Retinere

Retinere Privacy Policy

Version retinere-privacy-TODO. This legal text contains launch TODO placeholders that must be replaced before launch.

Retinere Privacy Policy

Last updated: 25 May 2026

Version: retinere-privacy-TODO

Operator: [LEGAL_OPERATOR_NAME]

Registered address: [REGISTERED_ADDRESS]

Contact: [PRIVACY_EMAIL]

Website: [WEBSITE_URL]

Company registration / UID / VAT details: [COMPANY_REGISTRATION_DETAILS]

Plain-English summary

Retinere helps you remember things. To do that, it stores and processes information you choose to save, including memories, notes, reminders, prompts, associations, review history, generated summaries, retrieval metadata, and related technical data.

Your saved content may include personal, sensitive, private, professional, or commercially confidential information. You decide what to store.

Retinere uses your data to provide the service, retrieve relevant memories, run reminders and reviews, support ChatGPT and other integrations, secure accounts, prevent abuse, provide support, process payments where applicable, and maintain the product.

When you use Retinere through ChatGPT or another integration, Retinere may send relevant account, request, memory, and retrieval data to that integration so it can perform the action you requested.

Temporary trial accounts use generated identifiers or placeholder email addresses. They are not fully registered accounts and should not be treated as anonymous.

Retinere does not sell your personal data.

Retinere does not use your private memories or user content to train AI models unless you explicitly opt in.

You can request access, correction, export, or deletion of your data, subject to legal, security, backup, billing, abuse-prevention, and technical limits.

1. Who we are

Retinere is operated by:

[LEGAL_OPERATOR_NAME]

[REGISTERED_ADDRESS]

[COUNTRY]

Email: [PRIVACY_EMAIL]

Website: [WEBSITE_URL]

Company registration / UID / VAT: [COMPANY_REGISTRATION_DETAILS]

For privacy questions or requests, contact: [PRIVACY_EMAIL]

Replace these placeholders before launch.

2. What this Privacy Policy covers

This Privacy Policy explains how Retinere collects, uses, stores, shares, protects, exports, and deletes personal data when you use:

  • the Retinere website;
  • the Retinere web app;
  • Retinere APIs;
  • the Retinere ChatGPT app or integration;
  • reminders, review tools, search, retrieval, and memory features;
  • temporary trial accounts;
  • account, billing, support, and security features.

This Privacy Policy should be read together with the Retinere Terms of Service and, where applicable, the Cookie Notice.

3. Personal data we collect

Retinere may collect and process the categories of personal data described below.

Account data

This may include:

  • name, if provided;
  • email address;
  • login credentials or authentication identifiers;
  • account settings;
  • subscription status;
  • email verification status;
  • account creation timestamps;
  • login timestamps;
  • account status;
  • user IDs and internal account identifiers.

Temporary trial account data

If you use Retinere through a temporary trial account, Retinere may generate or process:

  • a placeholder email address;
  • an internal account ID;
  • session identifiers;
  • browser or device tokens;
  • integration identifiers;
  • trial start timestamps;
  • trial expiry timestamps;
  • account conversion timestamps.

A placeholder email address is not your real email address, but information linked to a temporary account may still be personal data if it can identify you directly or indirectly.

User content

“User content” means information you choose to save, enter, upload, import, generate, retrieve, connect, or otherwise make available through Retinere.

This may include:

  • memories;
  • notes;
  • prompts;
  • reminders;
  • spaced-repetition items;
  • associations;
  • tags;
  • uploaded or pasted text;
  • generated summaries;
  • retrieved context;
  • project references;
  • people, place, and event references;
  • information about you;
  • information about other people.

User content may include sensitive personal data depending on what you choose to store.

Memory and retrieval metadata

To make Retinere useful, we may process metadata and derived information such as:

  • timestamps;
  • review history;
  • reminder history;
  • recall strength or scheduling data;
  • associations between memories;
  • search and retrieval signals;
  • embeddings or vector representations;
  • generated summaries;
  • classifications;
  • relevance scores;
  • integration context;
  • tool-call metadata;
  • deletion/export status;
  • account-conversion status.

