Privacy Notice
In-Home Monitoring · Effective Date: May 26, 2026 · Last Revised: May 26, 2026
Summary
Memoria is a household-activity monitoring service. The Memoria Sensor streams live video and audio in real time so that our artificial-intelligence service can surface insights and so that Authorized Users can “look in” through the Memoria application or web Dashboard. Memoria does not maintain a stored library of video or audio for later replay. Live streams pass through processing in real time and are discarded; event clips are briefly retained for processing and then automatically deleted. What is retained are short text descriptions of household activity, account and configuration data, and authentication metadata. Memoria does not sell Personal Information, does not use it for advertising, and does not permit the AI provider to retain or train on it.
1. Introduction and Scope
This Privacy Notice (this “Notice”) describes how Darda and Cui, Inc., a Delaware corporation doing business as “Memoria” (together with its affiliates, “Memoria,” “we,” “us,” or “our”), collects, uses, discloses, and otherwise processes Personal Information in connection with the Service. This Notice forms part of, and is incorporated by reference into, the Memoria Wellness Terms of Use (the “Terms”). Capitalized terms not defined herein have the meanings ascribed to them in the Terms.
This Notice applies to all individuals who access or use the Service, including Authorized Users, account holders, and Monitored Persons whose audio or visual likeness may be captured by a Sensor.
2. Defined Terms
For purposes of this Notice, the following capitalized terms shall have the meanings set forth below:
- “Account Holder” means the natural person who creates a Memoria account and is the subscriber to the Service.
- “Authorized User” means any individual whom the Account Holder grants access to the Service.
- “Activity Record” means a time-stamped textual description of household activity generated by the AI Provider, including but not limited to observations of motion, possible falls, possible wandering, and possible agitation.
- “AI Provider” means a third-party artificial-intelligence service that processes Sensor streams in real time, as further described in Section 6.
- “Dashboard” means the web-based application made available by Memoria at the Memoria domain through which Authorized Users may access the Service.
- “Monitored Person” means any natural person whose likeness, voice, or other personal attribute may be captured by a Sensor during operation.
- “Personal Information” means any information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with a particular individual or household.
- “Sensor” means an Apple iPhone device running the MemoriaSensor application and paired to an Account Holder for the purpose of in-home monitoring.
- “Service” means, collectively, the Memoria iOS caregiver application, the MemoriaSensor iOS application, the Dashboard, the Sensor while operating, and all related cloud infrastructure, application programming interfaces, and software made available by Memoria.
3. Categories of Personal Information We Collect
3.1. Account and Profile Information
- Email address (used as the unique account identifier).
- Display name elected by the Account Holder.
- Telephone number (optional, only if provided).
- Password, stored exclusively in salted-and-hashed form by our authentication processor.
3.2. Configuration and Activity Records
- The Monitored Persons, Sensors, and rooms configured by the Account Holder.
- The detectors enabled per Sensor and any user-defined detector parameters.
- Activity Records, including event type, time of occurrence, and a brief textual narrative.
- Reviews and notes added by Authorized Users in connection with Activity Records.
- Aggregated patterns derived from Activity Records over time, such as motion frequency or room-transition counts.
3.3. Device and Technical Information
- Apple Push Notification (APNs) device tokens, for the delivery of operational notifications.
- iOS version and device model of installed applications.
- Session-level authentication tokens issued by our authentication processor.
- IP addresses and timestamps recorded in server access logs for security and abuse-prevention purposes.
3.4. Sensor Streams (Real-Time Only)
While a Sensor is in an active state, it captures live video and audio of the room in which it is placed and streams that signal in real time to the Service. The stream is not stored for replay. Sensors may be paused or fully disconnected at any time through the Service; in either state no video or audio leaves the room.
4. How We Use Personal Information
We process Personal Information for the following legitimate purposes:
- To operate, maintain, and provide the features and functionality of the Service;
- To authenticate Authorized Users and to maintain account security;
- To deliver operational notifications, including event alerts, password-reset confirmations, and account-related communications;
- To diagnose technical problems, prevent abuse, and improve the accuracy and reliability of the Service;
- To comply with applicable laws, regulations, court orders, and legal process; and
- To establish, exercise, or defend legal claims.
We do not process Personal Information for advertising, do not sell Personal Information to third parties, and do not engage in cross-context behavioral advertising as those terms are defined under applicable law.
