← Back to home

Privacy Policy

Last updated: May 27, 2026

Wisdom Recall, Inc.

1. Overview

Wisdom Recall is a cross-AI memory layer. Our service lets you capture knowledge objects, called PearlsTM, in a single vault and recall them across the AI assistants you already use, including ChatGPT, Claude, Copilot, Perplexity, and other clients that support the Model Context Protocol (MCP). This Privacy Policy describes what information we collect when you use Wisdom Recall, how we use it, who we share it with, and the choices and rights you have.

2. Scope of this Policy

This Policy applies to the Wisdom Recall website at wisdomrecall.com, the web application at app.wisdomrecall.com, our MCP servers, and any related services we operate (together, the "Service"). It does not apply to third-party services you choose to connect, including AI assistants and the providers behind them. Those services are governed by their own privacy policies.

3. Information We Collect

We collect information in the following categories.

3.1 Account information

  • Your email address.
  • A hashed and salted form of your password if you sign up with email and password. We never store passwords in plain text.
  • Profile fields you choose to provide, such as display name.

3.2 Subscription and billing data

Payments are processed by Stripe. Stripe collects and stores your payment instrument and billing details directly; Wisdom Recall does not see or store your full card number. We receive metadata from Stripe such as subscription plan, status, renewal date, last four digits of the card, country, and tax-related fields needed to issue invoices.

3.3 Content you create

  • PearlsTM: the text content of each knowledge object you save.
  • Tags, projects, and other organization metadata you attach to your Pearls.
  • Files you upload (for example, PDFs or documents) and any text extracted from them.
  • Comments, share settings, and audit history associated with a Pearl.

3.4 MCP connection tokens

To connect Wisdom Recall to AI assistants such as ChatGPT, Claude, Copilot, and Perplexity, we issue and store MCP connection tokens scoped to your account. These tokens authenticate requests from your AI assistant to our servers. They are stored encrypted, never displayed to anyone other than you, and can be revoked from your dashboard at any time.

3.5 Usage and operational data

  • Server-side records of MCP requests from your connected AI, including which tool was called (for example, saving, searching, or retrieving a Pearl), whether it succeeded, and how long it took.
  • Usage and cost records for AI operations, such as token counts and estimated cost, used for billing and capacity planning.
  • Security events, such as failed sign-in attempts and rate-limit triggers, recorded with IP address, approximate location, and user agent.

We do not use third-party web analytics (such as Google Analytics, Plausible, or PostHog) and we do not use third-party client-side error or session-tracking tools (such as Sentry or LogRocket).

3.6 Device and log data

  • IP address.
  • Browser type, version, and user agent string.
  • Operating system and device characteristics.
  • Timestamps of requests and approximate location derived from IP.

3.7 Cookies and similar technologies

We use a small number of cookies and similar storage. Essential cookies keep you signed in and protect against fraud. Functional cookies remember preferences such as theme. We do not use third-party web analytics or advertising cookies. See section 12 for details.

3.8 AI conversation logging (optional)

Wisdom Recall offers an optional feature, available through our browser extension, that logs the exchanges between your connected AI assistant and Wisdom Recall so that you can review and reuse them. This feature is off by default and only operates if you choose to enable it. When enabled, a log may include the content of the conversation, the Pearls involved, and the AI model used, stored in our database and tied to your account. You can disable the feature at any time, and these logs are subject to the retention and deletion terms in section 9.

4. How We Use Your Data

  • To provide, operate, and maintain the Service.
  • To authenticate you and secure your account.
  • To process your content into Pearls and to make them retrievable through your connected AI assistants.
  • To process payments, manage subscriptions, and issue invoices and receipts.
  • To send transactional messages (account, billing, security, and service notifications).
  • To improve the Service, including debugging, performance, and reliability work.
  • To detect, prevent, and respond to abuse, fraud, and security incidents.
  • To comply with legal obligations and enforce our Terms.

We do not sell your personal data. We do not use your Pearl content to train foundation models.

5. Legal Bases for Processing (EU and UK Users)

If you are in the European Economic Area, United Kingdom, or Switzerland, we process your personal data under one or more of the following legal bases:

  • Performance of a contract, to provide the Service you have signed up for.
  • Legitimate interests, such as securing the Service, preventing abuse, and improving features. We balance these interests against your rights.
  • Consent, where we rely on it, for any optional processing that requires it.
  • Legal obligation, where applicable law requires us to retain or disclose data.

6. How We Share Information

We share information only as described in this Policy.

