MemRa
Help Sign in

Privacy Policy

Last updated: 29 May 2026

This policy explains what personal data MemRa ("we", "us") collects, why, and what rights you have. MemRa is currently in a testing / beta phase; we keep data collection to the minimum the service needs to work.

1. Who is responsible for your data

The data controller is:

  • Dostum Amigo SL (CIF B76188499)
  • Plaza de la Constitución 4, 3B, 35500 Arrecife, Spain
  • Contact: memra@dostumamigo.com

2. What we collect

  • Account details — your email address, an optional display name, and an optional WhatsApp phone number (we use it only to match the messages you forward to your account). Your password is stored only as a salted hash — we never see or store it in plain text.
  • Things you save — the links (URLs) and any notes you send us, plus public information we fetch about each link (title, creator, thumbnail, caption) and the AI-generated summary, categories and keywords.
  • WhatsApp messages — when you forward a message to our WhatsApp number, we receive that message (the links and text) and your WhatsApp phone number, delivered to us through the Meta / WhatsApp Business Platform.
  • Technical data — your IP address, basic request logs, and a single sign-in cookie (see section 10). We use these to run the service securely and to limit abuse.

3. Why we use it, and our legal basis

  • To provide the service — saving, enriching, organising and showing you your inbox, and sending the one confirmation email at sign-up and password-reset emails. Legal basis: performance of our contract with you.
  • To keep the service secure — abuse prevention, rate limiting and diagnostics. Legal basis: our legitimate interests in a safe, working service.

We do not sell your data, and we do not use it for advertising or profiling.

4. AI processing (Google Gemini)

To write the one-line summary and suggest categories for an item, we send only the item's title and caption / page text to Google's Gemini API. We do not send your email, your phone number, or anything that identifies you personally. Google processes that text to return the summary; see Google's own terms for how they handle API data. AI output is best-effort and may be inaccurate.

5. Who else processes your data

We rely on a small number of service providers ("processors"):

  • Meta Platforms — delivers the WhatsApp messages you forward to us.
  • Google — the Gemini API, as described above.
  • Hostinger — our email provider for the dostumamigo.com domain; sends the confirmation and password-reset emails.
  • Zare (Hydra Communications Ltd) — our hosting provider; MemRa runs on managed servers in the United Kingdom.

Some pages also load resources directly from third parties in your browser (Google Fonts and the jsDelivr CDN for fonts/scripts, and ipapi.co for country-code detection on the sign-up form). These providers may see your IP address as part of serving those resources.

6. International transfers

Our servers are in the United Kingdom. As the controller is established in Spain, this means your personal data is transferred from the EU to the UK; that transfer is covered by the European Commission's adequacy decision for the UK. Some other providers (notably Google and Meta) may process data outside the European Economic Area, covered by appropriate safeguards under EU data-protection law (such as an adequacy decision or Standard Contractual Clauses).

7. How long we keep it

  • Account and saved-item data: for as long as your account is active.
  • When you delete your account, we permanently delete your account and your saved items, including from our internal change-history records — deletion is complete, not just hidden.
  • Items you delete individually are recoverable on request for up to 30 days, then permanently removed.
  • Technical logs are kept for up to 90 days.

8. Your rights

Under the GDPR you can ask us to:

  • access the personal data we hold about you;
  • correct it if it's wrong, or delete it;
  • restrict or object to certain processing;
  • receive a copy in a portable format.

You can do the two most common ones yourself, any time, from your Account page: export all your data and delete your account. For anything else, email us at the address in section 1.

If you believe we've mishandled your data you have the right to complain to the Spanish Data Protection Agency (Agencia Española de Protección de Datos, AEPD — www.aepd.es).

9. How to delete your data

You can delete your MemRa account and all the data linked to it at any time, in one of two ways:

  • log in, go to Account, and choose Delete account; or
  • email memra@dostumamigo.com from your registered address — we delete your account and data within 30 days.

For full step-by-step instructions, including what is removed and our retention periods, see our account-deletion page.

10. Cookies

We use a single, strictly-necessary cookie (access_token) to keep you signed in. It is HTTP-only, sent only over HTTPS, and is not used for tracking or advertising. Because it is strictly necessary to provide a service you've asked for, it does not require a consent banner. We do not use analytics or advertising cookies.

11. Security

We protect your data with HTTPS everywhere, hashed passwords, secure sign-in cookies and rate limiting on sign-in and password endpoints. No service can promise perfect security, and MemRa is in active testing; please don't store anything you couldn't bear to lose.

12. Children

MemRa is not intended for children. You must be at least 18 years old to use it.

13. Changes

We may update this policy as the service develops. We'll change the "last updated" date above and, for material changes, let you know in the app or by email.

14. Contact

Questions about your data? Email memra@dostumamigo.com.


About · Privacy Policy · Terms of Use · Help · Delete account

MemRa is a service of Dostum Amigo SL (CIF B76188499), Plaza de la Constitución 4, 3B, 35500 Arrecife, Spain.