5. How We Handle Sensor Video and Audio
While a Sensor is active, live video and audio captured by the Sensor are streamed in real time to:
- The AI Provider, which analyzes the stream in real time to generate Activity Records (for example, observations consistent with a possible fall, a person leaving a room, or sustained restless motion);
- Authorized Users who elect to view a live look-in session through the Service.
Once a stream has passed through processing, the live video and audio is discarded. When the AI Provider flags a possible event, a short clip covering that event is briefly retained for the purpose of completing the analysis and is then automatically deleted. Memoria does not maintain a library of stored video, audio, or media content accessible for later replay. Live look-in sessions are not recorded.
6. Disclosure to Service Providers
The Service is delivered through several third-party service providers (each a “Service Provider” and collectively the “Service Providers”). Each Service Provider is contractually bound to process Personal Information solely in furtherance of the Service and in accordance with industry-standard security practices. Our Service Providers and their respective functions are:
- LiveKit Cloud — operates the real-time relay through which Sensor streams are transmitted. LiveKit does not retain stream contents.
- Google LLC (Gemini API) — the AI Provider, which processes streams to generate Activity Records. Operates from United States data centers under enterprise terms that prohibit data retention and model training on customer content.
- OpenAI, L.L.C. — a secondary AI Provider used as a fallback when the primary AI Provider is unavailable. Subject to the same restrictions described above.
- Supabase, Inc. — provides the relational database, authentication, realtime messaging, and object storage that underpin the Service. Hosted in the United States on Amazon Web Services infrastructure.
- Railway Corporation — hosts the Memoria backend application.
- Vercel Inc. — hosts the Dashboard.
- Apple Inc. — operates the Apple Push Notification service used to deliver operational alerts.
Beyond the foregoing Service Providers, Memoria may disclose Personal Information (a) to a successor entity in connection with a merger, acquisition, financing, or sale of all or substantially all of Memoria’s assets, (b) in response to a lawful request from a governmental authority or in connection with legal process where Memoria reasonably believes disclosure is required by law, or (c) to enforce these terms or protect the rights, property, or safety of Memoria, its users, or others.
7. Data Retention
Memoria retains Personal Information only for as long as is reasonably necessary to fulfill the purposes set forth in this Notice, subject to the following retention periods:
- Live Sensor streams: held in memory only for the seconds required to complete real-time analysis; not persisted.
- Event clips: briefly retained for processing and then automatically deleted; not made available for later replay.
- Activity Records, configuration, account and profile information, and aggregated patterns: retained for the duration of the Account Holder’s active account.
- Server access logs: retained for up to ninety (90) days for security and abuse-prevention purposes.
- Account closure: upon account closure, Personal Information associated with that account is deleted within thirty (30) days, except where retention is required by law or for the establishment, exercise, or defense of legal claims.
8. International Data Transfers
Personal Information is processed and stored primarily in the United States. If you access the Service from outside the United States, you understand and consent to the transfer of Personal Information to, and processing in, the United States, which may have data-protection rules different from those in your jurisdiction. Where required by applicable law, Memoria implements appropriate safeguards in connection with such transfers.
9. Live Look-In and Access Controls
Authorized Users may, at their election, open the application or Dashboard and view the live Sensor stream. Look-in sessions are transmitted in real time, are subject to authentication, and are not recorded by Memoria. Access to the live stream is limited to:
- The Account Holder;
- Any Authorized User to whom the Account Holder has granted access.
Memoria personnel, including the founders, do not have the ability to view the live Sensor stream. The AI Provider processes streams algorithmically; AI Provider personnel do not view streams.
10. Information Security
Memoria employs administrative, technical, and physical safeguards designed to protect Personal Information against unauthorized access, alteration, disclosure, or destruction. These safeguards include:
- Transport-layer encryption (TLS) for all data in transit;
- Encryption at rest for stored Personal Information;
- Row-level security policies scoped to the authenticated principal;
- Secure storage of authentication tokens in the iOS Keychain;
- Logical and physical access controls over our Service Provider infrastructure.
Despite these measures, no system can be guaranteed entirely secure. In the event of a security incident that creates a material risk of significant harm to affected individuals, Memoria will provide notice in accordance with applicable breach-notification laws.
