Privacy

We don't use analytics or tracking of any kind, and we don't sell or share your data. The only cookies we set are session cookies to keep you signed in.

When you sign in

We collect your email address to sign you in. Your email is stored in our database and used for authentication only.

When you write

Everything you write (journal entries, profile details, tags) is encrypted in your browser before it leaves your device. Only you can read your journal. If you forget your passphrase, your data is unrecoverable. You can export an encrypted backup from Settings at any time.

When you delete your account

You can delete your account from Settings. This permanently and irreversibly removes your email, vault, and all encrypted data from our servers.

Third-party services

External services Mnemosyne uses and what data they receive:

• •Vercel — hosts the application and may retain standard server logs (IP address, request timestamps, user agent)
• •Neon Postgres — hosts the database where your email address is stored
• •Cloudflare R2 — stores your encrypted vault
• •Brevo — receives your email address to deliver sign-in emails

None of these providers can read your journal. Your writing is encrypted with AES-256-GCM before it reaches our servers, and only Cloudflare R2 stores the encrypted vault.

Questions? Reach out on GitHub.