Privacy Policy
1. Purpose of Processing Personal Information
Memento AI processes personal information solely for the purposes listed below and does not use it for any other purposes.
Category
Purpose
Membership Registration and Management
Identity verification, authentication, confirmation of intent to register, maintenance and management of membership status, prevention of fraudulent use
Service Provision
Voice transcription services, AI-based summarization and search, calendar integration, email integration (Google Gmail), document integration (Google Drive and Google Docs), memo management, personalized AI assistant services
Service Improvement
Service quality enhancement, new feature development, user experience analysis
1.
At Miller, security is a foundational requirement of the Service, not an afterthought. Miller is built to be a trusted home for the most personal data you create: the record of your daily thoughts, conversations, and work.
2.
This page explains how we approach security, the controls we have in place today, and where the program is headed as we move toward public launch.
3.
Operating entity. The Service is owned and operated by Memory Labs Inc., a corporation organized under the laws of the Republic of Korea.
2. Categories of Personal Information Collected
2.1 Screen Text Data
Item
Description
On-screen text
Text content extracted from the active screen and supported applications
Application context
Name and type of the active application
Browser context
Page title and URL of the active browser tab
Extraction timestamps
Time information of each text extraction
Additional Notice (Screen Text Data)
·
Optional: Screen text data is collected only if you grant screen access permission.
·
How it works: We extract text only — not screenshots, not video, not images. Visual content on your screen is never captured or transmitted.
·
Purpose: Used to provide context-aware AI features such as proactive summaries, smart suggestions, and automated recaps based on your current work context.
·
Scope: Text is extracted from supported applications only. Password fields and sensitive input areas are automatically excluded.
·
Control: You can revoke screen access permission at any time via in-app or device settings. Disabling will limit context-aware features.
·
Sharing: We do not sell this data. It may be processed by our AI providers (listed in Section 6) solely to deliver the Service.
·
Retention: Retained only as long as necessary for the purposes described in this Privacy Policy, or until you delete your account or data.
2.2 Information Collected at Registration
Item
Collection Method
Required
Email address
OAuth integration (e.g., Google)
Required
Nickname
OAuth integration
Optional
Profile image URL
OAuth integration
Optional
External service unique identifier (UID)
OAuth integration
Required
2.3 Information Collected During Service Use
2.3.1 Voice Transcription Records
Item
Description
Transcribed text
Text converted from voice input
Transcription start/end time
Time information of the recording
Speaker separation data
Information used to identify speakers
Audio files (voice recordings)
Original audio recorded through the Service, which may be uploaded to and stored on the server to enable transcription, summarization, and related features
Important: Original audio files may be transmitted to and stored on our servers in order to provide recording, transcription, and related Service features. We retain audio files only as long as necessary for the purposes described in this Privacy Policy and delete them in accordance with our retention policy, unless longer retention is required by law.
2.3.2 Calendar Information
Item
Description
Calendar name and description
Basic information of linked calendars
Event title
Title of calendar events
Event description
Detailed event description
Event start/end time
Time information
2.3.3 Memo Information
Item
Description
Memo title
Title created by the user
Memo content
Content written by the user
Created/updated timestamps
Creation and modification history
2.3.4 Chat Records
Item
Description
Conversation content
Conversations between the user and the AI assistant
Conversation timestamp
Time of interaction
2.3.5 Location and Activity Data
Item
Description
GPS coordinates
Latitude and longitude (recorded on location change)
Pedometer data
Step count
Activity start/end time
Activity duration information
Extraction timestamps
Time information of each text extraction
Additional Notice (Location/Activity).
·
Optional: Location and activity data are collected only if you grant permission.
·
Purpose: Used to support context-aware features (e.g., organizing your day, improving summaries, and providing personalized assistant features) and to improve service quality.
·
Control: You can disable location/activity permissions at any time in your device settings or in-app settings. Disabling may limit related features.
·
Sharing: We do not sell this data. We may process it using our processors listed in this Privacy Policy solely to provide the Service.
·
Retention: Stored only for as long as necessary for the purposes described in this Privacy Policy or until you delete your account/data, unless longer retention is required by law.
