We understand that your memories are irreplaceable. Here is exactly how we protect them — with transparency, care, and the highest standards.
Your Memory Palace runs on Vercel, a world-class hosting platform with a global content delivery network (CDN). Every page loads fast, and every connection is automatically secured with HTTPS.
All your data is stored on Supabase PostgreSQL in Frankfurt, Germany — safely within the European Union. This means your memories are protected by strict EU data protection laws (GDPR).
We follow the General Data Protection Regulation to the letter. Your personal data is processed lawfully and transparently, and only for the purposes you have agreed to.
Every connection between your device and our servers uses TLS 1.2 or higher, ensuring strong transport encryption. Nobody can read your data as it travels over the internet.
Your database is encrypted with AES-256, the same standard used by banks and governments. Even if someone accessed the physical servers, your data would be unreadable.
Your photos, videos, and documents are stored in Supabase Storage, which is also encrypted at rest. Files are only accessible through authenticated, time-limited links.
Your password is never stored in plain text. It is hashed using bcrypt through Supabase Auth, making it practically impossible to reverse-engineer.
Sign in securely with your email address and password. Your credentials are handled by Supabase Auth, a battle-tested authentication system.
Prefer to sign in with Google or Apple? We support OAuth 2.0 social login — your password is never shared with us when you use these options.
For extra peace of mind, you can enable two-factor authentication (2FA) using a TOTP app like Google Authenticator. This adds a second layer of protection to your account.
Every database table is protected by Row Level Security (RLS). This means you can only ever access your own data — this is enforced at the database level, not just in our code.
Your login sessions use JSON Web Tokens (JWT), which are short-lived and cryptographically signed. Sessions expire automatically, keeping your account safe even if you forget to log out.
You can download everything — all your memories, stories, and photos — as a JSON file with a ZIP of your media. Your data always belongs to you.
If you choose to delete your account, all your data is permanently removed. Deletion cascades through every table — nothing is left behind.
We ask for your permission before setting any non-essential cookies. You can change your preferences at any time through our cookie consent controls.
We will never sell your data, show you advertisements, or track you across the web. Your memories are private, and that is a promise.
You can designate trusted family members as legacy contacts for digital inheritance. When the time comes, your memories can be passed on to the people you choose.
Your data is backed up automatically every day. In the unlikely event of a problem, we can restore your palace to its most recent state.
Our database supports point-in-time recovery, meaning we can restore data to any moment within the retention window — not just the last backup.
Files are stored with redundancy across multiple availability zones. Even if one data center has issues, your memories remain safe and accessible.
If you have questions about how we handle your data, or if you want to exercise any of your rights under GDPR, please contact us at privacy@thememorypalace.ai. We are here to help.
Your memories deserve a safe, beautiful home. Get started for free — no credit card required.
Create Your Memory Palace