Braintity
← Back to Braintity

Privacy Policy

Effective April 22, 2026

Braintity (“Braintity,” “we,” “our,” or “us”) operates an AI-powered personal memory graph service. This Privacy Policy explains what information we collect, how we use and protect it, and the choices you have. By using Braintity, you agree to the practices described in this document.

1. Information We Collect

We collect only the information required to operate the service:

  • Account data. An email address that you provide during sign-in. If you use Braintity without linking an email, a pseudonymous anonymous identifier is generated on your behalf.
  • Memory content. The thoughts, reflections, and structured answers you choose to save into your personal memory graph.
  • Neural signal indices. Internal representations derived from your memory content that allow the service to locate and surface semantically relevant nodes when you submit a query. These indices are used exclusively within the service and are not shared externally in raw form.
  • Service telemetry. Product analytics, anonymized usage events, and error reports used to operate and improve the service.

2. How We Use Your Data

Your data is used exclusively to deliver and improve the service you have requested:

  • Personalized AI experience. Your memory nodes power memory-grounded AI responses tailored to your own reflections, goals, and context. Without these inputs the personalized experience cannot function.
  • Authentication. To send magic-link emails and maintain your session.
  • Product analytics and reliability. To diagnose issues, monitor uptime, and improve the product.

We do not sell your data, and we do not use your personal memory content to train general-purpose foundation models.

3. Encryption & Security

Your memory content is stored in our managed database with encryption at rest and encryption in transit (TLS) between your device, Braintity, and our infrastructure providers. Access to your records is enforced by row-level security policies: a given authenticated session can only read and modify data that belongs to it. Administrative access is restricted to the minimum number of operators required to keep the service running and is used only for support, audit, and incident response.

4. Third-Party Processors

To operate the service, we engage a limited set of vetted subprocessors bound by data-processing agreements aligned with applicable privacy and security standards. We describe each category by function rather than by vendor name. All subprocessors are subject to security review prior to onboarding and operate under contractual obligations at least as stringent as those set out in this Privacy Policy, including compliance with SOC 2 Type II, GDPR, and equivalent frameworks where applicable.

  • Secure Cloud Infrastructure Partners. Provide encrypted data storage, identity and access management, and hosting of your neural memory graph. All infrastructure partners operate under strict data-residency and security obligations. Data stored with these partners is encrypted at rest and in transit and is accessible only through authenticated, row-scoped queries.
  • Neural Intelligence & Inference Partners. Provide the computational inference layer required to process queries against your memory graph and generate context-aware responses. Your data is transmitted in pseudonymised form. These partners are contractually prohibited from using your personal content to train, fine-tune, or improve any general-purpose foundation model.
  • Transactional Communication Partners. Deliver authentication and account-related emails (magic links, notifications). Only your email address and a transient message token are shared with this category. No memory content is transmitted.
  • Product Analytics Partners. Receive anonymised, non-personally-identifiable telemetry to support uptime monitoring, error detection, and product improvement. Memory content and personally identifiable information are never shared with analytics processors.

5. Data Retention

We retain your account data and memory nodes until you delete them or your account. When you delete your Braintity account in Settings, your authentication record, profile, memory nodes, and credit balance are permanently removed from our primary systems. Backup systems are rotated on a rolling schedule, and any residual copies are overwritten in the normal course of backup expiration.

6. Your Rights

You have the right to:

  • Access — review the memory nodes in your graph at any time from the dashboard.
  • Edit and delete — modify individual memory nodes or remove them from your graph at any time.
  • Delete your account— permanently erase all account data from Settings → Danger Zone.
  • Export — request a copy of your data by contacting us at the address below.

7. Children

Braintity is not directed to individuals under the age of 16. We do not knowingly collect data from children. If you believe a child has submitted data to us, please contact us so we can delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the service or your registered email. Continued use after the effective date of a revision constitutes acceptance of the revised terms.

9. Contact

Questions or requests regarding this policy can be sent to [email protected].