Compliance & Security

Trust Center

How MemNexus handles your data, how we secure it, and which third parties process it. Everything below reflects what is implemented and deployed today; planned items are explicitly marked as such.

Trust Center last updated: April 28, 2026Subprocessor list last updated: April 28, 2026[email protected]

MemNexus Trust Center — Compliance Overview

Document ID: COMP-006 Last updated: 2026-04-28 Status: Current Contact: [email protected]

1. Overview

MemNexus is an AI memory management platform for developer teams. It stores knowledge, decisions, behavioral patterns, and institutional memory on behalf of its users, with field-level encryption and per-user key isolation.

This page indexes all security, compliance, and data handling documentation for MemNexus. It is intended as the primary reference for enterprise procurement teams, compliance officers, and security reviewers conducting vendor due diligence.

We state only what is implemented and deployed today. Where capabilities are planned but not yet complete, they are explicitly marked as such.

2. Data Handling Summary

2.1 What Data MemNexus Stores

| Data Category | Description | Protection | |---|---|---| | User data | Name, email, profile picture | Encrypted at rest (AES-256-GCM-SIV, per-user encryption key) | | Memories | Content, context, metadata | Encrypted at rest (AES-256-GCM-SIV, per-user encryption key) | | Extracted knowledge | Entities, facts, topics, patterns | Encrypted at rest (AES-256-GCM-SIV, per-user encryption key) | | Conversations | Session history and metadata | Encrypted at rest | | API keys | Programmatic access credentials | Hashed with HMAC-SHA256 (plaintext never stored) | | Audit logs | Append-only metadata records | No user content stored in audit entries | | Billing data | Subscription and payment information | Managed entirely by Stripe — MemNexus does not store payment card data | | Authentication data | Credentials, SSO tokens | Managed entirely by WorkOS — MemNexus does not store passwords | | Embedding vectors | Semantic search vectors derived from content | Stored unencrypted to preserve vector search functionality (see note below) |

Note on embedding vectors: Embedding vectors (used for semantic search) are stored unencrypted. This is a documented engineering decision — encrypting embeddings would prevent vector similarity search. Embedding vectors are mathematical representations, not human-readable content, but they are derived from user content. Encryption of embedding vectors is planned for a future phase. All other sensitive fields (13 of 14 field types) are encrypted at the application level.

Note on AI provider processing: Memory content is decrypted server-side and sent over TLS 1.3 to AI providers (Voyage AI, OpenAI, Anthropic) for embedding and extraction. Providers do not store this content per their published policies (linked in Section 3).

2.2 Where Data Is Stored

Primary database: Neo4j, self-hosted on Azure Kubernetes Service (AKS), US East 2 region
Encryption key management: Azure Key Vault, US East 2 region
No multi-region replication: All data is processed and stored in a single Azure region (US East 2)

3. AI Training Posture

MemNexus does NOT use customer data to train AI models.

Customer memories and extracted knowledge are NOT used for model training, fine-tuning, or improvement of any kind.
Customer data is processed solely to provide the MemNexus service to the customer.

Third-Party AI Providers

MemNexus uses third-party AI APIs for embedding generation and knowledge extraction. Neither provider uses API data for model training:

| Provider | Purpose | Training Policy | |---|---|---| | OpenAI | Embedding generation (text-embedding-3-small) | OpenAI's API data usage policy states that data submitted via the API is not used for training models. Reference: OpenAI API Data Usage Policy | | Anthropic | Knowledge extraction (Claude) | Anthropic's API data policy states that API inputs and outputs are not used for model training by default. Reference: Anthropic API Terms |

MemNexus does not opt in to any provider training programs. Data sent to these providers is used exclusively for real-time processing and is not retained by the providers for training purposes.

