Privacy Policy
This policy explains what personal data Memline collects, why we collect it, and what rights you have. It applies to the Memline app, the Memline admin interface, and our website.
Who we are
Memline is operated by Anders Östberg, trading as Tonsäkert, an enskild firma registered in Sweden. We are the data controller for the personal data described below. You can reach us at aostberg@gmail.com.
What we collect
- Email address — for sign-in and to send you authentication codes.
- Display name (optional) — shown to your institution's administrator so they can recognise you.
- The texts you save — your personal library of pieces, including any translations, IPA, and your memorisation progress.
- Institution membership — if you join an institution (e.g. an opera house) using an access code, we record which institution and which groups within it you belong to.
- Technical data — basic, short-lived authentication tokens stored on your device.
We do not use analytics, advertising trackers, or cookies for tracking purposes. We do not collect data about how you use the app (which features you tap, when, etc.).
Why we process this data (legal basis)
We process your personal data on the basis of contract (GDPR Article 6(1)(b)) — it is necessary to provide the Memline service to you. Without an email address we cannot sign you in; without your texts we cannot help you memorise them.
Who has access
- You — full access to your own data within the app.
- Your institution's administrator, if you have joined one — sees your email, display name, and group memberships, but not your personal pieces or progress.
- Anders Östberg — as the data controller, for operating and supporting the service.
- Supabase Inc. — our database and authentication provider, acting as data processor under a signed Data Processing Agreement.
- Anthropic PBC — receives the text you submit for AI translation or IPA generation, when you use those features. Anthropic does not retain the text for training purposes under our API agreement.
Where your data is stored
Personal data is stored on Supabase's infrastructure in the European Union. AI translation and IPA requests are sent to Anthropic's API, which may process data outside the EU under Standard Contractual Clauses.
How long we keep your data
Your data is kept for as long as you maintain an account. If you delete your account, all your personal data and pieces are removed from our database within 30 days. If your institution's administrator removes you from their institution, you lose access to that institution's shared library after a 30-day grace period; your personal pieces are not affected.
Your rights under GDPR
You have the right to:
- Access the personal data we hold about you.
- Rectify incorrect data — most fields (display name, your pieces) you can edit yourself in the app.
- Erase your data — see "Deleting your account" below.
- Receive a copy of your data in a structured, machine-readable format — email us and we will send it to you within 30 days.
- Restrict or object to processing.
- Withdraw consent (where consent is the legal basis).
- Lodge a complaint with the Swedish Authority for Privacy Protection (IMY) at imy.se.
Deleting your account
You can delete your account from inside the Memline app: Settings → Account → Delete my account. This permanently removes your email, name, pieces, mastery progress, and institutional memberships. The deletion takes effect immediately; backup copies are removed within 30 days.
Requesting a copy of your data
To receive an export of the personal data we hold about you, email aostberg@gmail.com from the address associated with your Memline account. We will send you a copy within 30 days at no cost.
Children
Memline is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe we have, contact us and we will delete it.
Security
Data is transmitted over HTTPS. Authentication uses one-time codes sent to your email (no passwords stored). Database access is restricted by row-level security so users can only see their own data. We do not have access to your email account.
Changes to this policy
If we change this policy in any substantive way, we will update the date above and notify active users by email.
Contact
For any privacy question, email aostberg@gmail.com.
← Back to Memline