no training
We don't train on your data
Project content is read by the service to power search, broadcast, and the context engine. It is never used to train models — ours or anyone else's.
trust
Where your content lives, who handles it, what we never do with it.
Memoturn is in private beta. This page names the substrate, the sub-processors, and the limits — what we operate, what we read, and what's out of scope. The legally binding version is the privacy policy.
- Stage
- Private beta
- Runtime
- Edge-only · Cloudflare
- Response time
- 3 business-day response
sub-processors
Who handles your data, and why.
Every party that processes a byte of your project content. No silent third parties — if it's not on this list, it doesn't see your data.
| Provider | Role | What it processes |
|---|---|---|
| Cloudflare | Edge runtime | Workers, Durable Objects, Vectorize, Workers AI, KV, Hyperdrive. Hosts every read and write of your project content. Embeddings generated by Workers AI via @cf/baai/bge-large-en-v1.5. |
| Neon | Managed Postgres | Stores account, project, turn, memory, rule, and skill rows. Connection-pooled through Cloudflare Hyperdrive. |
| Stripe | Billing | Used only on paid plans. Stripe holds payment details; Memoturn stores the customer ID and metered-usage counters, never the card. |
| Google, GitHub | OAuth | Used only if you sign in via OAuth. The provider returns a subject ID we store against your account; we never see the upstream password. |
what we never do
Three things we will not do with your data.
Stated negatively on purpose. The trust signal isn't what we promise; it's what we structurally cannot do without breaking the contract below.
no tracking
We don't run third-party tracking
No analytics scripts, no ad pixels, no session-replay tools on the dashboard or the marketing surface. The only events we log are operational (request metadata, 30-day retention).
no resale
We don't sell personal data
Account email, OAuth subject ID, and project content are processed only to deliver the service. They are not shared with advertisers, brokers, or affiliates.
beta-stage caveats
Memoturn is in private beta. Behavior may change between releases, including breaking API changes before 1.0. There is no formal SLA; uptime is best-effort.
Operational logs (request metadata: IP, user agent, response status, latency) are retained 30 days for rate-limiting, abuse prevention, and debugging. Project content is retained for the lifetime of the project. Vendor reviews, security questionnaires, and DPAs are handled directly — we respond within 3 business days.
questions about scope or compliance?
Talk to us.
Vendor reviews, security questionnaires, DPAs, or a private disclosure — we respond within 3 business days.