·
Sharing: We do not sell this data. It may be processed by our AI providers (listed in Section 6) solely to deliver the Service.
·
Retention: Retained only as long as necessary for the purposes described in this Privacy Policy, or until you delete your account or data.
2.3.6 Contact Information
Item
Description
Contact name
Name retrieved from the device’s contact list (for STT accuracy improvement)
Additional Notice (Contacts — Names Only).
·
Optional: Contact names are collected only with your explicit consent and permission.
·
Scope: We collect names only for accuracy support. We do not collect phone numbers, email addresses, or other contact details.
·
Purpose: Used solely to improve transcription accuracy (e.g., recognizing names).
·
Control: You may revoke this permission at any time. If revoked, contact-name based accuracy support may be disabled.
·
Sharing/Retention: Not sold or used for advertising. Processed only for Service delivery and retained only as necessary during service use or until deletion, unless required by law.
2.3.7 Email Information (Google Gmail)
Item
Description
Email metadata
Sender, recipient(s), subject, timestamps, thread/label identifiers
Email body
Plain-text body extracted from messages
Attachment metadata
Filename and MIME type only (file contents are not downloaded)
Additional Notice (Email Information).
·
Opt-in only — applies to users who enable Gmail integration: Email information is collected only from users who choose to enable this integration by explicitly connecting their Google account via the in-app “Connect Gmail” flow and granting the gmail.readonly scope. This section does not apply to users who sign up for Miller without enabling the Gmail integration.
·
Read-only access: Miller only reads your messages. Miller never sends, modifies, deletes, archives, or marks emails as read on your behalf.
·
How it works: After you connect Gmail, Miller periodically retrieves your recent messages in the background to enable AI-assisted features such as organizing meeting-related communications, surfacing relevant emails in personalized summaries, and answering your questions about past communications when you ask the AI assistant in chat.
·
Purpose: Used to organize meeting-related and work-related emails, surface them in personalized summaries, and enable AI-assisted recall and search across your communications.
·
Scope of access: Miller reads messages only as needed to provide the features above. Spam and explicitly excluded categories may be omitted depending on Google API behavior. Attachment file contents are not downloaded.
·
Control: You may disconnect Gmail at any time via in-app Settings → Integrations, or by revoking access at https://myaccount.google.com/permissions.
·
Sharing: Email content is not sold and not used for advertising. It may be processed by AI providers listed in Section 6 solely to deliver Service features.
·
2.3.8 Document Information (Google Drive and Google Docs)
Item
Description
File metadata
File name, MIME type, last modified time, owner, file ID
Document body
Plain-text or markdown content of Google Docs files read in response to user requests
Additional Notice (Document Information).
·
Opt-in only — applies to users who enable Google Drive integration: Document information is collected only from users who choose to enable this integration by explicitly connecting their Google account via the in-app “Connect Google Drive” flow and granting the drive.readonly and documents.readonly scopes. This section does not apply to users who sign up for Miller without enabling the Google Drive integration.
·
Read-only access: Miller only reads your files and documents. Miller never modifies, deletes, moves, shares, renames, or creates files in your Drive.
·
How it works (user-initiated, on-demand only): Miller reads files from Google Drive and Google Docs only when triggered by your explicit request to the AI assistant in Miller’s chat interface. When you send a message to the AI assistant that involves your documents — for example, asking the assistant to find a document, summarize a recent file, or reference content from your work — Miller retrieves and reads files from your Drive that the assistant determines are relevant to that specific request, at the moment of the request. Miller does not use a Google file picker. File selection is performed automatically by the AI assistant based on the conversational context of your chat message. This means Miller may list files in your Drive and read those it determines relevant to fulfilling your stated request. Miller does not pre-fetch, bulk-index, crawl, or background-synchronize your Drive files. If you do not interact with the AI assistant about your documents, Miller will not access your Drive after the initial connection.
·
Purpose: Used to retrieve and reference your existing Google Docs and Drive files in response to your chat requests, enable AI-assisted summarization and search across documents you ask about, and import documents into Miller as structured notes when you request it.
·
Scope of access: Miller lists and reads files the connected Google account has access to, only as needed to fulfill the specific user request being processed. Miller does not enumerate or read files in shared drives beyond what is necessary for the requested feature.
