Exogram is a model-agnostic semantic ledger that records, governs, and audits meaning over time for AI systems and their users.

How does Exogram reduce hallucinations?

Exogram reduces hallucinations caused by silent context loss and conflicting memory by exposing contradictions before they silently compound.

Does Exogram train on user data?

No. Exogram does not train models on user data. All ingestion is user-initiated and fully auditable.

Privacy Policy

Last Updated: January 17, 2026

1. Introduction

Exogram ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our semantic memory governance infrastructure.

2. Data Collection

We collect the following types of data:

Account Information: Email address, name, and authentication credentials
Memory Content: User-selected text and content you explicitly choose to store
Usage Metadata: Source URLs, timestamps, and interaction patterns
Technical Data: Browser type, IP address (hashed), and device information for security

Important: We do NOT automatically collect browsing history. Memory capture occurs ONLY upon your explicit action via the context menu.

3. PII Scrubbing & Redaction

Before storage, all content passes through our automated PII (Personally Identifiable Information) scrubbing system. The following patterns are automatically detected and redacted:

Social Security Numbers (SSN)
Email addresses
Phone numbers
Credit card numbers

Redacted content is replaced with [REDACTED] markers.

4. Data Security & Encryption

Your data is protected with industry-leading security measures:

Encryption at Rest: AES-256 encryption using Fernet (user-controlled keys)
Encryption in Transit: All communications over TLS 1.3
Row Level Security: PostgreSQL RLS ensures users can only access their own data
Audit Logging: Immutable logs of all data access and modifications

5. Third-Party Services

We use the following third-party services to provide the Service:

Service	Purpose	Data Shared
Supabase	Authentication & Database	Encrypted content, metadata
Pinecone	Vector indexing	Semantic embeddings (not raw text)
OpenAI	Embeddings & Arbitration	Anonymized text snippets
Stripe	Payment processing	Billing information only

6. Your Rights

You have the following rights regarding your data:

Access: Request a copy of all data we hold about you
Correction: Update or correct inaccurate information
Deletion: Request complete deletion of your account and all associated data
Export: Download all your memories in standard formats
Portability: Transfer your data to another service

To exercise these rights, use the Dashboard settings or contact us at privacy@exogram.ai.

7. Data Retention

Active Data: Retained for the duration of your account
Deleted Data: Hard deleted from database and vector store immediately upon request
Backups: Encrypted backups retained for 30 days, then permanently purged
Audit Logs: Retained for 7 years for compliance purposes

8. GDPR Compliance

For users in the European Economic Area (EEA), we comply with GDPR requirements. Our lawful basis for processing is:

Contract: Processing necessary to provide the Service
Consent: For optional features and marketing communications
Legitimate Interest: For security and fraud prevention

9. Cookies & Tracking

We use essential cookies only for authentication and session management. We do NOT use third-party advertising or analytics trackers. You can manage cookie preferences in your browser settings.

10. Children's Privacy

Exogram is not intended for users under 16 years of age. We do not knowingly collect data from children. If we learn that we have collected data from a child, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email and/or prominent notice on the Service at least 30 days before taking effect.

12. Contact Us

For privacy-related inquiries, contact our Data Protection team:
privacy@exogram.ai