Privacy Policy

Last updated: 23 April 2026

Field Memo is operated by Everyday Magic Limited (“we”). This policy explains what data we hold, why we hold it, and what we do with it.

1. What we collect

Account data

When you sign in, we store your email address and the identity record our authentication provider creates for you (name, if you supply one; the user id). We don’t store passwords — the login flow uses one-time email codes.

Memo content

The text you write into memos is stored in our database so we can serve it back to you and to anyone you share a URL with. Memos are not encrypted at rest beyond database-level encryption, and we can technically read them if we need to for support, abuse investigations, or legal requests — though we don’t do so routinely and never for advertising.

Sharing secrets

Each memo has three role secrets (edit, comment, read) baked into share URLs. We store a salted hash of each secret for authorisation, plus an encrypted copy so signed-in owners can retrieve their own share URLs from the dashboard. The encryption key is held separately from the database.

Usage data

We collect anonymised analytics events (pageviews, memo creations, comment posts) through a self-hosted analytics provider so we can understand aggregate usage. Event properties are scrubbed of the secret parts of URLs.

Error data

When things crash we collect error traces through an error monitoring service. These traces may include the URL where the error happened, the browser, and a stack trace.

Cookies and local storage

We use cookies strictly necessary for authentication and session continuity. No third-party advertising cookies. We use browser local storage for preferences like sidebar collapse state and editor color.

2. How we use it

• Operate the Service — store and transmit your memos.
• Authenticate you and authorise access against shared URLs.
• Diagnose problems and improve reliability.
• Detect and respond to abuse (spam, brute force, unauthorised access attempts).
• Communicate about the Service — account events and the occasional product update if you opt in.

We do not sell your data or use it to train AI models.

3. Who processes data on our behalf

The Service relies on these sub-processors. Each is contractually bound to process data only on our instructions and under their own published terms.

• Vercel — application hosting, edge routing, logs.
• Neon — PostgreSQL database where memos and accounts live.
• Cloudflare — realtime collaboration workers and DNS.
• Clerk — authentication (email-OTP login flows).
• Upstash — rate-limit counters.
• PostHog — product analytics.
• Sentry — error monitoring.

When you connect an external application via MCP, that application becomes a recipient of the memo data it requests. You can view and revoke connected applications at any time from your dashboard.

4. Retention

Unclaimed memos are deleted automatically after 30 days of inactivity. Claimed memos are retained until you delete them or delete your account. Deleted memos are purged within 30 days of deletion.

Backups of the database are retained for up to 30 days for disaster recovery. Analytics and error events roll off on their providers’ default schedules (typically 30–90 days).

5. Your rights

You can:

• Export a memo at any time as Markdown from the Share dialog.
• Delete any memo you own from the dashboard.
• Delete your entire account and associated memos by emailing us — self-serve account deletion is on the roadmap.
• Request a copy of the data we hold about you by emailing us.

If you’re in the EU / UK / California / Australia / New Zealand, you additionally have the statutory rights your jurisdiction affords (access, rectification, erasure, objection). Email us and we’ll action them within 30 days.

6. Security

We use TLS for everything in transit, hashed secrets for authorisation, encrypted plaintext for share-URL recovery, per-IP rate limiting, and server-side body caps. No system is unbreakable; if we discover a breach affecting your data we’ll notify you without undue delay.

7. Children

Field Memo isn’t designed for children under 13. If we learn we’ve collected data from a child without parental consent we’ll delete it.

8. International transfers

Our infrastructure is distributed globally. Your data may be stored or processed in countries other than your own, including the United States, the European Union, and New Zealand. All of our sub-processors operate under privacy regimes considered adequate for international transfer.

9. Changes

We may update this policy. Material changes will be announced in-app or by email to registered users.

10. Contact

Privacy questions, requests, and concerns: team@fieldmemo.io.