Skip to Content

Privacy Policy

Privacy Policy / Privacy Notice

Memorly Technologies Private Limited (“Memorly”, “we”, “our”, “us”)

Last Updated: 10 February 2025

1. Scope

This Privacy Policy explains how Memorly collects, uses, shares, stores, and protects personal data when you:

  1. visit our website (memorly.ai),
  2. create or use a Memorly account, or
  3. use any Memorly services, including AI agent/chatbot features and integrations (collectively, the “Services”).

This policy also explains your rights and how to contact us.

2. Who We Are

Memorly Technologies Private Limited is headquartered in Bengaluru, Karnataka, India.

Contact (Privacy & Grievance):

  • Email: [email protected]
  • Phone: +91 8147079907
  • Address: Memorly Technologies Private Limited, 46, 4th Cross, 6th Main, Basapura Main Road, Duo City Layout, Basapura, Bengaluru, Karnataka – 560068, India

3. Key Roles (Customer vs End-User Data)

Depending on how the Services are used:

  • Account/Customer Data: If you are a business customer (or an admin user), Memorly may act as a Data Fiduciary/Controller for your account and billing data.
  • Customer Content / End-User Data: If you build agents that collect data from your end customers (e.g., WhatsApp conversations, phone numbers, queries), Memorly typically acts as a Data Processor on your instructions, and your business is the Data Fiduciary/Controller for that end-user data.

If you are an end-user interacting with a business’s bot built on Memorly, your privacy rights and notices may also be governed by that business’s privacy policy.

4. Personal Data We Collect

4.1 Data you provide

  • Name, email, phone number
  • Company name, role/job title
  • Login credentials (or SSO tokens if enabled)
  • Support requests, tickets, feedback
  • Any information you add into agent flows, knowledge bases, templates, or messages

4.2 Data collected automatically

  • IP address, device identifiers, browser type, OS
  • Log data (pages visited, time spent, clicks, referring URLs)
  • Cookies and similar technologies (see Section 11)

4.3 Service / platform data (when you use Memorly)

  • Agent configuration data, workflow events, audit logs
  • Conversation metadata (timestamps, delivery status), and content where enabled by you
  • Usage data (feature usage, credit usage, performance metrics)

4.4 Payment data

Payments may be processed by third-party payment processors (for example, Razorpay). We do not store complete card details on our servers. We may store transaction references, invoices, and limited payment metadata needed for reconciliation, fraud prevention, and compliance.

5. Why We Process Personal Data (Purposes)

We process personal data to:

  • Provide and operate the Services (account creation, authentication, agent delivery, automation)
  • Provide support, troubleshooting, and customer success
  • Process billing, invoices, taxes (where applicable), and payments
  • Improve security, prevent fraud/abuse, and maintain logs/audits
  • Improve product performance, analytics, and reliability
  • Communicate service updates, important notices, and (where permitted) marketing

6. Legal Bases (India / EU / US)

We follow applicable laws depending on your location and context, including:

  • India: Digital Personal Data Protection Act, 2023 and applicable rules; Information Technology Act, 2000 and related rules/guidelines (as applicable).
  • EU/EEA/UK (where applicable): GDPR/UK GDPR.
  • Other jurisdictions: applicable local privacy laws.

Where required, we rely on consent (for example, certain marketing and cookies). Otherwise, we process data to provide the Services, fulfill contracts, comply with legal obligations, and protect legitimate interests such as security and fraud prevention.

7. Data Residency & Cross-Border Transfers

7.1 Default residency by customer region

Memorly follows a regional storage approach:

  • India customers: primary storage in India
  • US customers: primary storage in the United States
  • EU customers: primary storage in the European Union (or EEA where applicable)

7.2 Cross-border access may still occur

Even with regional storage, limited cross-border access or processing may occur for:

  • global support, troubleshooting, incident response
  • security monitoring and fraud prevention
  • essential cloud/infrastructure operations

When cross-border transfers are required, we use appropriate safeguards as required by applicable law.

8. Sharing & Disclosure (Who We Share Data With)

We may share personal data with:

  • Service providers/sub-processors (cloud hosting, analytics, customer support tools, email delivery, monitoring)
  • Payment processors (e.g., Razorpay) for payment processing and refunds
  • Messaging / platform partners when you enable them (e.g., WhatsApp Business Platform providers, SMS/email providers)
  • Legal/compliance: law enforcement, regulators, or courts where required
  • Business transfers: merger, acquisition, restructuring (with appropriate safeguards)

We do not sell personal data.

9. Retention (How Long We Keep Data)

We retain personal data only as long as necessary for:

  • providing Services and support
  • meeting contractual and legal obligations
  • resolving disputes and enforcing agreements
  • security/audit requirements

Typical examples:

  • Account data: for the duration of the relationship and a reasonable period thereafter
  • Logs/security records: retained for security and compliance, then deleted/aggregated
  • Customer Content: retained as per your configuration and contract; deletion/export options may be available depending on plan

10. Security Practices

We use reasonable security practices and procedures designed to protect personal data, such as:

  • access controls (role-based access)
  • encryption in transit (and where applicable, at rest)
  • monitoring and logging
  • vendor risk management and operational safeguards

No method of transmission/storage is 100% secure; however, we work to prevent unauthorized access and misuse.

11. Cookies & Tracking

We use cookies and similar technologies to:

  • enable essential website functionality
  • understand website performance and usage
  • improve user experience

You can control cookies through your browser settings. Disabling some cookies may affect site functionality.

12. Your Rights (India / EU)

12.1 India (DPDP) – Data Principal Rights

Subject to applicable law, you may request:

  • access to information about processing
  • correction and updating
  • deletion/erasure (where applicable)
  • withdrawal of consent (where processing is based on consent)
  • grievance redressal
  • nomination (where applicable)

12.2 EU/EEA/UK (GDPR) – Data Subject Rights

Where GDPR applies, you may have rights including access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making.

13. How to Exercise Rights / Grievance Redressal

Email [email protected] with the subject: “Privacy Request” or “DPDP Request” and include:

  • your name and registered email/phone
  • your relationship to Memorly (customer/end-user)
  • what you want to access/correct/delete
  • relevant context (account/company name, if applicable)

We may verify identity before fulfilling requests. We aim to respond within timelines required by applicable law.

14. Children’s Data

Memorly Services are not intended for children. We do not knowingly collect personal data from children. If you believe a child has provided data, contact us and we will take appropriate steps.

15. Data Breach Notification

If a personal data breach occurs that triggers notification duties under applicable law, we will notify affected users and/or the relevant authority as required.

16. Changes to This Policy

We may update this policy from time to time. The latest version posted on our website will apply going forward.