4. Data Flow Lifecycle

4.1 Saving a Memory

Developer saves a memory via CLI or MCP tool
  |
  v
1. API Gateway (Kong) -- TLS termination, authentication
  |
  v
2. Core API -- Input validation (Zod schema)
  |
  v
3. Encryption -- Content encrypted with user's encryption key
  |
  v
4. Storage -- Encrypted content stored in Neo4j
  |
  v
5. Async: Extraction Pipeline
   |-- Embedding generation (OpenAI API, TLS 1.3)
   |-- Entity/fact/topic extraction (Claude API, TLS)
   +-- Results encrypted and stored
  |
  v
6. Audit -- Memory creation event logged (metadata only, no content)

4.2 Retrieving Memories

Developer searches memories via CLI or MCP tool
  |
  v
1. API Gateway -- Authentication, rate limiting
  |
  v
2. Core API -- Query validation, user/org scoping
  |
  v
3. Search -- Vector similarity + keyword search (encrypted content decrypted for authorized user)
  |
  v
4. Response -- Decrypted results returned over TLS

4.3 Key Points

Content is encrypted before it reaches the database. The database stores ciphertext for sensitive fields.
Decryption occurs only for the authenticated user who owns the data, using their unique encryption key.
Audit entries capture metadata about operations (action type, timestamp, actor) but never capture memory content or search queries.

5. Compliance Status Dashboard

5.1 Security and Data Documentation

| Category | Document | Status | Link | |---|---|---|---| | Security | Security Practices | Current | security-practices.md | | Data | Data Retention and Deletion Policy | Current | data-retention-policy.md | | Data | Subprocessor List | Current | subprocessors.md | | Privacy | Enterprise Privacy FAQ | Current | enterprise-privacy-faq.md |

5.2 Legal Documentation

| Category | Document | Status | Link | |---|---|---|---| | Legal | SIG Lite Self-Assessment | Current | ../legal/sig-lite-self-assessment.md | | Legal | Acceptable Use Policy | Current | ../legal/acceptable-use-policy.md | | Legal | Master Service Agreement (MSA) Template | Available on request — contact [email protected] | ../legal/master-service-agreement-template.md | | Legal | Data Processing Agreement (DPA) Template | Available on request — contact [email protected] | ../legal/data-processing-agreement-template.md |

5.3 Operational Documentation

| Category | Document | Status | Link | |---|---|---|---| | Operational | Service Level Agreement (SLA) | Current | ../operational/service-level-agreement.md | | Operational | Incident Response Plan | Current | ../operational/incident-response-plan.md | | Operational | Change Management Policy | Current | ../operational/change-management-policy.md |

5.4 Integration Guides

| Category | Document | Status | Link | |---|---|---|---| | Auth | SSO Integration Guide | Current | ../guides/sso-integration-guide.md |

6. Certification Roadmap

| Certification | Status | Timeline | |---|---|---| | SOC 2 Type I | Planned — controls documented, auditor not yet engaged | TBD | | ISO 27001 | Planned | 2027 target | | HIPAA BAA | Under evaluation | TBD |

MemNexus is committed to achieving SOC 2 Type I as the next milestone in the certification roadmap. Controls are documented across the security, operational, and legal documentation listed above. Auditor engagement timing will be communicated when confirmed. SOC 2 Type II will be pursued after Type I completion; we do not commit to a public timeline.

7. Frequently Asked Questions

Do you train on my data?

No. MemNexus does not use customer data to train, fine-tune, or improve any AI models. Third-party AI providers (OpenAI, Anthropic) process data via their APIs under policies that explicitly exclude API data from model training. See Section 3: AI Training Posture.

Where is my data stored?

All customer data is stored in Microsoft Azure, US East 2 region. The database (Neo4j) runs on Azure Kubernetes Service (AKS) within that region. Encryption keys are managed via Azure Key Vault in the same region. There is no multi-region data replication.

Can I delete all my data?

Yes. Account deletion is self-service via the customer portal or API. After a 7-day grace period (during which deletion can be cancelled), all data is permanently and irreversibly deleted from all systems, including third-party processors (WorkOS, Stripe). This is GDPR Article 17 compliant. See Data Retention and Deletion Policy.

Do you have SOC 2?

Not yet. Security controls are documented and operational. SOC 2 Type I auditor engagement is planned but not yet started. See Section 6: Certification Roadmap.

Who are your subprocessors?

Our complete subprocessor list is published at memnexus.ai/trust/subprocessors and updated whenever we engage a new vendor. We publish subprocessor changes to this page and notify customers via email prior to adding new subprocessors. Subscribe by emailing [email protected]. Full details, including data categories processed and processing locations, are in the Subprocessor List.

Do you support SSO?

Yes. MemNexus supports SAML 2.0 and OIDC for Single Sign-On via WorkOS, configurable per organization. See the SSO Integration Guide.

Is my data encrypted?

