Privacy Policy

Last updated: May 26, 2026

1. Introduction

This Privacy Policy describes how Maevum (“we,” “us,” or “our”) collects, uses, shares, and protects your personal information when you use the Maevum platform, including our website, applications, and related services (collectively, the “Services”).

The data controller responsible for your personal information is Maevum, contactable at privacy@maevum.ai. This Privacy Policy is incorporated into our Terms of Service.

2. Information We Collect

Information you provide

Account information. When you create an account, we collect your name, email address, and authentication credentials.
Content you submit. This includes messages, questions, and instructions you send through the Services; files, images, and documents you upload; audio and voice recordings; and links to external content (such as YouTube videos, Reddit posts, or web pages) that you ask us to process.
Memories. The Services create and store memories based on your conversations and the content you provide. Memories are personal information about you that the AI uses to personalize its responses over time.
Payment information. When paid features become available, payment is processed through Stripe. We do not store your full credit card number or payment credentials. Stripe collects and processes your payment information under its own privacy policy.
Communications. If you contact us for support, provide feedback, or report an issue, we collect the content of those communications.

Information collected automatically

Device and connection information. We collect your device type, operating system, browser type, IP address, and general location (derived from IP address).
Usage information. We collect information about how you interact with the Services, including access times, pages viewed, features used, and session duration.
Cookies and similar technologies. We use cookies and similar technologies as described in Section 10 of this policy.

Information from visitors without an account

Waitlist. If you join our waitlist, we collect your email address and IP address. We use this information solely to manage access to the Services and to contact you when access becomes available. Waitlist data is not used for marketing or shared with third parties.

Information from third parties

Authentication providers. If you sign in using a third-party provider (such as Google), we receive your name, email address, and profile information as authorized by you through that provider.

3. How We Use Your Information

We use the information we collect to:

Provide the Services. This includes generating AI responses, creating and maintaining memories, processing content you submit (such as transcribing videos or extracting text from web pages), generating embeddings for search and retrieval, and extracting entities and relationships to personalize your experience.
Process your content through AI providers. To generate responses, your content is sent to third-party AI model providers. See Section 4 for details.
Ensure safety and enforce our terms. We review content and usage patterns to detect abuse, fraud, and violations of our Terms of Service.
Improve the Services. We analyze aggregated, de-identified usage data to understand how the Services are used and to improve their quality and performance. We do not use your personal content to train or fine-tune AI foundation models.
Communicate with you. We send service-related communications such as account verification, security alerts, and updates about the Services.
Process payments. When paid features become available, we use billing information to process transactions and manage subscriptions.
Comply with legal obligations. We may process your information to comply with applicable laws, regulations, or legal proceedings.

What we do not do

We do not use your content, memories, or stored data to train or fine-tune AI foundation models.
We do not sell your personal information.
We do not use your personal information for advertising or marketing by third parties.
We do not build profiles of you for the purpose of selling or sharing with advertisers.
We do not use automated decision-making that produces legal or similarly significant effects on you.

4. How We Share Your Information

We share your information only as described below. We do not sell your personal information and do not share it for advertising purposes.

AI model providers

To generate AI responses, your content is processed by third-party AI model providers, currently including OpenAI and Anthropic. We select providers whose terms prohibit training on customer data, and we configure our integrations to opt out of training where such options are available. However, we cannot guarantee the internal practices of third-party providers.

Infrastructure and service providers

We use third-party companies to host, operate, and support the Services, including cloud hosting, database services, media processing, rate limiting, and authentication. These providers access your data only as necessary to perform their services and are bound by agreements that restrict their use of your data and require them to protect it. A list of our current sub-processors is available upon request by contacting us at privacy@maevum.ai.

Legal obligations

We may disclose your information when required by law, legal process, or government request, or when we believe in good faith that disclosure is necessary to prevent fraud, address security issues, or prevent imminent harm to any person.

Business transfers

If Maevum is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

With your consent

We may share your information for other purposes with your explicit consent.

5. Your Rights and Controls

You have control over your data. The following rights are available to you regardless of where you are located. We will not discriminate against you for exercising any of these rights.

Access

You can view, search, and browse all data the Services store on your behalf, including memories, documents, and conversation history, directly through the Services.

Correction

You can edit your memories and account information at any time. Due to the nature of AI-generated content, it may not always be possible to correct specific outputs, but you can edit or delete the memories that influence future responses.

Deletion

You can delete individual memories, documents, and conversations at any time. When you delete content:

Your personal data associated with that content is deleted promptly, and in any case within 30 days.
Content derived from publicly available sources (such as YouTube videos or web pages) that you linked to may be retained in de-identified form, as the underlying content is publicly available and not unique to your account.
Content you uploaded that is not derived from a public source will be fully deleted.

Exclusion

For documents and other ingested sources, you can exclude specific items from being used by the AI without deleting the underlying data.

Data portability

You have the right to receive a copy of your personal data in a portable format. If self-serve export is not yet available, you may request an export by contacting us at support@maevum.ai.

Account deletion

You can delete your entire account at any time. Upon self-initiated account deletion, we will retain your data for up to 30 days to allow you to request an export, after which all of your personal data, including memories, conversations, preferences, and uploaded content, will be deleted. If we terminate your account for reasons other than your breach of our Terms (e.g., discontinuation of the Services), the same 30-day export window applies. If your account is terminated by us for violation of our Terms of Service, your data will be deleted without an export window. We may retain data as required by law or as necessary for ongoing legal proceedings.

Objection and restriction

If you believe we are processing your data in a way that is not consistent with this Privacy Policy, you may contact us at privacy@maevum.ai to object or request that we restrict processing of your data.

