Privacy Policy
Last updated: 2 July 2026
This policy describes what data memgit cloud (app.memgit.dev) collects and how it is used. The service is operated by Hari Hara Sankar K A, a sole proprietor based in India. The short version: your memories are end-to-end encrypted, we hold as little as possible, and we sell nothing.
The memgit CLI on its own stores everything locally on your machine and sends us nothing. This policy applies to the cloud service and this website.
What we store
- Your email address — used for login, service notices, and receipts.
- A blind authentication key, hashed with Argon2 at rest. This is derived from your passphrase on your device; the passphrase itself never reaches us.
- Your public key, used to seal team keys to you.
- Your encrypted private key and encrypted data blobs — ciphertext only. We do not have the keys and cannot decrypt any of it.
What we can never see
Because encryption happens on your device before upload, the following are invisible to us and to anyone who might compromise our servers:
- the content of your memories,
- thread names, team names, and repo names,
- your passphrase and your decrypted keys.
Details of the encryption design are on the security page.
Billing data
If you buy a paid plan, we collect what tax law and payment processing require:
- name and (optionally) company name,
- country and state,
- GSTIN, if you provide one (for Indian business invoices),
- phone number, where required by the payment processor.
This information is used to issue tax invoices and is shared with Cashfree Payments solely to process your payment. We do not store your card or bank details, and we never sell any of your data to anyone.
Infrastructure and processors
The service runs on the following providers, which process data on our behalf:
- Microsoft Azure (India region) — application servers and encrypted data storage.
- Vercel — hosting for this website and the web app.
- Cloudflare — DNS and content delivery.
- Cashfree Payments (India) — payment processing.
Cookies and tracking
- We use no tracking cookies and no advertising trackers.
- The app uses browser localStorage only to hold your session token so you stay signed in. That's it.
Data retention and deletion
We keep your account data for as long as your account exists. You can delete your account (and all associated data on our servers) at any time from the app, or by emailing codeforyou4161@gmail.com from your account email. Invoice records are retained where required by Indian tax law.
Security
How the system protects your data, and how to report a vulnerability, is documented on the security page.
Changes and contact
Changes to this policy are announced on this site, with the "Last updated" date reflecting the current version. Questions: codeforyou4161@gmail.com — see the contact page.