the extension and our servers is encrypted using TLS. Cloud data is stored in a secure database with Row Level Security (RLS) policies ensuring you can only access your own data. Saved provider API keys are encrypted before storage. Supabase provides SOC 2 Type II compliant infrastructure.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page.

9. Contact

If you have questions about this Privacy Policy, please contact us at privacy@memind.co.