← Back to Rememberly
Privacy Policy
Last updated: May 13, 2026 (cookies + local storage section)
Introduction
Rememberly is a private search engine for everything you save online. This policy describes what data we collect, how we use it, and your rights as a user.
If you have questions about this policy, contact us at privacy@rmmbrly.io.
What we collect
When you use Rememberly, we collect the following:
Account info
- Email address (for authentication)
- Display name if you provide one
- Account creation timestamp
Your saved content
- URLs you save
- Notes, highlights, and annotations you create
- Images, screenshots, and files you import
- Audio files you import (if applicable)
- AI-generated summaries, tags, and topics derived from your content
Search and usage data
- Search queries you make within Rememberly
- Items you open, save, or interact with
- Features you use (collections, spaces, highlights, etc.)
- General product analytics (events like screen views, button clicks)
Identifiers
- Your user ID (assigned by our auth system)
- Your device ID (used by analytics and crash reporting SDKs)
Purchase information
- Subscription tier and status
- Purchase history (managed by RevenueCat and Stripe; we do not receive or store your credit card details)
Diagnostic data
- Crash reports (via Sentry)
- Performance data (page load times, error rates)
How we use it
We use your data to:
- Operate the service: authenticate you, save and retrieve your content, search your library, generate AI summaries and tags.
- Personalize your experience: rank highlights and recommendations based on your activity.
- Improve the product: aggregate analytics to understand which features work and which don't.
- Process payments: manage your subscription via RevenueCat and Stripe.
- Diagnose issues: investigate crashes and errors.
We do not use your data to:
- Sell to advertisers or data brokers.
- Train machine learning models on your saved content.
- Share with third parties for purposes other than the service.
Third-party processors
We use the following services to operate Rememberly. These are processors — they handle data on our behalf and do not use it for their own purposes:
| Service | Purpose |
|---|
| Supabase | Database, authentication, file storage, edge functions |
| OpenRouter | LLM model routing (for AI enrichment) |
| OpenAI | Text embeddings (semantic search) |
| Anthropic | LLM (some enrichment flows) |
| ElevenLabs | Audio processing |
| Firecrawl | Web page fetching for saved URLs |
| Sentry | Error and performance monitoring |
| PostHog | Product analytics |
| Stripe | Payment processing |
| RevenueCat | Subscription management |
| Vercel | Web hosting |
Each of these services has its own privacy policy. Your saved content is sent to AI providers only to generate enrichments (tags, summaries) — it is not retained by those providers for training.
Instagram integration (Meta Platforms)
If you choose to connect your Instagram account, Rememberly uses the Instagram Login API (operated by Meta Platforms, Inc.) to read posts and reels you have authored. We request only the instagram_business_basic scope. We do not request, read, or store posts authored by other Instagram users on your behalf.
What we receive from Meta when you connect:
- Your Instagram username and Instagram-assigned user ID.
- A long-lived OAuth access token (valid for 60 days, automatically refreshed before expiry).
- For posts you save to Rememberly that you have authored: the post's caption text, media URL, timestamp, and permalink.
How we store and use it:
- Access tokens are encrypted at rest using AES-256-GCM with a per-deployment key. They are never returned to the client and never logged in plaintext.
- Captions are stored alongside your other saved items and are subject to the AI processing described above.
- We do not share Instagram data with advertisers, data brokers, or any third party other than the AI processors listed above.
Disconnecting:
- You can disconnect Instagram at any time from Profile → Integrations → Instagram → Disconnect. Disconnecting immediately deletes your access token from our database.
- You can also revoke access from Instagram itself at accounts.instagram.com/accounts/manage_access. When you do, Meta sends a deauthorize webhook to Rememberly which automatically removes your token.
- Per Meta's Data Deletion Callback requirements, requesting full data deletion through Instagram's settings will cause Rememberly to delete your stored Instagram token within 24 hours.
Cookies and local storage
Rememberly is a logged-in product, not an ad-supported one. We use cookies and browser storage only for the minimum needed to keep you signed in, remember your in-app preferences, and understand which features work. We do not set advertising cookies, third-party tracking cookies, or social-media pixels.
| Cookie / storage | Set by | Purpose | Retention |
|---|
sb-*-auth-token (and related) |
Supabase |
Strictly necessary — keeps you signed in across page loads. Without it you would be logged out on every refresh. |
Session + refresh window (rotated by Supabase Auth) |
ph_* cookies + localStorage entries |
PostHog |
Product analytics — feature-funnel and retention metrics, in our own PostHog instance. First-party; no cross-site tracking. |
Up to 1 year (PostHog default); reset when you clear browser data |
theme, library-view, and similar UI preferences |
Rememberly (localStorage) |
Strictly necessary — remembers your dark/light mode and last-used filters so the UI doesn't reset between visits. |
Until you clear browser data |
We do not set or allow:
- Advertising cookies, retargeting pixels, or programmatic-ad SDKs.
- Social-media tracking pixels (Meta Pixel, TikTok Pixel, X Pixel, etc.).
- Third-party data brokers or audience-segmentation cookies.
You can clear all Rememberly cookies and localStorage at any time from your browser's site settings (signing out via Profile → Sign out revokes the auth token server-side as well). On iOS, the app uses native secure storage instead of cookies for the auth session.
Data retention
- Your account and content remain in our systems for as long as your account is active.
- When you delete your account, we delete your data within 30 days.
- Backups may retain copies for up to 90 days.
- Aggregate, de-identified analytics may be retained longer.
Your rights
You can:
- Access your data: everything you save is visible in your library.
- Export your data: use the in-app export feature to download your library as JSON or CSV.
- Delete your account: contact us at privacy@rmmbrly.io or use the in-app delete account flow.
- Restrict processing: disable optional integrations (sync, enrichment) from your settings.
Children's privacy
Rememberly is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with data, contact us at privacy@rmmbrly.io.
Rememberly's App Store rating is 17+, reflecting the unrestricted web content users can save.
Changes to this policy
We will update this policy when our data practices change. The "Last updated" date at the top reflects the most recent change. We will notify users of material changes via in-app notification or email.
Contact
For privacy questions, requests, or complaints: privacy@rmmbrly.io
© 2026 Rememberly. All rights reserved.