Privacy Policy

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, billing address, payment information
• Purchase Information: Product selections, transaction history, license keys
• Support Communications: Messages, feedback, and correspondence with our support team
• Waitlist Information: Email address and product interests when joining our waitlist

1.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on pages
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, referring URLs
• Cookies and Similar Technologies: See our Cookie Policy below

1.3 Information from Third Parties

• Payment Processors: Transaction confirmations from Stripe (payment information is processed directly by Stripe and not stored by us)
• Analytics Providers: Aggregated usage statistics

2. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: Process purchases, deliver license keys, provide access to software downloads
• Customer Support: Respond to inquiries, troubleshoot issues, provide technical assistance
• Product Improvement: Analyze usage patterns, develop new features, improve user experience
• Communications: Send transactional emails (receipts, license delivery), product updates (with your consent)
• Legal Compliance: Comply with applicable laws, enforce our terms, prevent fraud
• Marketing: Send promotional communications (only with your explicit consent, which you can withdraw at any time)

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process your personal data based on:

• Contract Performance: Processing necessary to fulfill our contract with you (e.g., delivering purchased software)
• Consent: You have given clear consent for specific purposes (e.g., marketing emails)
• Legitimate Interests: Processing necessary for our legitimate business interests (e.g., fraud prevention, product improvement), provided your rights don't override these interests
• Legal Obligation: Processing required to comply with legal obligations (e.g., tax reporting)

4. Data Storage and Security

4.1 Where Your Data is Stored

Your data is stored on secure servers provided by Supabase (hosted on AWS) and Vercel. These services may store data in the United States and other jurisdictions. We ensure that adequate safeguards are in place for international data transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission.

4.2 Security Measures

• Encryption of data in transit (TLS/SSL)
• Encryption of data at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication requirements
• Regular backups and disaster recovery procedures

4.3 Local Processing

Important: Our macOS and iOS applications process data locally on your device. Unless you explicitly sync data to your MemoForge account, your work stays on your device and is never transmitted to our servers. When you do choose to sync, data is encrypted in transit and at rest.

5. Data Retention

We retain your personal information for as long as necessary to:

• Provide you with our services
• Comply with legal obligations (e.g., tax records for 7 years)
• Resolve disputes and enforce our agreements

When you close your account or request deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

6. Your Privacy Rights

6.1 Rights for All Users

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Opt-Out: Unsubscribe from marketing communications

6.2 Additional Rights for EEA, UK, and Swiss Users (GDPR)

• Data Portability: Receive your data in a structured, machine-readable format
• Restriction of Processing: Request limitation on how we process your data
• Object to Processing: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time (without affecting prior processing)
• Lodge a Complaint: File a complaint with your local data protection authority

6.3 Additional Rights for California Users (CCPA)

• Know: Request disclosure of personal information collected, used, or sold
• Delete: Request deletion of personal information
• Opt-Out: Opt-out of sale of personal information (note: we do not sell personal information)
• Non-Discrimination: Not be discriminated against for exercising your rights

To exercise any of these rights, contact us at anatoliy@cellfusionsolutions.com

7. Cookie Policy

We use cookies and similar tracking technologies to improve your experience on our website.

7.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality (e.g., authentication, security)
• Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics)
• Preference Cookies: Remember your settings and preferences

7.2 Managing Cookies

You can control cookies through your browser settings. Note that blocking essential cookies may impact website functionality. For EU users, you can manage your cookie preferences through our cookie consent banner.

8. Sharing Your Information

We do not sell your personal information. We may share your information with:

8.1 Service Providers

• Payment Processing: Stripe (processes payments securely)
• Hosting and Infrastructure: Vercel, Supabase, AWS
• Email Services: Transactional email providers
• Analytics: Website analytics services

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

8.2 Legal Requirements

We may disclose your information when required by law, court order, or government regulation, or when necessary to:

• Comply with legal obligations
• Protect our rights, property, or safety
• Prevent fraud or security issues
• Respond to valid legal requests from public authorities

8.3 Business Transfers

If MemoForge is involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

9. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete it.

10. International Data Transfers

As a Canadian company serving international customers, your information may be transferred to and processed in countries other than your own. We ensure adequate safeguards are in place:

• For EU/EEA/UK Users: We use Standard Contractual Clauses (SCCs) approved by the European Commission
• For Canadian Users: Transfers comply with PIPEDA requirements
• For All Users: We work with service providers who maintain high data protection standards

11. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Our website does not currently respond to DNT signals, as there is no industry standard for how to interpret them. We will update this policy if standards are established.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by:

• Posting the updated policy on this page with a new "Last Updated" date
• Sending an email notification to registered users (for significant changes)
• Displaying a prominent notice on our website

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. Data Protection Authority Contact Information

• Canada (Office of the Privacy Commissioner): priv.gc.ca
• EU Data Protection Authorities: edpb.europa.eu
• UK Information Commissioner's Office: ico.org.uk
• Swiss Federal Data Protection Commissioner: edoeb.admin.ch