Privacy Policy

1. Who We Are

Memgraph AI Inc. (“Memgraph AI,” “we,” “us”) operates the Memgraph AI platform at memgraph.ai, including the Studio dashboard, REST API, Python SDK, and MCP server. This policy describes how we collect, use, and protect your information.

2. Information We Collect

Account data: Name, email address, and organization name when you create an account.

Usage data: API call logs, token consumption, feature usage, and performance metrics to operate and improve the service.

Memory data: Events, beliefs, episodes, and decisions you store through the API. This data belongs to you.

Technical data: IP address, browser type, device information, and server logs collected automatically.

3. How We Use Your Information

• Provide, maintain, and improve the Memgraph AI platform
• Authenticate your identity and manage access controls
• Process API requests and assemble memory context
• Monitor system health and prevent abuse
• Send essential service communications (outage alerts, security notices)
• Comply with legal obligations

4. Data Isolation & Security

All memory data is strictly isolated per tenant. One tenant cannot access another tenant's beliefs, decisions, or episodes. We enforce this at the database level with tenant-scoped queries.

We implement industry-standard protections: encryption at rest (AES-256) and in transit (TLS 1.3), API key hashing, rate limiting, PII masking, and regular security reviews. BYOK (Bring Your Own Key) ensures your LLM API keys are used directly and never stored in plaintext.

5. Data Sharing

We do not sell your personal information. We do not use your memory data to train models. We may share data only with infrastructure providers (database hosting, cloud compute) under strict data protection agreements, or when required by law.

6. Your Rights

You have the right to:

• Access your data through the API or Studio dashboard
• Correct inaccurate beliefs or account information
• Delete your account and all associated data
• Export your beliefs, decisions, and episodes via the API
• Opt out of non-essential communications

7. Cookies

We use essential cookies only — for authentication and session management. We do not use third-party tracking cookies, advertising pixels, or analytics that share data with external parties.

8. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we permanently remove your data within 30 days, except where retention is required by law. Cognitive dreaming (background consolidation) only processes data within your tenant — it never crosses tenant boundaries.

9. Open Source

The Memgraph SDK is open source under the MIT license at github.com/shubhamdev0/memgraph-sdk. You can self-host the entire platform for complete data sovereignty.

10. Changes

We may update this policy from time to time. Significant changes will be communicated via email or a notice in the Studio dashboard.

11. Contact

For privacy-related inquiries, contact us at [email protected].