Privacy Policy

Last updated: June 2026

Mnemia (“Mnemia”, “we”, “us”) provides a memory layer for coaching: capturing sessions and turning them into recaps, insights, and homework. This policy explains what personal data we process, why, and the rights you have. It is written to align with the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP).

Mnemia is operated by Christophe Kurkdjian in Switzerland. For any privacy question, contact us at privacy@mnemia.ch.

Who the data is about

Mnemia is used by coaches (and similar practitioners) and their clients(coachees). Coaches act as the controller of their clients’ session data; Mnemia acts as a processor on their behalf, and as a controller for account and billing data.

What we process

• Account data: name, email address, role, and authentication details.
• Session content: audio recordings and transcripts you upload, and the text you enter.
• AI-derived content: summaries, key moments, insights, suggested homework, and briefs generated from your sessions.
• Usage & technical data: log and device data needed to run and secure the service.

Sensitive (special-category) data

Coaching and therapy conversations may include health information or other sensitive details. Where this is the case, we process it only to provide the service, on the basis of explicit consentand the coach’s documented instructions, and with the additional safeguards described below. Coaches are responsible for obtaining the consent of session participants before recording or uploading a session.

Why we process it (legal bases)

• To perform our contract with you (providing the platform).
• Your consent (processing session content and any sensitive data).
• Our legitimate interests (securing, maintaining, and improving the service), balanced against your rights.

AI processing

Transcription and analysis are performed using Microsoft Azure OpenAI, hosted in Switzerland and the EU, strictly to produce your results. Your sessions are not sent to providers outside Switzerland or the EU for AI processing. Your content is not sold and is not used to train public AI models.

Sub-processors

We rely on a small number of vetted providers to run Mnemia:

• Supabase: database, authentication, and storage, hosted in Switzerland (AWS Zurich).
• Microsoft Azure OpenAI: speech-to-text transcription in Switzerland, and text analysis and document/image processing in the EU; not used to train models.
• Vercel: application hosting and delivery.
• Resend: transactional and notification emails (United States).

Each provider is bound by a data-processing agreement. The full, current list with processing locations is published on our Sub-processors page.

Security

Session content and notes are encrypted at rest and decrypted only when shown to an authorised user. Access is restricted by role, and a client can only ever see the content their coach has approved for them.

Retention

We keep your data for as long as your account is active, and delete or anonymise it within a reasonable period after you close your account or request deletion, unless we must retain it to meet a legal obligation. After deletion we may keep anonymised, aggregated statistics that can no longer identify you, in order to understand and improve the product.

Your rights

Subject to applicable law, you have the right to:

• access the data we hold about you;
• have inaccurate data corrected;
• have your data erased;
• restrict or object to processing;
• receive your data in a portable format;
• withdraw consent at any time; and
• lodge a complaint with your data protection authority.

To exercise any right, email privacy@mnemia.ch.

International transfers

Your session content is stored in Switzerland and processed for AI in Switzerland and the EU. Some operational data, such as email delivery, is handled by a provider in the United States. Where data is processed outside Switzerland or the EEA, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses.

Cookies

We use only strictly necessary, first-party cookies, set by us to keep you signed in and to keep the service secure. They hold your login session and are not shared with, or readable by, other websites. We use no analytics, advertising, or cross-site tracking cookies.

Changes

We may update this policy as the product evolves. We’ll change the “last updated” date above and, for material changes, notify you in the app or by email.

This page is a working draft and does not constitute legal advice. It should be reviewed by qualified counsel and the bracketed details completed before launch.