Yes. 13 of 14 sensitive field types are encrypted at the application level with AES-256-GCM-SIV before storage. Each user has a unique encryption key. Data in transit is protected with TLS 1.2+. See Security Practices.

Can I export my data?

Yes. Self-service data export is available via the customer portal and API (GET /api/users/me/export) in JSON format. Export remains available during the deletion grace period. This satisfies GDPR Article 20 (Right to Data Portability).

Do you have a DPA?

A GDPR Article 28-compliant Data Processing Agreement is available on request. Contact [email protected] to request a copy.

8. Contact

| Purpose | Contact | |---|---| | Security and compliance questions | [email protected] | | General support | [email protected] | | Regulatory deletion requests (GDPR/CCPA) | [email protected] (subject: "Data Deletion Request") | | Subprocessor change notifications | [email protected] (subscribe to alerts) |

9. Document History

| Date | Change | |---|---| | 2026-04-08 | Initial publication (COMP-006) | | 2026-04-28 | Iteration #153: replaced hardcoded six-subprocessor count in FAQ with pointer to live subprocessors list; MSA/DPA status changed from DRAFT to "Available on request"; aligned with reconciled subprocessors.md (11 current + 2 infrastructure). | | 2026-04-28 | Iteration #153 review remediation (PR #3294): removed SOC 2 Type II and Penetration Testing rows from public certification roadmap; replaced internal "DEK" / "AES-256-GCM-SIV" architecture detail in process-flow text with neutral "encryption key" wording (cipher name retained in canonical Section 2.1 and Section 7 FAQ); removed 30-day subprocessor change commitment pending notification mechanism build-out; added bridging note clarifying that memory content is decrypted server-side and sent over TLS 1.3 to AI providers; demoted in-document H1 to H2 to avoid dual-H1 on /trust. |

The full subprocessor list is also available as a standalone page at /trust/subprocessors.

MemNexus Subprocessor List

Last updated: 2026-04-28 Review cadence: Updated whenever a subprocessor changes Contact: [email protected]

Overview

MemNexus uses the following third-party subprocessors to deliver our service. Each subprocessor is listed with its purpose, the categories of customer data it processes, its processing location, and its current operational status.

We publish subprocessor changes to this page and notify customers via email prior to adding new subprocessors. Subscribe by emailing [email protected].

Current Subprocessors

| Subprocessor | Purpose | Data Processed | Location | Status | |---|---|---|---|---| | Anthropic | Knowledge extraction (LLM-based entity, fact, and topic extraction via Claude API) | Memory content (sent as plaintext for extraction) | US | Active | | Cloudflare | Marketing-site hosting (Cloudflare Pages via @cloudflare/next-on-pages), DNS for memnexus.ai, edge TLS termination for the marketing site | Visitor IP address, request metadata, and marketing-site form submissions (e.g., waitlist email address, newsletter email address, contact-form contents). No customer memory content — that flows directly between client SDKs and api.memnexus.ai (Azure-hosted). | Global edge (US-anchored) | Active | | Microsoft Azure | Cloud infrastructure — Azure Kubernetes Service (AKS), managed disks, Azure Key Vault, Azure Container Registry; also Azure OpenAI for extraction (gpt-4o-mini) | All customer data: memories, user profiles, encryption keys (wrapped per-user keys), graph data (entities, facts, topics, relationships), API keys (hashed), audit logs; memory content sent in plaintext to Azure OpenAI for extraction | US East 2 (Azure region) | Active | | Neo4j | Graph database (self-hosted on Azure AKS) | Memories (encrypted at rest), entities, facts, topics, patterns, conversations, relationships, user profiles | US East 2 (co-located with AKS cluster) | Active | | OpenAI | Embedding generation (historical primary, currently inactive). Credentials retained for graceful-degradation fallback only. | Memory content would be sent as plaintext for vector generation if reactivated | US | Inactive — fallback credentials retained; no live traffic | | PostHog | Product and marketing analytics (page events, telemetry) — us.i.posthog.com | Pseudonymous user identifiers, page-view events, browser/device metadata (no customer memory content) | US | Active | | Resend | Transactional email delivery (account deletion confirmations, verification emails, waitlist communications) | User email addresses | US | Active | | Sentry | Error tracking and performance monitoring for customer-portal and mcp-server | Error stack traces, user agent, redacted request context (no customer memory content) | US | Active | | Stripe | Payment processing, subscription management, invoicing | User email address, billing information, subscription status, payment method tokens | US | Active | | Voyage AI | Embedding generation (voyage-3.5, 1024d) | Memory content (sent as plaintext for vector generation) | US (api.voyageai.com) | Active — primary embedding | | WorkOS | Authentication (AuthKit), Single Sign-On (SAML 2.0 / OIDC), organization management | User email address, name, profile information, organization membership, SSO configuration | US | Active |

