← Back to Memorix

Privacy Policy

This Privacy Policy explains how Boerre Hartviksen ("we", "us", "our"), operating Memorix Meeting Notes ("Memorix"), collects, uses, and protects your personal data. We are committed to processing personal data in accordance with the General Data Protection Regulation (GDPR) and Norwegian data protection law.

Data Controller: Boerre Hartviksen, Kristiansand, Norway
Contact: memorixnotes@outlook.com

1. What Data We Collect

Data	Purpose	Legal basis
Email address, name	Account creation and authentication	Contract (Art. 6(1)(b) GDPR)
Meeting notes, tasks, decisions, agendas	Providing the core service	Contract (Art. 6(1)(b) GDPR)
Payment information	Subscription billing (processed by Stripe)	Contract (Art. 6(1)(b) GDPR)
Trial start/end dates, licence status	Managing free trials and subscriptions	Contract (Art. 6(1)(b) GDPR)
Usage data (login timestamps)	Security and fraud prevention	Legitimate interests (Art. 6(1)(f) GDPR)

We do not collect, sell, or share your personal data for advertising purposes.

2. How We Store Your Data

Your data is stored using Google Firebase (Firestore and Authentication), hosted in the European Union. Firebase is a Google LLC service and acts as a data processor on our behalf under a Data Processing Agreement.

Payment data is handled entirely by Stripe, Inc. We do not store your credit card details. Stripe's privacy policy is available at stripe.com/privacy.

3. Data Sharing

We share your data only with the following third-party processors:

• Google Firebase — data storage and authentication (EU region)
• Stripe — payment processing

We do not sell, rent, or share your personal data with any other third parties.

4. Data Retention

We retain your data for as long as your account is active. If you delete your account, your personal data and meeting content will be deleted within 30 days, except where we are required to retain records for legal or accounting purposes (typically 5 years under Norwegian law).

5. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your data ("right to be forgotten")
• Right to restriction — request that we limit how we process your data
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — object to processing based on legitimate interests
• Right to withdraw consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at memorixnotes@outlook.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) at datatilsynet.no.

6. Cookies

Memorix uses only technically necessary cookies and local storage required for authentication and session management. We do not use tracking, analytics, or advertising cookies.

7. Children's Privacy

Memorix is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

8. International Transfers

Your data is stored within the EU (Google Firebase EU region). Stripe may process payment data in the United States under appropriate safeguards (Standard Contractual Clauses).

9. Security

We implement appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), Firebase Authentication, and Firestore security rules that restrict access to your own data.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via a notice within the Service. The updated policy will be effective immediately upon posting.