Privacy Notice

How XMemo handles user-owned memory content, account metadata, OAuth-scoped agent access, telemetry, and support diagnostics across the hosted service.

Memory data stays scoped to the authenticated account, team, or tenant boundary.
Token hashes, API keys, invite hashes, session secrets, and provider credentials are excluded from exports and support bundles.
Auto-redaction metadata records only safe counts and status, not raw PII or deterministic content hashes.
ChatGPT and MCP integrations use scoped authorization; public pages and app listings never ask users to paste raw bearer tokens.

Data we process

XMemo processes the information needed to store, search, recall, update, and govern user-owned memories for authenticated users and connected agents.

Memory content provided by users or their authorized agents, including preferences, project context, decisions, reminders, and action items.
Memory-plane records are isolated by owner, bucket, scope, team, and tenant metadata.
Control-plane records include users, sessions, SSO providers, group mappings, tenant roles, and scoped token metadata.
Operational telemetry is limited to safe request categories, status, latency, rate-limit signals, and redacted support diagnostics.

OAuth and agent access

The ChatGPT and MCP app surfaces use scoped authorization so clients can request only the memory permissions needed for the user's task.

Read tools use scoped memory-read access for search, recall, explain, and listing behavior.
Write or destructive tools require write-capable scopes and are annotated so clients can present the right level of caution.
OAuth authorization codes, bearer tokens, cookies, provider secrets, and raw API keys are not shown in public pages, listing copy, screenshots, or tool responses.

Data we do not expose

Customer-facing exports, support diagnostics, tool responses, and public pages must not expose secrets, debug payloads, or raw infrastructure configuration.

No API key values, token hashes, invite hashes, session secrets, provider client secrets, database URLs, or support-bundle secrets.
No raw memory content is included in public pages or unauthenticated discovery surfaces.
No unrelated PII, internal account IDs, trace IDs, request IDs, raw logs, or local file paths should be returned in ChatGPT-facing tool responses.
E2E-encrypted REST writes are rejected while server-side auto-redaction is enabled because ciphertext cannot be inspected safely.

Access, export, deletion, and redaction

Authenticated users can manage memory records from the XMemo Console and request export, deletion, or redaction workflows for their account or workspace.

Self-service export requests return a pending operator-review contract and record the user's intent in audit events.
Individual memory deletion and audited forget/redaction workflows preserve the required operational trail.
Retention remains operator-managed until a dedicated retention policy engine is configured.

Aligned with docs/ENTERPRISE_SECURITY_PRIVACY.md, the /me governance contract, and DSAR operations runbooks.