Memo AIMemo AI

Privacy Policy

Effective Date: January 28, 2026

Memo AI ("the App") is developed and operated by NotePlan LLC ("we", "us", "our"). This Privacy Policy describes how we handle your information when you use the Memo AI iOS application.

We are committed to protecting your privacy. Memo AI is designed with a local-first approach — your data stays on your device. We do not sell your data, use it for advertising, or use it to train AI models.

For purposes of this policy, "personal information" means any information that identifies, relates to, or could reasonably be linked to you or your device.

1. Information We Collect

Information we do NOT collect directly

  • We do not require an account or registration
  • We do not collect your name, email address, or contact information
  • We do not use analytics or behavioral tracking SDKs
  • We do not store your notes, transcriptions, or recordings on our servers
  • We do not have direct access to your notes or recordings

Information processed on your device

All of the following data is created and stored locally on your device only:

  • Voice recordings (temporary — see Section 4)
  • Transcriptions and formatted notes
  • Action items and important dates
  • Chat conversations with the AI assistant
  • AI memories (learned preferences and context)
  • Categories and organization data
  • Custom dictionary entries
  • App preferences and settings

Information collected by third-party services

While we do not directly collect personal identifiers, our third-party service providers may collect certain information as described in Section 3. This includes anonymous device identifiers, IP addresses, and transaction data necessary for providing their services.

2. How We Use Information and Legal Basis

All data processing serves the App's core functionality. Below we describe each use and the legal basis under GDPR and similar laws:

  • Voice recordings are sent to OpenAI for transcription, then deleted from your device. Legal basis: Contract performance (providing the transcription service you requested).
  • Transcribed text is sent to OpenAI for AI-powered formatting, summarization, and chat features. Legal basis: Contract performance.
  • Text embeddings are generated via OpenAI for semantic search across your notes. Legal basis: Contract performance.
  • Purchase information is processed by RevenueCat to manage subscriptions. Legal basis: Contract performance.
  • Error reports are sent to Sentry to help us fix bugs and improve stability. Legal basis: Legitimate interest in maintaining and improving the App.

We do not sell, share for advertising purposes, or otherwise monetize your personal information.

3. Third-Party Services

OpenAI

We use OpenAI's API for transcription (Whisper), AI text processing (GPT), and text embeddings.

  • Data sent: Audio recordings (for transcription), note text (for AI processing), text chunks (for embedding generation)
  • Purpose: Core app functionality — transcription, note formatting, AI chat, semantic search
  • Retention: OpenAI may retain API data for up to 30 days for abuse and safety monitoring purposes, after which it is deleted. Per OpenAI's API data usage policy, data sent through the API is not used to train their models.
  • Subprocessors: OpenAI may use subprocessors (including Microsoft Azure) to provide their services.

Voice data clarification: Voice recordings are used solely for transcription purposes and are not used for biometric identification, voice profiling, or speaker recognition. Audio is deleted immediately after transcription and is not retained for any identification purposes.

OpenAI Privacy Policy

RevenueCat

We use RevenueCat to manage in-app subscriptions.

  • Data sent: Purchase transactions, subscription status, anonymous app user ID, device identifiers, IP address, and Apple Search Ads attribution data (if you consent via App Tracking Transparency)
  • Purpose: Subscription management, purchase verification, fraud prevention, and attribution
  • Retention: RevenueCat retains transaction data for the duration of the customer relationship plus any legally required retention period. See their privacy policy for details.

RevenueCat Privacy Policy

Sentry

We use Sentry for error tracking and crash reporting.

  • Data sent: Error reports, diagnostic information, and device metadata. We have configured Sentry to minimize personal data collection: IP address scrubbing is enabled, and we do not send user identifiers, note content, or transcription data in error reports.
  • Purpose: Identifying and fixing bugs to improve app stability
  • Retention: Sentry retains error data for 90 days by default.

Sentry Privacy Policy

4. Audio Recording and Deletion

When you record a voice memo:

  1. Audio is captured and temporarily stored on your device
  2. The audio file is sent to OpenAI's Whisper API over an encrypted HTTPS connection for transcription
  3. Once transcription is complete, the local audio file is immediately and permanently deleted from your device

No audio is stored permanently on your device or on our servers (we do not operate servers for user data storage). OpenAI may retain audio data for up to 30 days for abuse monitoring, after which it is deleted. OpenAI does not use API data to train their models.

5. Automated Processing and AI Features

The App uses AI to automatically:

  • Transcribe voice recordings into text
  • Categorize notes into topics (Personal, Work, Ideas, etc.)
  • Extract action items and due dates
  • Generate summaries and key insights
  • Respond to questions in AI chat

These features assist with organization and productivity but do not make decisions that have legal or similarly significant effects on you. All AI-generated content is provided for your convenience and can be edited or deleted at any time.

6. Data Storage and Security

Local storage

All notes, transcriptions, conversations, and app data are stored in a local database on your device within the iOS app sandbox. We do not operate any servers or cloud infrastructure for storing user data. There is no cloud sync.

