← Back to home

Privacy Policy

SenseFlow, Inc.

Effective Date: January 1, 2026

Introduction

SenseFlow, Inc. ("SenseFlow," "we," "us," or "our"), a Delaware corporation with its principal place of business at 131 Continental Dr, Suite 305, Newark, DE 19713, is committed to protecting your privacy.

This Privacy Policy explains how we collect, use, and protect information when you use MemoryLane, our desktop application and related services (collectively, the "Services"). By using our Services, you agree to the practices described in this Privacy Policy.

Core Principle: You only share what you choose to share. Your data stays on your device unless you explicitly choose to share it, with the following exceptions: (1) if using Scenario A, the app contacts api.trymemorylane.com on startup to validate your subscription using a device identifier; (2) on first use, the local embedding model is downloaded from huggingface.co.

Information We Collect

Screenshots (Ephemeral)

MemoryLane captures screenshots of your screen at approximately 1-second intervals during activity sessions (bounded by application switches, 5-second inactivity gaps, and a 5-minute maximum session duration). Screenshots are captured from all visible windows, including incognito/private browser windows, when they are the active window during a capture interval. These screenshots are:

  • Processed to extract semantic meaning (a text description of what was on screen)
  • Cleaned up after processing — a background sweep runs every 10 minutes and removes screenshot and video files older than 1 hour
  • Never stored by SenseFlow or our AI service providers
  • Never leave your device unless you use cloud AI processing (Scenario A), in which case:
    • Video mode (attempted first in the default auto mode): Captured frames are stitched into a 1 FPS MP4 video and transmitted
    • Image mode (fallback): Up to 6 compressed frames per session are transmitted

Semantic Data (Stored Locally)

The AI-extracted descriptions of your screen activity are stored in a local SQLite database on your device. This data:

  • Remains on your device at all times
  • Is stored in a local SQLite database — unencrypted; protected by OS-level file permissions and your user account access controls. Any process running as the same OS user can access the database.
  • Is fully under your control — you can view and export it anytime. To delete stored activity data, you must manually delete the database file (see Data Retention section for paths).
  • Is never transmitted to SenseFlow servers

Account Information

If you create an account or purchase a subscription, we collect:

  • Name and email address
  • Company name (for business accounts)
  • Payment information (processed by our payment provider)

Usage Data

The MemoryLane desktop application does not collect any analytics, telemetry, or usage statistics. The app does not phone home with feature usage, crash reports, or performance metrics. All logging is local only (see local log paths in our Security & Technical Overview).

Note: Our website (trymemorylane.com) does collect analytics via PostHog — see the Cookies and Website section below.

Note: The app does contact api.trymemorylane.com on startup to validate subscriptions using a device identifier. This is for licensing purposes only, not analytics. See the Account Information section above.

Interaction Monitoring

MemoryLane monitors user interaction to detect activity sessions and provide productivity context:

Input TypeWhat IS CollectedWhat is NOT Collected
KeyboardSession duration, key count, active window titleKeystroke content (what you type)
MouseClick position (x, y coordinates)Click count (not persisted), what was clicked on (content)
ScrollCumulative scroll amount, direction (vertical/horizontal)Scroll content
Window focusWindow title, process name, bundle ID, browser URL, previous windowWindow content (captured separately via screenshots)

Interaction data is collected via uiohook-napi (keyboard, mouse, scroll) and native sidecar binaries (window/app changes, browser URLs). Interaction metadata is used ephemerally for session windowing and is not durably stored in the database. It is never transmitted to SenseFlow or any third party.

Additional Local Data Processing

The following processing occurs entirely on your device and never involves data transmission to SenseFlow:

  • OCR (Optical Character Recognition): On-screen text is extracted locally using macOS Vision framework or Windows native OCR
  • Embeddings: Semantic search vectors are generated locally using @huggingface/transformers with the all-MiniLM-L6-v2 model. On first use, the model (~100 MB) is downloaded from huggingface.co and cached locally; no user data is sent during this download
  • Video stitching: Screenshot sequences are stitched into short video clips locally via FFmpeg
  • Token tracking: AI API token consumption is tracked locally for usage monitoring

MCP Server

MemoryLane includes an optional Model Context Protocol (MCP) server that allows compatible AI assistants (e.g., Claude, Cursor) to query your local activity data.

