Membase

Privacy first.
Security always.

We protect your data with industry-standard encryption, strict access controls, and transparent practices. Here is exactly how.

For full legal details on how we collect, use, and protect your information:

Read our Privacy Policy
Encrypted in transit and at rest
Your data is protected with TLS 1.3 in transit and AES-256 encryption at rest.
Never used to train AI
Your conversations and memories are not used to train or fine-tune AI models.
Your data stays yours.
Export or delete your data at any time. You control what stays in Membase.
Zero Data Retention with LLM providers
We use ZDR-tier API agreements. Your data is processed and immediately discarded.

How your data flows

Every step is encrypted and access-controlled

TLS 1.3
Your Device
JWT Auth + RLS
Membase API
AES-256
Encrypted Storage
ZDR APIs
AI Processing

How we protect your data

Encryption
  • TLS 1.3 for all data in transit
  • AES-256 encryption at rest via infrastructure
  • AES-256-GCM application-level encryption for credentials
  • OAuth tokens encrypted before storage
Data Isolation
  • Row-Level Security (RLS) on all user tables
  • Per-user graph isolation in knowledge graph
  • Tenant-scoped API with JWT authentication
  • No cross-user data access possible
Access Controls
  • JWT-based authentication via Supabase Auth
  • Role-based access to production systems
  • OAuth 2.0 with scoped permissions for integrations
  • Audit logging (coming soon)

Transparency

What we do today and what we are building next

What we do today
  • TLS 1.3 encryption for all data in transit
  • AES-256 disk-level encryption at rest
  • AES-256-GCM application-level encryption for OAuth credentials
  • Row-Level Security on all user data tables
  • Per-user graph isolation in Neo4j knowledge graph
  • JWT authentication with Supabase Auth
  • Zero Data Retention API tiers with LLM providers
What we are building
  • Privacy Mode toggle

    Choose whether server retains chat history

  • Expanded field-level encryption

    Application-level encryption for more sensitive fields

  • SOC 2 Type II certification

    Independent security audit and compliance

  • BYOK encryption (Enterprise)

    Bring your own encryption keys for full control

  • Audit logging dashboard

    Track all data access events in your account

Security FAQ

Frequently asked questions

Your data is encrypted in transit (TLS 1.3) and at rest (AES-256). Sensitive credentials like OAuth tokens are additionally encrypted at the application level using AES-256-GCM. We use secure cloud servers and limit access to authorized personnel only.

self-evolving
memory hub for your agents.

Get Started For Free

Totally free. No credit card required.