Privacy Policy
We keep this short because we collect very little. No cookies, no ad trackers, no cross-site profiling. This policy explains what we do collect on the widemem website and Hosted Service, why, and the rights you have over it.
1. Who we are and what this covers
This policy is provided by widemem, operated by a company incorporated in the State of Delaware, USA ("we", "us"). It covers the widemem.ai website and any Hosted Service we operate.
It does not cover the open-source widemem Library. The Library runs locally in your own environment, stores data on your own infrastructure, and sends us nothing. When you self-host, we have no access to your data and the privacy boundary is entirely within your environment.
2. What we collect
Newsletter email
If you subscribe to our newsletter, we collect your email address. That is it: no name, no company, no phone number. Email is delivered and stored through Resend, our email provider, and used only to send project updates, new posts, and release notes.
Enterprise-inquiry form
If you contact us through the enterprise or "talk to us" form, we collect the fields you submit (for example your name, work email, company, and message) so we can respond to your inquiry and follow up about a potential business relationship.
Cookieless, privacy-first analytics
We use PostHog to understand how visitors use the site (pages viewed, referrer, approximate region, device type). It is configured for privacy: persistence lives in memory only for the page session, so we set no cookiesand write nothing to your browser's local storage. We do not build a persistent profile of you and we do not track you across other websites. We honor Do Not Track (DNT) and Global Privacy Control (GPC) signals.
Hosted Service customer data
If you use the Hosted Service, we store the memories and related data your systems send to it, and use that data only to run the service for you. We act as your processor: we do not use it for advertising, do not sell it, and do not train models on it. Its handling is governed by your agreement with us and, where applicable, a Data Processing Addendum.
3. What we do NOT do
- No cookies. We set none, first-party or third-party.
- No third-party ad trackers and no advertising or marketing pixels.
- No cross-site tracking and no selling or sharing of your data for advertising.
4. How we use your data
- Newsletter email: to send project updates, new blog posts, and release notes.
- Enterprise-inquiry fields: to respond to your request and discuss a possible business relationship.
- Analytics: to understand which content is useful and improve the site, in aggregate.
- Subscriber notifications: the site operator receives a notification when someone subscribes.
- Security and integrity: to detect abuse and keep the Site and Hosted Service working.
5. Legal bases and your rights
If you are in the European Economic Area or the UK, our legal bases under the GDPR are: consent for newsletter subscription (withdrawable at any time), and our legitimate interests in responding to inquiries, running privacy-first aggregate analytics, and securing our services. You have the right to access, rectify, erase, restrict, and port your data, to object to processing, and to withdraw consent.
If you are a California or other US-state resident, you have the right to know what we collect, to access and delete it, and to opt out of any sale or sharing (we do neither). We do not discriminate against you for exercising these rights.
To exercise any right, email hello@widemem.ai. You can unsubscribe from the newsletter at any time using the link in every email. We aim to respond within 30 days. You may also complain to your local data-protection authority.
6. Where your data is stored (subprocessors)
- Vercel (United States): website hosting and delivery.
- PostHog (United States): cookieless product analytics.
- Resend (United States): newsletter email delivery and storage.
For business customers, a Data Processing Addendum (DPA) is available on request. Contact hello@widemem.ai.
6a. How we protect your data
We protect the little data we hold with access controls, encryption in transit, and reputable infrastructure providers. No system is perfectly secure, and we cannot guarantee absolute security. If a breach affects your personal data, we will notify you and any required regulator without undue delay, consistent with applicable law.
7. Retention
We keep your newsletter email until you unsubscribe or ask us to delete it. Enterprise-inquiry details are kept for as long as needed to handle your request and any resulting relationship, then deleted. Analytics data is retained only in aggregate and is not tied to your identity.
8. International transfers
Our subprocessors are based in the United States, so if you are outside the US your data is transferred there. Where required, these transfers rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and equivalent UK mechanisms.
9. Children
The Site and Hosted Service are not directed at children and are not intended for anyone under 18, consistent with our Terms of Service. We do not knowingly collect data from anyone under 18. If you believe a child has provided us data, contact us and we will delete it.
10. Changes to this policy
If we change this policy, we will update the "Last updated" date above. For material changes affecting your email data, we will notify subscribers by email.
11. Contact
Questions about your data or this policy? Email hello@widemem.ai. See also our Terms of Service.