  • The MCP server runs locally via stdio. On first use, the embedding model is downloaded from huggingface.co if not already cached; all subsequent communication is local only
  • You must explicitly configure your AI assistant to connect to the MCP server
  • SenseFlow has no access to MCP queries or responses
  • The MCP server can be disabled at any time in app settings

How We Process Your Data

MemoryLane offers three AI processing options. What happens to your data depends on which option you or your organization chooses:

Scenario A: OpenRouter (Default)

When using the default cloud processing, your data goes directly from your device to OpenRouter — SenseFlow does not proxy or route your data:

  1. Screenshots are captured on your device during activity sessions
  2. Depending on the capture mode:
    • Auto mode (default): Attempts video first and falls back to image mode if video processing is unavailable or fails.
    • Video mode: Captured frames are stitched into a 1 FPS video via FFmpeg. The video is sent alongside activity metadata for summarization.
    • Image mode: Up to 6 key screenshots are sampled and sent as images for summarization.
  3. The video or images are sent via TLS-encrypted connection directly to OpenRouter API. OpenRouter load-balances and geo-balances requests across AI providers.
  4. OpenRouter routes to the appropriate AI model chain:
    • Video mode: Gemini 2.5 Flash Lite (preview), Gemini 3 Flash (preview), or Molmo 2 8B — via ZDR-compliant endpoints (e.g., Google Vertex)
    • Image mode: Mistral Small 3.2 or Gemini 2.5 Flash Lite — via ZDR-compliant endpoints
    • Pattern detection (Pro): Kimi K2.5 via ZDR-compliant endpoint — receives activity metadata including text summaries, window titles, app names, domain names, and timestamps (no images)
  5. Zero Data Retention (ZDR) is enabled at the OpenRouter account level for managed API keys. When ZDR is enabled, OpenRouter only routes to ZDR-compliant endpoints. If you bring your own OpenRouter key, you are responsible for enabling ZDR in your account settings.
  6. Only semantic data (text) returns to your device
  7. Screenshots and video files are cleaned up after processing; a background sweep removes files older than 1 hour

Sub-processors for Scenario A:

  • OpenRouter (AI API routing and processing) — ZDR enabled for managed keys. OpenRouter routes requests to ZDR-compliant AI provider endpoints (e.g., Google Vertex for Gemini models). See OpenRouter's ZDR provider list for current downstream providers.
  • Stripe (payment processing — via browser redirect, no screen data)
  • Hugging Face (one-time embedding model download — no user data transmitted)
  • GitHub (application update checks and downloads)

Scenario B: Your Cloud AI Endpoint

When you configure your own AI endpoint:

  • Screenshots are sent to your chosen endpoint
  • SenseFlow never sees your data
  • You are responsible for your endpoint's privacy practices

Scenario C: Fully Local Models

When using local AI models:

  • No data ever leaves your device
  • Processing happens entirely on your machine
  • Maximum privacy and air-gap capability

What We Do NOT Collect

SenseFlow does not:

  • Store your screenshots on our servers
  • Access the content of your semantic data
  • Record keystroke content (what you type) — MemoryLane monitors typing session duration and key count for activity detection only, via uiohook-napi
  • Record audio
  • Collect any analytics, telemetry, or usage statistics in the desktop application — all logging is local only (our website uses PostHog for analytics; see Cookies and Website section)
  • Exempt incognito/private browser windows from capture — screenshots are captured from all visible windows including incognito/private windows when they are the active window during a capture interval. You can mitigate this by pausing capture when using private browsing

Data Sharing

We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties.

Service Providers

We work with service providers to operate our business:

ProviderPurposeData Accessed
OpenRouterAI API routing and processing (Scenario A)Video or screenshots, activity metadata. Routes to ZDR-compliant provider endpoints (see OpenRouter ZDR list).
StripePayment processingPayment and subscription info (via browser redirect)
Hugging FaceEmbedding model hostingModel download request only — no user data
GitHubApplication updatesUpdate check requests

Legal Requirements

We may disclose information if required by law, regulation, or legal process.

Business Transfers

If SenseFlow is involved in a merger, acquisition, or sale, your information may be transferred as part of that transaction. We will notify you of any such change.