  • Sub-processors. We share data with operational vendors that help us run the Service. They act on our instructions and are bound by data protection terms.
  • Legal disclosures. We may disclose information when required by law, valid legal process, or to protect the rights, property, or safety of Wisdom Recall, our users, or the public.
  • Business transfers. If Wisdom Recall is involved in a merger, acquisition, or asset sale, your data may be transferred, subject to this Policy.
  • With your direction. When you choose to share a Pearl, connect an AI assistant, or otherwise direct data to a third party.

We do not sell personal data, and we do not share personal data for cross-context behavioral advertising. We may publish or share aggregated, de-identified data that cannot reasonably be used to identify you.

7. Sub-processors

  • Supabase: managed PostgreSQL database, authentication, object storage, and our server-side logs.
  • Cloudflare: edge network, CDN, DDoS protection, Web Application Firewall, and MCP Workers runtime.
  • Stripe: subscription billing and payment processing.
  • Google (Gemini API): AI processing for features we run on your behalf, such as generating Pearl metadata, embeddings, and improving search queries.
  • Resend: transactional email delivery.

Separately, when you connect a third-party AI assistant (such as ChatGPT, Claude, Copilot, or Perplexity) to Wisdom Recall, you are directing your data to that provider. Those assistants are operated by their own companies under their own terms and privacy policies; they are not our sub-processors. See section 6 ("With your direction").

If we add or change a sub-processor in a way that materially affects this list, we will update this Policy.

8. International Data Transfers

Wisdom Recall is based in the United States. When we transfer personal data from the European Economic Area, United Kingdom, or Switzerland to the United States or other countries, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, and the Swiss equivalent, as applicable. A copy is available on request to privacy@wisdomrecall.com.

9. Data Retention

We retain your account and Pearl content for as long as your account is active, so that the Service remains useful to you. When you delete a Pearl, project, or your account, we remove the affected data from active systems within 30 days. Backups containing residual copies are aged out on a rolling schedule and are not used to restore deleted content except in the event of a recovery from data loss.

We retain limited records longer where required for legal, tax, accounting, fraud-prevention, or security purposes, including invoices, audit logs of sensitive actions, and abuse signals.

10. Your Rights

10.1 GDPR rights (EU, UK, Switzerland)

  • Right of access to the personal data we hold about you.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten").
  • Right to restriction of processing.
  • Right to data portability in a structured, machine-readable format.
  • Right to object to processing based on legitimate interests.
  • Right to withdraw consent at any time, where processing is based on consent.
  • Right to lodge a complaint with your local supervisory authority.

10.2 CCPA and CPRA rights (California)

  • Right to know what personal information we collect, use, disclose, and share.
  • Right to delete personal information we have collected.
  • Right to correct inaccurate personal information.
  • Right to opt out of "sale" or "sharing" of personal information. We do not sell personal information, and we do not share it for cross-context behavioral advertising.
  • Right to non-discrimination for exercising your privacy rights.

10.3 How to exercise your rights

Email privacy@wisdomrecall.com from the email address associated with your account. We will respond within the timeframes required by applicable law. You may also use the data export and account deletion tools in your Wisdom Recall dashboard.

11. Children's Privacy

The Service is not directed to children under 13 in the United States, or under 16 in the European Economic Area. We do not knowingly collect personal data from children under those ages. If you believe we have collected such data, please contact privacy@wisdomrecall.com and we will delete it.

12. Cookies and Tracking

We use the following categories of cookies and similar technologies:

  • Essential: required to sign you in, keep your session, and protect against abuse.
  • Functional: remember preferences such as theme and language.

We do not use third-party advertising cookies, and we do not use third-party web analytics cookies. We honor the Global Privacy Control (GPC) signal as an opt-out request to the extent required by law. You can also manage cookies through your browser settings.

13. Security

We use defense-in-depth practices including encryption in transit and at rest, Row-Level Security on customer data, encrypted MCP tokens, audit logging of sensitive actions, and least-privilege staff access. For details, see our Security page.

14. Changes to this Policy

We may update this Policy from time to time. When changes are material, we will notify you by email, in-app notice, or by a prominent notice on the Service before the changes take effect. The "Last updated" date at the top of this page indicates when this Policy was most recently revised.

15. Contact

For privacy questions or to exercise your rights, contact our data protection lead at privacy@wisdomrecall.com.

Mailing address: Wisdom Recall, Inc., 123 Example St, Albuquerque, NM.

© 2026 Wisdom Recall, Inc. Home Privacy Terms Security