Encryption

  • In transit: All data transmitted to third-party services (OpenAI, RevenueCat, Sentry) is encrypted using HTTPS/TLS
  • At rest: Your data is protected by iOS device-level security features, including full-disk encryption when a device passcode is enabled. The App relies on iOS platform encryption and does not implement an additional application-level encryption layer.

International data transfers

The third-party services we use (OpenAI, RevenueCat, Sentry) are based in the United States. When you use the App, your data may be transferred to and processed in the United States or other countries where these providers operate. For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States, these providers rely on Standard Contractual Clauses (SCCs) and other appropriate safeguards as required by applicable law. Each provider maintains their own data protection measures as described in their respective privacy policies linked above.

7. Data Retention and Deletion

  • Audio recordings: Deleted from your device immediately after transcription. OpenAI may retain for up to 30 days (see Section 4).
  • Notes and app data: Stored on your device until you delete them. You can create backups through the Settings menu. Deleted notes are moved to trash and permanently removed after 30 days.
  • Third-party data: Data held by RevenueCat, Sentry, and OpenAI is retained according to their respective policies as described in Section 3.
  • Complete deletion: Uninstalling the App permanently removes all locally stored data from your device. Since we do not store any data on our servers, there is nothing to request deletion of on our end. For data held by third-party services, please refer to their respective privacy policies or contact us for assistance.

8. Device Permissions

The App may request the following permissions:

  • Microphone: Required for voice recording. Audio is handled as described in Section 4.
  • Reminders: Optional. Requested only if you choose to export action items to Apple Reminders. We do not read or access your existing reminders. Legal basis: Consent.
  • App Tracking Transparency: Optional. The App may request permission to track your activity for attribution purposes (measuring the effectiveness of advertising). You can deny this request without affecting core app functionality. If denied, no IDFA or attribution data is collected.

9. Children's Privacy

Memo AI is not directed at children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete such information.

10. Your Privacy Rights

All users

Since all your data is stored locally on your device, you have full control over it at all times:

  • Access: Open the App to view all your data
  • Export: Export notes as Markdown or PDF at any time
  • Deletion: Delete individual notes or uninstall the App to remove all data
  • Portability: Export your data in standard formats (Markdown, PDF)

European Economic Area (EEA) and United Kingdom residents

Under the GDPR and UK GDPR, you have additional rights including the right to access, rectify, erase, restrict processing, object to processing, and data portability. Because all your data is stored locally on your device and we do not maintain user accounts or store data on our servers, you can exercise most of these rights directly by managing or deleting your data within the App.

For data that has been transmitted to third-party services (such as OpenAI for transcription), please refer to the respective provider's privacy policy or contact us for assistance. You also have the right to lodge a complaint with your local data protection authority.

California residents

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information:

  • Right to Know: You have the right to know what personal information we collect, use, and disclose. This is described throughout this Privacy Policy.
  • Right to Delete: You can delete your data at any time by deleting notes within the App or uninstalling the App entirely.
  • Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  • Right to Correct: You can edit your notes directly within the App.
  • Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information for purposes beyond providing the App's core functionality.

To exercise your rights, you may contact us at the address below. We do not require account verification since we do not maintain accounts; your data is controlled entirely on your device.

Other U.S. state privacy rights

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws may have similar rights to access, delete, and opt-out of certain processing. Please contact us to exercise these rights.

11. Data Security and Breach Notification

We take reasonable measures to protect the data transmitted to third-party services, including using encrypted connections (HTTPS/TLS) and selecting reputable service providers with strong security practices.

In the event of a data breach at any of our third-party service providers that affects your personal information, we will notify affected users as required by applicable law. Since we do not have your contact information, notification will be provided through the App, our website, or App Store update notes.

12. Disclosure of Information

We may disclose information to third parties in the following circumstances:

  • Service providers: As described in Section 3, we share data with OpenAI, RevenueCat, and Sentry to provide the App's functionality.
  • Legal requirements: We may disclose information if required by law, subpoena, court order, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: If NotePlan LLC is involved in a merger, acquisition, or sale of assets, your locally stored data remains on your device and is not transferred. Any data held by third-party services will continue to be subject to those providers' policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

For material changes that significantly affect how your data is collected or processed, we will provide prominent notice through the App (such as an in-app notification) or through App Store update notes before the changes take effect. We encourage you to review this page periodically.

14. Governing Law

This Privacy Policy is governed by the laws of the State of Delaware, United States, without regard to conflict of law principles. This does not affect your statutory rights under the laws of your country of residence, including GDPR for EEA/UK residents or CCPA for California residents.

15. Contact Us

If you have questions or concerns about this Privacy Policy or wish to exercise your privacy rights, contact us at:

NotePlan LLC

1309 Coffeen Avenue STE 1200

Sheridan, WY 82801

United States

Email: [email protected]

For GDPR-related inquiries, you may also contact your local data protection authority.