ChatGPT and integration data

When you use Retinere through ChatGPT or another integration, Retinere may process:

  • integration account identifiers;
  • OAuth or authorisation metadata;
  • prompts or requests sent to Retinere;
  • tool calls;
  • retrieved memories or context returned to the integration;
  • generated summaries returned to the integration;
  • timestamps;
  • error logs;
  • security logs;
  • metadata needed for troubleshooting and abuse prevention.

Usage, device, and technical data

Retinere may collect:

  • IP address;
  • browser type and version;
  • device information;
  • operating system;
  • approximate location inferred from IP address;
  • referral URLs;
  • pages or features used;
  • timestamps;
  • error logs;
  • diagnostics;
  • performance data;
  • security events;
  • abuse-prevention signals.

Billing data

If you subscribe to a paid plan, payment processing may be handled by [PAYMENT_PROVIDER].

Retinere may receive and store:

  • billing email;
  • payment-provider customer ID;
  • subscription status;
  • plan type;
  • invoices or invoice metadata;
  • payment status;
  • renewal status;
  • cancellation status;
  • tax or VAT information where applicable.

Retinere should not store full payment card numbers unless this is explicitly implemented and legally reviewed. Prefer using payment-provider tokens and customer IDs.

4. Why we use personal data

Retinere uses personal data to:

  • create and manage accounts;
  • provide temporary trial accounts;
  • convert temporary trial accounts into registered accounts;
  • authenticate users;
  • save, retrieve, organise, and review memories;
  • generate associations, summaries, reminders, and review schedules;
  • run ChatGPT and other integrations requested by the user;
  • provide search and retrieval;
  • send account, service, billing, security, and support messages;
  • process subscriptions and payments;
  • provide support;
  • troubleshoot bugs;
  • monitor performance;
  • prevent fraud, spam, scraping, misuse, and abuse;
  • secure the service;
  • maintain audit records;
  • comply with legal obligations;
  • enforce the Terms of Service;
  • improve Retinere where permitted by this Policy and user settings.

5. AI processing and model training

Retinere may use AI systems, language models, embeddings, ranking, summarisation, classification, and related techniques to provide memory, retrieval, review, and association features.

Retinere may process user content to:

  • store memories;
  • retrieve relevant memories;
  • generate summaries;
  • suggest associations;
  • schedule reviews;
  • answer user requests;
  • provide ChatGPT or other integration features requested by the user.

Retinere does not use your private memories or user content to train AI models unless you explicitly opt in.

Retinere may use aggregated, anonymised, or non-identifying operational data to understand and improve the service.

[LEGAL_REVIEW_TODO: confirm exact wording once OpenAI/API/model-provider settings are final.]

[MODEL_PROVIDER_TODO: list relevant AI/model/API providers before launch.]

6. ChatGPT and third-party integrations

When you use Retinere through ChatGPT or another connected service, Retinere may send information to that service so it can perform the action you requested.

This may include:

  • your request;
  • relevant retrieved memories;
  • generated summaries;
  • account or integration identifiers;
  • tool-call metadata;
  • timestamps;
  • information needed to display or complete the requested action.

Retinere aims to send only the information reasonably needed for the requested action.

Third-party services have their own terms, privacy policies, security practices, and data practices. You should review them before connecting Retinere.

You can disconnect integrations where Retinere provides this functionality, or by changing settings in the connected third-party service.

[CHATGPT_INTEGRATION_TODO: confirm exact data returned by Retinere tools before launch.]

7. Temporary trial accounts and generated identifiers

Retinere may allow limited use of the service through a temporary trial account before you provide a real email address.

For such accounts, Retinere may generate a placeholder email address, internal account ID, session identifier, device/browser token, integration identifier, or similar technical identifier. These are used to provide the trial, maintain your session, prevent abuse, secure the service, and allow you to convert the trial account into a normal account if you choose to do so.