11. Your Rights
11.1. General Rights
Subject to applicable law and to verification of identity, you have the right to:
- Request access to the Personal Information we hold about you;
- Request correction of inaccurate or incomplete Personal Information;
- Request deletion of your Personal Information;
- Withdraw your consent and have associated Sensors deactivated;
- Request a portable copy of your Personal Information.
You may exercise these rights by contacting Memoria at the address set forth in Section 16. We respond to verified requests within thirty (30) days, or such longer period as permitted by applicable law.
11.2. California Privacy Rights (CCPA / CPRA)
If you are a resident of the State of California, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”), confers additional rights, including the right to (a) know the categories and specific pieces of Personal Information we have collected about you in the preceding twelve (12) months, (b) request deletion of Personal Information, (c) correct inaccurate Personal Information, (d) opt out of the sale or sharing of Personal Information, and (e) limit the use of Sensitive Personal Information.
Memoria does not sell or share Personal Information as those terms are defined under the CCPA. Memoria does not use or disclose Sensitive Personal Information for purposes other than those permitted under the CCPA without offering the opportunity to limit such use. To exercise any California privacy right, contact us at the address in Section 16. You may designate an authorized agent to make a request on your behalf, subject to identity verification.
11.3. European Privacy Rights (GDPR)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you may have additional rights under the General Data Protection Regulation or analogous law, including the rights of access, rectification, erasure, restriction of processing, data portability, and objection. You also have the right to lodge a complaint with a supervisory authority. The lawful bases on which we process Personal Information include performance of a contract, legitimate interests, consent (where required), and compliance with legal obligations.
11.4. Canadian Privacy Rights (PIPEDA)
If you are located in Canada, you have rights under the Personal Information Protection and Electronic Documents Act and analogous provincial legislation, including the rights to access, correct, and withdraw consent. You may also lodge a complaint with our privacy contact or with the Office of the Privacy Commissioner of Canada.
12. Children’s Privacy
The Service is not directed to children under the age of thirteen (13) and Memoria does not knowingly collect Personal Information from anyone under thirteen (13). If we learn that we have collected Personal Information from a child under thirteen (13), we will delete that information promptly. If you believe a child under thirteen (13) has provided us Personal Information, please contact us using the information in Section 16.
13. Consent of Monitored Persons
It is the responsibility of the Account Holder to obtain and document the consent of each Monitored Person prior to installing or activating a Sensor, and to inform visitors and third parties who enter the monitored space that Sensors are in use. Do not install a Sensor in any location where any person present has not agreed to be monitored. Recording individuals without consent may violate applicable law in your jurisdiction; the Account Holder bears sole responsibility for compliance.
14. Limitations on Use
Memoria will not:
- Maintain a video or audio archive accessible for later replay;
- Sell, rent, or trade Personal Information to any third party;
- Use Personal Information for advertising, marketing, or commercial profiling purposes;
- Disclose Personal Information to insurance companies, employers, or government agencies, except as required by law;
- Permit the AI Provider or any other Service Provider to retain Personal Information beyond the period necessary to deliver the Service, or to use Personal Information to train its artificial-intelligence models.
15. Cookies and Similar Technologies
The Dashboard uses strictly necessary cookies and session-management technologies to authenticate users and to maintain session state. Memoria does not use third-party advertising cookies, tracking pixels, or behavioral- advertising trackers. Memoria honors browser “Do Not Track” signals to the extent technically feasible.
16. Wellness Service; Not a Medical Device
The Service is a general wellness service intended to provide household-activity insights for informational and convenience purposes only. The Service is not a medical device and is not intended to diagnose, treat, cure, prevent, or monitor any disease, medical condition, or symptom. The Service is not a substitute for professional medical care, supervision, or emergency response. Please review the Memoria Wellness Terms of Use for the scope and limitations of the Service.
17. Changes to this Notice
Memoria may amend this Notice from time to time. If we make material changes, we will notify active users by means of the Service or by email. The “Last Revised” date at the top of this Notice indicates when it was last updated. Continued use of the Service following such notice constitutes acceptance of the amended Notice.
18. Contact
Privacy questions, rights requests, or complaints may be directed to the privacy contact below. We endeavor to respond to verified requests within thirty (30) days.
- Privacy Contact: Sunny Cui
- Email: sunnycui@stanford.edu
- Telephone: 716-602-1101
See also our Memoria Wellness Terms of Use.