Complaints

If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with a data protection authority in your jurisdiction. For example, users in the EU/EEA may contact their local supervisory authority, users in the UK may contact the Information Commissioner’s Office (ICO), and users in Australia may contact the Office of the Australian Information Commissioner (OAIC).

To exercise any of these rights, you can use the controls available within the Services or contact us at privacy@maevum.ai. We will respond to requests within 30 days, or within the timeframe required by applicable law.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Services. Specific retention periods:

Account information. Retained while your account is active and for up to 30 days after self-initiated account deletion or no-cause termination to allow you to request a data export. This export window does not apply to accounts terminated for breach of our Terms.
Conversations. Retained until you delete them or delete your account.
Memories. Retained until you edit, delete, or exclude them, or delete your account.
Documents and sources. Your personal association with content is retained until you delete it or delete your account. De-identified data from publicly available sources may be retained indefinitely.
Uploaded files. Retained until you delete them or delete your account, then fully deleted within 30 days.
Usage and device data. Retained for up to 12 months for analytics and security purposes, then deleted or de-identified.

We may retain information for longer periods when required by law, to resolve disputes, or to enforce our agreements.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

Encryption of data in transit using TLS and at rest via our infrastructure providers
Per-user data isolation at the database level, ensuring each user can only access their own data
Authentication and access controls for all accounts
Rate limiting to prevent abuse
Secure integration protocols with external services, including cryptographic verification of incoming requests
Secrets and credentials stored securely and never in source code

No method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a data breach affecting your personal data, we will notify you without unreasonable delay and notify any applicable regulatory authorities in accordance with applicable law.

8. Children’s Privacy

The Services are not directed to anyone under the age of 18. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal data from a user under 18, we will promptly delete that data and terminate the account. If you believe a child under 18 has provided us with personal information, please contact us at privacy@maevum.ai.

9. International Data Transfers

The Services are operated from and data is processed in the United States. If you are accessing the Services from outside the United States, your information will be transferred to, stored, and processed in the United States and potentially other countries where our service providers operate. These countries may have different data protection laws than your country of residence.

Where required by applicable law, we rely on appropriate transfer mechanisms to ensure adequate protection for your data, including Standard Contractual Clauses approved by the European Commission (and equivalent clauses for the UK and Switzerland) or other legally valid mechanisms. You may request a copy of the relevant transfer safeguards by contacting us at privacy@maevum.ai.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Services.

Essential cookies

These are necessary for the Services to function, including authentication, session management, and security. You cannot opt out of essential cookies.

Analytics

We may use privacy-focused, cookieless analytics tools to understand how the Services are used and to improve them. When analytics are in use, they collect information about usage patterns in aggregated form without setting cookies or tracking individual users across third-party websites.

Managing cookies

You can manage cookies through your browser settings. Disabling cookies may affect the functionality of the Services.

We do not use advertising or marketing cookies. We do not use tracking technologies to build profiles for advertising purposes. We honor Global Privacy Control (GPC) signals. Because we do not sell or share personal information for advertising or cross-context behavioral profiling, a GPC signal does not change how we process your data — we already do not engage in the practices GPC opts out of. We do not currently respond to the older Do Not Track (DNT) browser signal, as there is no industry consensus on how to interpret it.

11. Legal Bases for Processing

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction that requires a legal basis for processing personal data, we rely on the following bases:

Purpose	Legal basis
Provide the Services (AI responses, memories, content processing)	Performance of our contract with you
Process payments	Performance of our contract with you
Send service-related communications	Performance of our contract with you
Ensure safety and enforce our terms	Legitimate interest (protecting our users and the Services)
Improve the Services (aggregated analytics)	Legitimate interest (improving service quality)
Comply with legal obligations	Legal obligation

Where we rely on legitimate interest, we have assessed that our interests do not override your fundamental rights and freedoms. You have the right to object to processing based on legitimate interest at any time by contacting us at privacy@maevum.ai.

12. Regional Supplements

The following additional disclosures apply depending on your location. These supplements are in addition to, and do not replace, the rest of this Privacy Policy.

European Economic Area and United Kingdom

If you are located in the EEA or UK, the following applies:

The legal bases for our processing of your personal data are described in Section 11.
You have the rights described in Section 5, including access, correction, deletion, portability, objection, and restriction.
International data transfers are conducted using Standard Contractual Clauses or other valid mechanisms as described in Section 9.
You have the right to lodge a complaint with your local data protection supervisory authority.
For privacy inquiries, contact us at privacy@maevum.ai.

Australia

If you are located in Australia, the following applies:

We handle your personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), to the extent applicable.
Your personal information will be disclosed to recipients located overseas, primarily in the United States, where our infrastructure and AI providers are located.
You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you are not satisfied with our handling of your personal information.

California, United States

If you are a California resident, the following applies under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Categories of personal information collected: identifiers (name, email, IP address), internet or electronic network activity (usage data, device info), audio/visual information (voice recordings, uploaded media), and inferences drawn from the above (memories, AI-generated content).
We do not “sell” or “share” your personal information as those terms are defined under the CCPA/CPRA.
We do not use sensitive personal information for purposes other than providing the Services.
You have the right to know what personal information we collect, request deletion, request correction, and opt out of the sale or sharing of personal information (though we do not sell or share it).
We will not discriminate against you for exercising any of your privacy rights.

13. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will provide at least 30 days’ notice via email or through the Services. If a change materially affects how we process your personal data, we will seek your explicit consent where required by applicable law. For non-material changes, the updated policy takes effect when posted. The “Last updated” date at the top of this page indicates when the policy was last revised.

Your continued use of the Services after the effective date of any changes constitutes acceptance of the updated Privacy Policy.

14. Contact

If you have questions about this Privacy Policy, want to exercise your data rights, or have a privacy concern, contact us:

Privacy inquiries: privacy@maevum.ai
General support: support@maevum.ai

← Back