Although a placeholder email address is not your real email address, information connected with a temporary account may still be personal data if it can be linked to you directly or indirectly. This may include saved memories, notes, prompts, usage data, IP address, browser or device information, ChatGPT integration data, timestamps, and support messages.

Temporary trial accounts are active for 7 days unless Retinere states otherwise.

Unless you convert the account, request deletion, or Retinere needs to retain limited records for security, abuse prevention, legal compliance, or troubleshooting, temporary trial account data may be deleted or made inaccessible after the 7-day trial period.

Retinere may keep limited recovery data for up to 30 days after the trial ends to allow account recovery or conversion. This does not guarantee that a temporary trial account or its content will always be recoverable.

8. Who we share data with

Retinere may share personal data with service providers that help operate the service, such as:

  • hosting providers;
  • database providers;
  • object storage providers;
  • email delivery providers;
  • payment processors;
  • analytics providers, if used;
  • error monitoring and logging providers;
  • AI/model/API providers;
  • support and operations tools;
  • ChatGPT or other integrations chosen by the user.

Retinere does not sell personal data.

Retinere may also disclose data where necessary to:

  • comply with law;
  • respond to lawful requests;
  • enforce the Terms of Service;
  • protect Retinere, users, or third parties;
  • investigate abuse, fraud, or security incidents;
  • complete a business transfer such as a merger, acquisition, restructuring, or sale of assets.

[PROCESSOR_LIST_TODO: list actual providers before launch, including hosting, database, storage, email, payment, analytics, error monitoring, OpenAI/API providers, and support tools.]

9. International transfers

Retinere is operated from Switzerland, but service providers may process data in other countries.

Where personal data is transferred internationally, Retinere will take steps intended to protect it according to applicable law.

These steps may include using providers in countries recognised as providing adequate protection, contractual safeguards, standard contractual clauses, data-processing agreements, technical safeguards, or other lawful transfer mechanisms.

[TRANSFER_MECHANISM_TODO: confirm destination countries, providers, and safeguards before launch.]

10. Retention

Retinere keeps personal data only for as long as reasonably needed for the purposes described in this Policy, unless a longer period is required or permitted by law.

Indicative retention periods:

  • active account data: while the account is active;
  • user content: while stored by the user or until deletion/export rules apply;
  • temporary trial account data: active for 7 days, with limited recovery data retained for up to 30 days after the trial ends;
  • billing records: [BILLING_RETENTION_TODO];
  • security and abuse-prevention logs: [SECURITY_LOG_RETENTION_TODO];
  • backups: [BACKUP_RETENTION_TODO];
  • support messages: [SUPPORT_RETENTION_TODO];
  • integration logs: [INTEGRATION_LOG_RETENTION_TODO];
  • analytics data, if used: [ANALYTICS_RETENTION_TODO].

Deletion may take additional time from backups, logs, caches, search indexes, vector indexes, billing systems, and security systems.

Retinere may retain limited records where needed for legal compliance, accounting, fraud prevention, abuse prevention, security, dispute handling, or enforcement of the Terms of Service.

11. Export, deletion, correction, and access

You may request access to, correction of, export of, or deletion of your personal data by using available account tools or contacting [PRIVACY_EMAIL].

We may need to verify your identity before acting on a request.

We may refuse, delay, or limit a request where permitted by law, for example where retention is needed for:

  • security;
  • fraud prevention;
  • abuse prevention;
  • legal obligations;
  • billing records;
  • tax or accounting records;
  • dispute handling;
  • protecting other users;
  • protecting Retinere’s legal rights.

If data includes information about other people, we may need to consider their rights before providing export, access, correction, or deletion.

[EXPORT_FORMAT_TODO: confirm whether export is JSON, CSV, Markdown, HTML, or request-based only for launch.]

[DELETION_FLOW_TODO: confirm whether deletion is self-service or support-request based for launch.]

12. Logging and diagnostics

Retinere may keep logs and diagnostics to operate, secure, debug, and improve the service.