·
Control: You may disconnect Google Drive at any time via in-app Settings → Integrations, or by revoking access at https://myaccount.google.com/permissions. You may also avoid any Drive access entirely by simply not asking the AI assistant questions that involve your documents.
·
Sharing: Document content is not sold and not used for advertising. Document content read in response to your chat request may be processed by AI providers listed in Section 6 solely to generate the assistant’s response to that request.
·
2.4 Automatically Collected Information
Item
Description
IP address
Automatically collected upon service access
Device information
Service type (e.g., mobile)
Access logs
Request URL, HTTP method, response time
Additional Notice (Logs and Identifiers).
We use access logs and device information for security, fraud prevention, troubleshooting, performance monitoring, and to provide stable service operation. Where required, we limit collection to what is necessary and retain it for the periods described in Section 3.
3. Retention and Use Period of Personal Information
Member information
Email, nickname, profile image
Until account deletion or 1 year after last access
Voice transcription records
Transcribed text, timestamps
During service use or until account deletion
Calendar information
Events, attendee information
During service use or until account deletion
Memo information
Memo title and content
During service use or until account deletion
Chat records
AI conversation content
During service use or until account deletion
Location data
GPS coordinates
During service use or until account deletion
Access logs
IP address, access records
Until deletion request or 3 months
Voice recordings
Audio files (voice recordings)
During service use or until deletion request/account deletion (or as otherwise required by law)
Google email data
Email metadata, email body
Until Gmail disconnection or account deletion
Google document data
File metadata, document body read in response to user requests
Until Drive disconnection or account deletion
Retention required by law:
·
Records related to contracts or withdrawal of subscription: 5 years (E-commerce Act)
·
Records related to consumer complaints or dispute resolution: 3 years (E-commerce Act)
·
Access logs: 3 months (Communications Privacy Protection Act)
4. Provision of Personal Information to Third Parties
Memento AI does not provide personal information to third parties in principle, except in the following cases:
For clarity, we may share personal information with service providers acting as processors (as listed in Section 6) solely to provide the Service; this is not a "third-party disclosure" for independent purposes.
1.
When the user has given prior consent
2.
When disclosure is required by law or requested by investigative authorities in accordance with lawful procedures
5. Sharing, Transfer, and Disclosure of Google User Data
The Miller Service uses Google OAuth for authentication and accesses Google user data via the Google Calendar API, Gmail API, and Google Drive / Docs APIs.
Scope of application — opt-in integrations: The Gmail integration and the Google Drive / Google Docs integration are optional, opt-in features. The provisions in this Section that relate to email data and document data apply only to users who explicitly choose to enable the corresponding integration by connecting their Google account for that feature. Users who sign up for Miller without enabling Gmail integration are not subject to the Gmail-related provisions; users who do not enable the Drive/Docs integration are not subject to the Drive/Docs-related provisions. Each integration can be enabled or disabled independently at any time via in-app Settings → Integrations.
5.1 Data Collected from Google
Data Type
Items
Purpose
OAuth Scope
Trigger
Authentication data
Email, name, profile image
Registration and identity verification
openid, email, profile
User initiates login
Calendar data
Event title, description, time, attendees
AI assistant service provision
calendar
User connects calendar; periodic sync
Email data
Email metadata, email body, attachment metadata
Email organization, AI-assisted recall and summarization
gmail.readonly
User connects Gmail; periodic background sync
Document data
File metadata, Google Docs body
Retrieval and reference of documents in response to user chat requests
drive.readonly, documents.readonly
User-initiated only: triggered when the user asks the AI assistant in chat about their documents
5.2 Sharing and Transfer of Google User Data
Memento AI does not share, transfer, or disclose Google user data to any third party beyond the purposes and recipients listed below.
Recipient
Country
Purpose
Shared Data
Method
OpenAI
United States
AI-based summarization, analysis, and chat assistant responses
Calendar event data, email content, document content
API call
Anthropic
United States
AI-based summarization, analysis, and chat assistant responses
Calendar event data, email content, document content
API call
Amazon Web Services (AWS)
United States / Korea
Data storage and service hosting
Full Google user data (calendar, email, document)
Cloud storage
5.3 Google User Data Protection Policy
Miller's processing of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.
