Legal

Privacy policy

Memrease is built around intimate family memories. We take that seriously. This policy explains plainly what data we hold, why, and what you can do about it.

Last updated: April 2026

Who we are

Memrease is operated by Kinesis Consultants Ltd, a company registered in England and Wales. We are registered with the Information Commissioner's Office (ICO) under reference C1902146.

For data protection purposes, Kinesis Consultants Ltd is the data controller for personal data collected through Memrease.

You can contact us about privacy matters at privacy@memrease.com.

What data we collect and why

Curators (family members who upload memories)

When you create an account or use Memrease as a curator, we collect:

  • Email address — to authenticate you and send account notifications
  • Display name — shown to other curators in your family group
  • Content you upload — stories, photos, audio, and video that you choose to share
  • Usage data — which features you use, when you upload, which memories you mark as favourites
  • Subscription and billing data — managed by Stripe (see third parties below). We store your subscription tier and status; we do not store card details.

Legal basis: Contract performance (to provide the service you've signed up for) and legitimate interests (to improve the product and prevent fraud).

Recipients (elderly relatives who receive daily prompts)

Recipients do not create accounts in the traditional sense. They access Memrease via a PIN-protected link. We collect:

  • Display name — used to personalise their morning experience
  • Conversation content — replies they give during their daily AI-guided conversation
  • Access events — when they open their morning prompt and for how long
  • Device preferences — accessibility settings such as font size and contrast

Recipients are typically elderly individuals, some of whom may have dementia. We handle this data with particular care. Recipient data is never used for marketing, profiling, or any purpose other than delivering and improving their morning experience.

Legal basis: Legitimate interests of the family in providing a beneficial, personalised experience for the recipient.

AI processing

Memrease uses AI to extract conversation threads from the memories you upload, score their depth and richness, and guide the recipient's daily conversation. This processing happens via the Anthropic Claude API.

Content you upload — stories, transcripts, and conversation replies — is processed by Anthropic's systems to generate responses. Anthropic processes this data as a data processor acting on our instructions. We have reviewed Anthropic's data processing terms and they do not use customer data to train their models.

The AI does not make automated decisions with legal or similarly significant effects. All AI outputs are conversational prompts — they do not determine access, entitlements, or assessments.

Third-party processors

We use the following third-party services to operate Memrease. Each acts as a data processor under our instruction:

  • Supabase — database, file storage, and authentication. Data is stored in EU data centres.
  • Anthropic — AI processing pipeline (see above).
  • Vercel — application hosting and delivery.
  • Stripe — payment processing. Stripe is independently PCI-DSS compliant. We do not store card details.
  • Resend — transactional email delivery (account notifications, weekly digests).

We do not sell your data. We do not use it for advertising. We do not share it with third parties other than those listed above and only for the purpose of operating the service.

How long we keep your data

While your account is active, we retain all data necessary to provide the service. If you cancel your subscription, your memories and conversation history are retained in a read-only state for 90 days, after which they are permanently deleted unless you have an active archive add-on.

Billing records are retained for 6 years in accordance with HMRC requirements, even if you request deletion of other data.

If a recipient passes away, we pause all data processing timers and give the family time to export or delete the library at their own pace.

Cookies

Memrease uses cookies and similar technologies to keep you signed in and remember your preferences. We do not use advertising cookies or third-party tracking pixels.

  • Authentication cookies — set by Supabase to maintain your session. These are essential for the product to work.
  • Preference cookies — store your display settings (theme, font size). These are functional and not used for tracking.

We do not use Google Analytics, Meta Pixel, or any other third-party analytics or advertising platform.

Your rights

Under UK GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate data
  • Erasure — ask us to delete your data (subject to legal retention obligations)
  • Portability — receive your data in a structured, machine-readable format
  • Restriction — ask us to limit processing in certain circumstances
  • Object — object to processing based on legitimate interests

To exercise any of these rights, email us at privacy@memrease.com. We will respond within 30 days.

You can also request deletion directly within the app under Settings → Data & Privacy → Delete my account.

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the ICO at ico.org.uk.

Changes to this policy

We will update this policy when our practices change. If changes are material, we will notify curators by email before they take effect. The date at the top of this page reflects when it was last updated.