Logs may include timestamps, account IDs, request metadata, integration metadata, IP addresses, user-agent information, error messages, and security events.

Retinere aims to avoid storing raw prompt text, full memory content, secrets, or unnecessary personal data in logs unless needed for troubleshooting, security, abuse prevention, or legal compliance.

Where practical, Retinere will use redaction, minimisation, access controls, and retention limits for logs.

[LOGGING_TODO: confirm actual logging/error-monitoring providers and whether raw prompts or memory content are ever logged.]

13. Security

Retinere uses reasonable technical and organisational measures intended to protect personal data.

These may include:

  • access controls;
  • encryption in transit;
  • provider security controls;
  • audit logs;
  • separation of environments;
  • backups;
  • monitoring;
  • least-privilege access;
  • operational security procedures.

No service can guarantee perfect security.

You are responsible for protecting your devices, sessions, email account, passwords, and integration connections.

You should not store passwords, API keys, private keys, recovery phrases, or other secrets in Retinere unless Retinere expressly provides a feature designed for that purpose.

Report security concerns to [SECURITY_EMAIL].

14. Children

Retinere is not intended for children.

Users below the applicable age of digital consent in their jurisdiction must not use Retinere unless Retinere expressly supports that use and lawful parental or guardian consent has been obtained.

15. Cookies and similar technologies

The Retinere marketing site does not use non-essential cookies, advertising cookies, or tracking cookies.

Retinere may use strictly necessary cookies or similar technologies in the app for login, authentication, session security, temporary trial continuity, fraud prevention, and remembering legal acceptance state.

These technologies are needed for the service to work and are not used for advertising.

Retinere may process basic server logs for security, reliability, debugging, and abuse prevention. Logs may include IP address, user agent, requested URL, referrer, and timestamp. Retention is limited according to this Privacy Policy.

If Retinere later adds analytics, advertising pixels, embedded third-party content, or other non-essential tracking technologies, the Cookie Notice will be updated and consent will be requested where required.

[COOKIE_NOTICE_TODO: confirm before launch that the marketing site does not use analytics, advertising pixels, embedded third-party tracking, or other non-essential cookies.]

16. Your choices and controls

Depending on the features available in your account, you may be able to:

  • edit memories;
  • delete memories;
  • export data;
  • disconnect integrations;
  • change notification or reminder settings;
  • update your email address;
  • convert a temporary trial account into a registered account;
  • delete your account;
  • contact Retinere for privacy requests.

Some controls may not be available for temporary trial accounts until you add and verify a real email address.

17. Business transfers

If Retinere is involved in a merger, acquisition, restructuring, financing, sale of assets, or transfer of business, personal data may be transferred as part of that transaction.

Retinere will aim to ensure that any successor continues to protect personal data consistently with this Privacy Policy or provides notice of material changes where required.

18. Changes to this Policy

Retinere may update this Privacy Policy from time to time.

Material changes will be notified where appropriate, such as by email, in-app notice, or renewed acceptance.

The current version and last updated date will be shown at the top of this Policy.

If you do not agree with the updated Privacy Policy, you should stop using Retinere and may request export or deletion according to this Policy.

19. Contact

For privacy questions or requests, contact:

[LEGAL_OPERATOR_NAME]

[REGISTERED_ADDRESS]

Email: [PRIVACY_EMAIL]

For security reports, contact:

[SECURITY_EMAIL]

Developer checklist:

  • Keep all TODO placeholders visible.
  • Do not replace legal/operator placeholders with guessed values.
  • Confirm the privacy document is publicly accessible before signup/trial acceptance.
  • Confirm the Terms acceptance flow records the Privacy Policy version shown to the user.
  • Confirm temporary trial retention matches product behaviour: 7 days active plus up to 30 days limited recovery data.
  • Confirm private memories/user content are not used for AI model training unless explicit opt-in is implemented.
  • Confirm ChatGPT integration data disclosures match the actual tool behaviour.
  • Confirm processor list before launch.
  • Confirm international transfer wording before launch.
  • Confirm cookie/analytics position before launch.