Infrastructure Subprocessors

These subprocessors provide foundational infrastructure and do not directly process customer memory content:

| Subprocessor | Purpose | Data Processed | Location | |---|---|---|---| | GitHub | Source code hosting, CI/CD pipelines (GitHub Actions) | Source code, build artifacts (no customer data) | US | | Docker Hub / GitHub Container Registry | Container image hosting | Application container images (no customer data) | US |

Data Processing Notes

Encryption at rest: Customer memory content and sensitive fields (13 of 14 field types) are encrypted with AES-256-GCM-SIV at the application level before storage in Neo4j. The database stores ciphertext for these fields.
Voyage AI data handling (primary embedding): As of v1.81c (2026-04-23), Voyage AI is the primary embedding provider in production. Memory content is sent to Voyage AI for vector generation (voyage-3.5, 1024d). Voyage AI's API does not use submitted data for model training. MemNexus does not opt in to training. See core-api/src/services/embedding.service.ts and core-api/k8s/deploy/values-prod.yaml.
OpenAI data handling (currently inactive): OpenAI was the embedding provider before the v1.81c flip and credentials are retained for graceful-degradation fallback only. The dual-write secondary path (DUAL_WRITE_OPENAI_EMBEDDINGS) is set to "false" in production. No memory content is currently sent to OpenAI. If OpenAI is reactivated (either as primary or via dual-write), this list will be updated and customers will be notified before that change takes effect.
Anthropic data handling: Memory content is sent to Anthropic's Claude API for entity, fact, and topic extraction. Anthropic's API data policy states that API inputs and outputs are not used for model training by default. MemNexus does not opt in to training.
Stripe data minimization: MemNexus shares only the minimum data required for payment processing. Full payment card details are handled entirely by Stripe and never touch MemNexus infrastructure.
WorkOS data handling: WorkOS manages authentication credentials (passwords, SSO tokens). MemNexus does not store user passwords.
Cloudflare data handling: Cloudflare hosts the public marketing site (memnexus.ai) via Cloudflare Pages and provides DNS and edge TLS. Cloudflare processes standard web request metadata (visitor IP, request headers, response codes). The marketing site exposes server-side route handlers under marketing-site/app/api/ for waitlist signup, newsletter signup, and contact form submission (/api/waitlist, /api/newsletter, /api/contact). Form bodies for those routes — typically an email address and free-text contact-form contents — pass through the Cloudflare edge. Cloudflare does NOT see customer memory content: the application API (api.memnexus.ai) terminates on Azure and is not fronted by Cloudflare.
PostHog data handling: PostHog receives analytics events from marketing-site/ and customer-portal/ (page views, click events, browser/device metadata). It does not receive memory content or extracted knowledge. Consent gating is applied via the marketing-site analytics consent module. Identifier scheme: PostHog distinct IDs are pseudonymous, not anonymous. For authenticated customer-portal sessions, the distinct ID is the MemNexus user ID (set via posthog.identify(userId, ...)). For pre-signup marketing-site visitors, the distinct ID is a per-browser pseudonymous identifier minted by the PostHog SDK. Per GDPR Recital 26, pseudonymous data is personal data; we treat PostHog telemetry accordingly.
Sentry data handling: Sentry receives error reports and performance traces from the customer portal and MCP server. Request bodies and PII fields are scrubbed via the standard Sentry SDK redaction; only stack traces, error types, and minimal request context are retained.
Neo4j hosting: Neo4j runs as a self-hosted deployment on the MemNexus Azure AKS cluster, not as a managed third-party service. It is listed here for transparency because it is a third-party software component that processes customer data.

Subprocessor Change Notification

We publish subprocessor changes to this page and notify customers via email prior to adding new subprocessors. Subscribe by emailing [email protected].

Questions

For questions about our subprocessors or data processing practices, contact [email protected].

Questions?

For security questionnaires, DPA / MSA requests, or subprocessor change notifications, contact [email protected].