Limited Use commitments:
1.
Permitted uses only. Google user data (Gmail, Drive, Docs, Calendar) is used solely to provide or improve user-facing features that are prominent in the Miller application — specifically email organization, document retrieval and reference in response to user chat requests, calendar-based recall, and AI-assisted summarization.
2.
No sale. Google user data is never sold or transferred for monetary or other valuable consideration.
3.
No advertising use. Google user data is never used for personalized advertising, ad targeting, retargeting, or building advertising profiles.
4.
No unrelated transfer. Google user data is not transferred to third parties except (a) as necessary to provide or improve user-facing features (processors listed in Section 6 acting under contract), (b) for security purposes (e.g., investigating abuse), or (c) to comply with applicable law.
5.
No AI model training. Google user data is not used to train, fine-tune, or evaluate generalized or third-party AI/ML models. Contracts with all AI processors prohibit such use, and "no training" / "zero-data-retention" options exposed by their APIs are enabled where available.
Additional commitments:
·
No advertising use: Google user data is not used for advertising or marketing.
·
Explicit consent: All access to Google data is based on explicit user consent obtained via the standard Google OAuth consent flow.
5.4 Human Access Policy
Miller personnel and contractors do not read, view, or otherwise access Google user data of individual users, except in the following narrowly defined cases:
1.
With your explicit consent (e.g., when you submit a support request and authorize us to inspect specific data to resolve the issue);
2.
For security purposes, including investigation of abuse, fraud, or security incidents that affect the Service or other users;
3.
To comply with applicable law, regulation, court order, or lawful government request;
4.
For internal operations, and only after the data has been aggregated and de-identified such that it cannot be associated with any individual user.
Routine engineering, product development, and analytics workflows operate on aggregated, de-identified statistics — never on raw Google user data of identifiable users.
5.5 Disclosure Based on Legal Requirements
Google user data may be disclosed only in the following cases:
1.
Court orders or lawful legal procedures
2.
Lawful requests from investigative authorities
3.
Emergency situations necessary to protect life, body, or property
Where legally permitted, users will be notified before or after such disclosure.
5.6 Google Data Deletion and Revocation
·
Users may disconnect their Google integrations (Calendar, Gmail, Drive) at any time via in-app Settings → Integrations.
·
Upon disconnection of Google Calendar, all calendar data stored on Miller servers is immediately and permanently deleted.
·
Upon disconnection of Gmail, all email metadata and email body data stored on Miller servers are immediately and permanently deleted.
·
Upon disconnection of Google Drive, all file metadata and document content read on the user's behalf and stored on Miller servers are immediately and permanently deleted.
·
Upon account deletion, all Google-related data across all integrations is permanently deleted within the timeline described in Section 8.
·
Users may also revoke Miller's access at any time directly via Google Account settings: https://myaccount.google.com/permissions.
6. Outsourcing and Cross-Border Transfer of Personal Information
Processor
Country
Task
Transferred Data
Retention
OpenAI
United States
STT, text summarization, AI responses
Audio files and/or transcribed text, memos, chat data, calendar data, email content, document content
Deleted immediately after processing
Anthropic
United States
Text summarization, AI responses
Transcribed text, memos, chat data, calendar data, email content, document content
Deleted immediately after processing
United States
STT, calendar integration, email integration (Gmail), document integration (Drive/Docs)
Transcribed text, calendar data, email metadata and body, document metadata and body
Until account deletion or disconnection
Fireworks.ai
United States
STT
Transcribed text
Deleted immediately
Assembly.ai
United States
STT
Transcribed text
Deleted immediately
Portkey.ai
United States
AI routing and monitoring
Request metadata
Deleted immediately
AWS
United States / Korea
Cloud infrastructure and storage
All service data
Until account deletion
Google Analytics
United States
Usage analytics
Non-identifiable usage data
Upon request or account deletion
Mixpanel
United States
Usage analytics
Non-identifiable usage data
Upon request or account deletion
Microsoft Clarity
United States
UX analysis
Non-identifiable usage data
Upon request or account deletion
Where the table states “Deleted immediately after processing,” it refers to deletion by the relevant processor after completing the requested processing. Retention on our systems (if any) follows Section 3 (Retention and Use Period).