Workplace Use and Employee Privacy

MemoryLane is designed for business use. When your employer deploys MemoryLane:

  • Your employer is the data controller for any personal data processed
  • SenseFlow acts as a data processor or service provider
  • Your employer must provide you with notice before deployment (see our Employee Notice template)
  • You retain control over your local data — you can pause, view, and export your data

Employees: If you have questions about how your employer uses MemoryLane, please contact your employer's IT or HR department.

Your Rights and Choices

Access Your Data

All your semantic data is stored locally on your device. You can view it anytime within the MemoryLane app.

Delete Your Data

Screenshot and video files are automatically cleaned up after processing (background sweep removes files older than 1 hour). To delete stored activity data (semantic summaries, OCR text, and embeddings), you must manually delete the SQLite database file:

  • macOS: ~/Library/Application Support/MemoryLane/memorylane.db
  • Windows: %APPDATA%\MemoryLane\memorylane.db

You can also delete your API key and reset capture settings through the app's interface.

Export Your Data

You can export your local database as a ZIP file containing the SQLite database. This requires SQLite-compatible tooling to read.

Pause Collection

You can pause screenshot capture at any time with one click. No data is collected while paused.

Uninstall

You can uninstall MemoryLane at any time. Standard OS uninstallation removes the application binary but does not automatically delete user data. To completely remove all data, you must manually delete the application data directories:

  • macOS: ~/Library/Application Support/MemoryLane/ and ~/Library/Logs/MemoryLane/
  • Windows: %APPDATA%\MemoryLane\

No Desktop App Analytics

The MemoryLane desktop application does not collect any analytics, telemetry, or usage statistics. No data is sent to SenseFlow for analytics purposes from the app.

Our website (trymemorylane.com) does use PostHog for analytics — see the Cookies and Website section below.

Data Security

We implement appropriate security measures to protect your information:

  • Credential encryption: API keys and device ID are encrypted via Electron safeStorage (uses macOS Keychain / Windows DPAPI to derive encryption keys; encrypted data stored in local config files)
  • Local database: SQLite — unencrypted; protected by OS-level file permissions and user account access controls
  • Encryption in transit: All API communications use HTTPS/TLS (TLS version negotiated by the OS and server)
  • Zero Data Retention: ZDR is enabled at the OpenRouter account level for managed API keys (see our Security & Technical Overview)
  • Open source: Our desktop client code is publicly auditable. The managed backend service (api.trymemorylane.com) is proprietary

Data Retention

  • Screenshots and video files: Cleaned up after processing; background sweep removes files older than 1 hour
  • Semantic data, OCR text, and embeddings: Stored locally in the SQLite database indefinitely. No in-app deletion interface currently exists; to delete, manually remove the database file (see paths in Delete Your Data section above)
  • Interaction metadata: Used ephemerally for session windowing; not durably stored in the database
  • Account information: Retained while your account is active and for a reasonable period thereafter for legal and business purposes

International Users

SenseFlow is based in the United States. If you use our Services from outside the US:

  • Your data processing (Scenario A) occurs in the US and/or regions where our AI providers operate
  • Local storage on your device remains in your jurisdiction
  • We comply with applicable data protection laws, including GDPR for EU users

For EU/EEA Users

Under GDPR, you have additional rights including:

  • Right to access, rectification, and erasure
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

To exercise these rights, contact us at founders@trymemorylane.com.

Children's Privacy

MemoryLane is not intended for use by children under 18. We do not knowingly collect information from children. If you believe a child has provided us with personal information, please contact us.

Cookies and Website

Our website (trymemorylane.com) uses cookies and analytics:

  • Essential functionality: Required for site operation
  • Analytics: We use PostHog to collect website usage data including page views, visitor interactions, and referral sources. PostHog may set cookies to distinguish unique visitors and track sessions. This data helps us understand how visitors use our website and improve our marketing.
  • Preference storage: Storing your site preferences

You can control cookies through your browser settings. Website analytics data is separate from the MemoryLane desktop application — the desktop app does not collect or transmit any analytics.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy with a new effective date
  • Sending an email to account holders (for significant changes)

Your continued use of the Services after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our privacy practices:

Email: founders@trymemorylane.com

Mail: SenseFlow, Inc. 131 Continental Dr, Suite 305 Newark, DE 19713 United States

Website: trymemorylane.com