Privacy Policy

RemyNest is a memory platform that helps individuals, families, and caregivers preserve memories and support people affected by memory loss. This policy explains what personal data we collect, how we use it, and the rights you have over it.

Who we are

RemyNest is the data controller for the personal data described here. For privacy questions or to exercise your rights, contact us at admin@remynest.com.

Data we collect

Account information (email, profile details); memory content you create, which may include health-related personal information; uploaded media; reminders; caregiver relationships and invitations; push-notification device tokens; billing information processed by our payment provider; and technical/diagnostic logs.

How we use your data

To provide and secure the service; to generate AI reflections and summaries of your memories; to deliver reminders and notifications; to process subscriptions; and to comply with legal obligations.

Legal bases (where GDPR applies)

Performance of our contract with you; your consent (including for health-related content and notifications); our legitimate interests in operating and improving the service; and compliance with legal obligations.

Service providers (processors)

We share data with providers who process it on our behalf: Supabase (hosting, database, authentication, storage), OpenAI (AI features), Stripe (billing), OneSignal (push notifications), and Vercel (application hosting). Each processes data only to provide their service to us.

AI features & health-related data

Memory content may constitute special-category (health) data. AI features generate non-diagnostic reflections only and do not provide medical advice, diagnosis, or treatment. See our in-app AI notices.

Sharing

We share your data with caregivers you explicitly invite, with the processors above, and where required by law. We do not sell your personal data.

International transfers

Where data is transferred outside your region, we rely on appropriate safeguards such as standard contractual clauses.

Retention

We retain your data while your account is active and as needed for legal, security, and operational purposes, after which it is deleted or anonymized.

Your rights

Subject to applicable law, you may request access, rectification, erasure, restriction, objection, and data portability, and may withdraw consent. You can download your data at any time from Profile → Privacy & GDPR → Export. Account deletion requests can be made by contacting admin@remynest.com while self-service deletion is being finalized. You may also complain to your local data-protection authority.

Security

We use access controls, row-level security, and encryption in transit to protect your data. No system is perfectly secure.

Children

RemyNest is not directed to children and is intended for use by adults. Caregivers are responsible for content they record about others.

Changes

We may update this policy and will revise the effective date above. Material changes will be communicated where required.

Contact

Questions or requests: admin@remynest.com.