7. AI Model Training and Data Usage Policy
7.1 Prohibition of Third-Party AI Model Training
Memento AI does not allow third-party AI providers to use personal data for AI model training.
·
Data Processing Agreements (DPAs) are executed with all AI providers.
·
Data is processed solely for service delivery and deleted immediately afterward.
·
Training exclusion options provided by AI APIs are enabled.
7.2 Use of Anonymized Data
Fully anonymized data may be used for service improvement purposes only.
Purpose
Method
Example
Performance analysis
Removal of identifiers
Average transcription accuracy
Feature improvement
Aggregated data only
Most-used features
Error analysis
Context removal
Common error patterns
7.2 Use of Anonymized Data
All data used for service improvement is fully anonymized and processed only in aggregated statistical form.
8. Destruction of Personal Information
8.1 Procedure
Personal information is destroyed without delay once the retention period expires or the processing purpose is fulfilled.
8.2 Method
·
Electronic files: Permanent deletion using non-recoverable methods
·
Printed materials: Shredding or incineration
8.3 Timeline
Destruction is carried out without delay (within 5 days unless justified).
9. Rights of Data Subjects
Users (including legal guardians) may exercise the following rights:
·
Right to access personal information
·
Right to rectification
·
Right to deletion
·
Right to restriction of processing
·
Right to withdraw consent
Requests may be submitted via:
·
Email: contact@trymiller.com
·
In-app settings
Responses are provided within 10 days, subject to legal limitations.
10. Security Measures
Memento AI implements the following safeguards:
·
Secure storage and tamper-proof access logs
·
Network security measures such as firewalls and VPCs
11. Use of Automatic Data Collection Tools
We use analytics tools (e.g., Google Analytics, Mixpanel, Microsoft Clarity) to understand usage patterns, improve features, and enhance user experience. These tools may collect usage events and device/app information.
·
Choice/Consent: Where required by applicable law (including in certain jurisdictions), we will obtain your consent before enabling non-essential analytics.
·
Opt-out: You can opt out of analytics via in-app settings or device settings. Opting out may limit our ability to improve the Service, but core features will remain available.
12. Chief Privacy Officer
Item
Details
Name
Jisan Kim
Title
CEO / Chief Privacy Officer
contact@trymiller.com
13. Remedies for Privacy Infringement
Users may contact the following organizations for dispute resolution:
·
Korea Internet & Security Agency (KISA): 118
·
Personal Information Dispute Mediation Committee: 1833-6972
·
Supreme Prosecutors' Office Cyber Bureau: 1301
·
National Police Agency Cyber Bureau: 182
14. Children's Privacy
The Miller Service is not intended for children under the age of 14 and does not knowingly collect their personal information. Any such data discovered will be promptly deleted.
15. Changes to This Privacy Policy
Changes will be announced at least 7 days in advance. Material changes will be announced at least 30 days in advance, and renewed consent may be requested.
16. Addendum
·
Original Announcement Date: November 24, 2025
·
Original Effective Date: December 1, 2025
·
Amendment Announcement Date: April 29, 2026
·
Amendment Effective Date: April 29, 2026
Change History
Effective Date
Summary
2025-12-01
Initial release (under the previous service name “M24”)
2026-04-29
Renamed the service from “M24” to “Miller” (operator and legal entity unchanged). Updated contact email domain to trymiller.com. Added provisions for Google Gmail integration (Sections 1, 2.3.7, 3, 5, 6) and Google Drive / Google Docs integration (Sections 1, 2.3.8, 3, 5, 6). Clarified that Gmail and Drive/Docs integrations are opt-in and apply only to users who choose to enable them. Clarified that Drive/Docs access is user-initiated and triggered only by user requests to the AI assistant in Miller’s chat interface. Added explicit Limited Use Policy commitments (Section 5.3) and Human Access Policy (Section 5.4) in compliance with the Google API Services User Data Policy.