Privacy Policy

1. Introduction

Welcome to Memdia. This Privacy Policy explains how Memdia, operated by Hakan Bilgic ("we," "us," or "our"), collects, uses, discloses, and protects your personal information when you use our voice AI companion application and related services (collectively, the "Service").

Memdia is a voice AI daily companion application designed to help you with daily check-ins, therapeutic reflection conversations, and personal growth insights. Our Service processes voice recordings, generates transcripts, analyzes moods and topics, and provides AI-generated insights to support your wellbeing journey.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address
• Name (if provided)
• Profile information (avatar, preferences)
• Authentication credentials (encrypted)
• Google account information (if you sign up via Google OAuth)

2.2 Voice and Conversation Data

When you use our voice features, we collect and process:

• Voice Recordings: Audio recordings from your voice sessions and reflection sessions
• Transcripts: Text transcriptions of your voice recordings generated through speech-to-text processing
• AI-Generated Content: Responses, summaries, and images generated by our AI systems based on your conversations
• Session Metadata: Duration, timestamps, and session type information

2.3 Reflection and Insight Data

From your reflection sessions, we extract and store:

• Mood Data: Detected emotional states and mood patterns
• Topics: Subjects and themes discussed in your sessions
• Insights: AI-generated observations about patterns in your reflections
• Personal References: Names and relationships mentioned (to provide contextual responses)
• To-Do Items: Tasks and action items extracted from conversations

2.4 Usage and Technical Data

We automatically collect:

• Device information (browser type, operating system)
• IP address and approximate location
• Usage patterns (features used, session frequency)
• Error logs and performance data
• Cookies and similar tracking technologies

2.5 Payment Information

If you subscribe to our paid services, payment processing is handled by Stripe. We do not store your full credit card numbers. We receive from Stripe:

• Transaction confirmations and subscription status
• Last four digits of your payment method (for display purposes)
• Billing address (if provided)

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Delivery

• Process your voice recordings and generate transcripts
• Provide AI-powered conversation responses
• Generate personalized insights, mood tracking, and topic analysis
• Create AI-generated images summarizing your sessions
• Deliver daily greetings and personalized content

3.2 Personalization

• Remember context from previous conversations
• Track your personal growth over time
• Customize AI responses based on your history and preferences
• Provide the Service in your preferred language (32 languages supported)

3.3 Service Improvement

• Analyze usage patterns to improve features
• Debug and fix technical issues
• Develop new features and services

3.4 Communication

• Send service-related notifications
• Respond to your inquiries and support requests
• Notify you of changes to our policies or services

3.5 Legal and Safety

• Comply with legal obligations
• Enforce our Terms of Service
• Protect against fraud, abuse, and security threats

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Turkey, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide you with the Service as described in our Terms of Service.
• Consent: Where you have given explicit consent for specific processing activities, such as voice recording and AI analysis.
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving the Service, provided these interests do not override your rights.
• Legal Obligation: Processing necessary to comply with applicable laws and regulations.

5. Data Storage and Security

We implement appropriate technical and organizational measures to protect your data:

• Database Security: Your account and session data is stored in encrypted databases with access controls.
• Audio Storage: Voice recordings are stored on secure content delivery networks (CDN) with encryption at rest and in transit.
• Transmission Security: All data transmitted between your device and our servers is encrypted using TLS/SSL protocols.
• Access Controls: Access to personal data is restricted to authorized personnel who need it to operate, develop, or improve our Service.
• Authentication: We use secure authentication methods including encrypted password storage and OAuth 2.0 for third-party authentication.

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Third-Party Service Providers

We use third-party services to provide and improve our Service. These providers have access to your personal information only to perform specific tasks on our behalf and are obligated to protect your data:

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, particularly the United States, where many of our third-party service providers are located.

When we transfer personal data outside the European Economic Area (EEA), United Kingdom, or Turkey, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Binding corporate rules of our service providers
• Your explicit consent for specific transfers

By using our Service, you acknowledge and consent to the transfer of your information to countries outside your residence, including the United States.

8. Your Rights

Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, you have the following rights regarding your personal data:

• Right of Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can request correction of inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): You can request deletion of your personal data, subject to certain legal exceptions.
• Right to Data Portability: You can request your data in a structured, commonly used, machine-readable format.
• Right to Restrict Processing: You can request that we limit how we use your data in certain circumstances.
• Right to Object: You can object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw your consent at any time.
• Right to Lodge a Complaint: You can file a complaint with a supervisory authority if you believe your rights have been violated.

To exercise any of these rights, please contact us at hbilgic1992@gmail.com. We will respond to your request within 30 days.

9. Data Retention

We retain your personal data as follows:

• Active Accounts: We retain your data for as long as your account is active and as needed to provide you with the Service.
• Voice Recordings: Stored until you delete them or delete your account. You can delete individual recordings at any time through the Service.
• Account Deletion: When you delete your account, we retain your data for 30 days to allow for account recovery. After this period, your data is permanently deleted from our systems.
• Backups: Data may persist in encrypted backups for up to 90 days after deletion for disaster recovery purposes, after which it is permanently removed.
• Legal Requirements: We may retain certain information longer if required by law or to protect our legal rights.

10. Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16 years of age.

If you are a parent or guardian and you become aware that your child has provided us with personal information without your consent, please contact us at hbilgic1992@gmail.com. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Essential Cookies: Required for the Service to function, including authentication and session management.
• Preference Cookies: Remember your settings and preferences (e.g., language selection).
• Analytics Cookies: Help us understand how you use the Service to improve user experience.

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last updated" date at the top of this Policy
• Sending you an email notification for significant changes (if you have an account)

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will make every effort to respond to your inquiry within 30 days.