⚠️ Founder-reviewed interim version — posted 2026-04-21. This page has been reviewed by BNC Solutions LLC's founder for accuracy about how MeMe Care actually operates. An independent attorney review is in progress. We will update this page and note the date when that review completes.

MeMe Care Privacy Policy

Effective date: 2026-04-21 Last updated: 2026-04-21 Version: 2.0

1. Who we are

MeMe Care is published by BNC Solutions LLC ("BNC", "we", "us"). MeMe Care is a voice-first mobile app that helps people understand photos of bills, mail, medication labels, screens, and possible scams by analyzing them with AI.

• Website: https://memecare.ai
• Contact / privacy requests: support@memecare.ai

This policy covers the MeMe Care mobile app on iOS and Android, our backend API (served at memecare.ai/api/*), and the memecare.ai website (including subdomains app.memecare.ai, admin.memecare.ai, ops.memecare.ai, and platform.memecare.ai).

2. What we collect

We collect the minimum needed to run the service.

Account data (from the trusted contact who sets up an account)

• Email address
• Phone number (optional — used for the Primary User's "Call for Help" button, not for account contact)
• Apple, Google, or email magic-link sign-in identifier
• Subscription plan and renewal status

Primary-user setup data (entered by the trusted contact or the Primary User)

• Primary User's first name (required)
• Primary User's full legal name (optional — used only to help the AI recognize whether mail is addressed to them)
• Household member names and relationships, up to 5 (optional — same purpose)
• Trusted-contact phone number the Primary User can "Call for Help"
• Preferred language (English or Spanish)

Scan metadata (created when the Primary User uses the app)

• Category (bill, medication, mail, scam, tech, home, other)
• Timestamp
• Page count
• Two flags produced by the AI: flagged_scam and flagged_unusual
• A short flag reason if one of those flags fires

Subscription records

• Plan tier (shown in-app and at memecare.ai/pricing at time of purchase)
• Receipt identifiers from Apple, Google, or Stripe
• Start, renewal, and cancellation dates

Device data

• Apple (APNs) or Google (FCM) push token (so we can send scam alerts to the trusted contact)
• App version, OS version (for crash triage)
• A locally generated device ID

3. What we do not collect or store on our servers

• We do not store photos. Images are sent to the AI in-memory and deleted immediately after analysis.
• We do not store AI explanations. The written or spoken answer is sent to the device and then discarded server-side.
• We do not store audio recordings. Voice questions go to transcription and are deleted after text is returned.
• We do not collect contacts, location, browsing history, or advertising identifiers.
• We do not sell personal information. Ever.

4. What stays on the Primary User's device

These items live only on the Primary User's phone, in the device's secure storage:

• Device ID, seat ID, first name, trusted-contact phone
• Local scan history (category, timestamps, flags, and the full AI explanation text) — used to replay past scans without another API call
• Voice preference, language preference, and font-size preference

Uninstalling the app erases the local device copy.

5. How we use the data

• Run the app (show the Primary User their scan, route alerts to the trusted contact)
• Send scam alerts to the trusted contact via push notification
• Process subscription payments through Apple, Google, or Stripe
• Detect abuse and rate-limit excessive requests
• Debug crashes and errors
• Comply with law

We do not use your data to train AI models. The Claude AI model that reads your pictures runs entirely inside Amazon Web Services (AWS) Bedrock — Anthropic (Claude's developer) does not receive your data, does not host the model for us, and has no access to your scans or explanations. AWS Bedrock operates under terms that prohibit use of your inputs or outputs to train any model (Anthropic's, Amazon's, or anyone else's).

About Bedrock's 5-minute prompt cache. To make follow-up questions about the same document fast and inexpensive, a scan's photo and its analysis may be held in Bedrock's temporary prompt cache for up to 5 minutes. The cache is automatically and irreversibly purged after that window; it is not used for training, logging, analytics, or any other purpose beyond serving an immediate follow-up. You can read AWS Bedrock's data handling terms at aws.amazon.com/service-terms (§75 Bedrock).

6. Who we share it with

We share only with the subprocessors we need to run the service. A current list is at memecare.ai/subprocessors and in docs/legal/subprocessors.md. Today that includes Amazon Web Services (Bedrock for AI, S3 for disaster-recovery backups), Cloudflare (infrastructure, including Email Routing for transactional email), Deepgram, OpenAI, Stripe (web billing), Apple (App Store billing and APNs push), Google (Play Billing and FCM push), and Sentry (error reporting).

We share with law enforcement only under valid legal process. We do not sell data or share it for cross-context behavioral advertising.

7. Where data is stored

Backend infrastructure (Cloudflare Workers, D1, KV, R2) operates in the United States. Subprocessors process data in the United States.

US-only service. MeMe Care is offered only to residents of the United States. We do not accept users from outside the US; accounts determined to be outside the US are suspended. If you attempt to access the service from outside the US, your request will be rejected.

8. Retention

| Data | How long | |---|---| | Family account record | Until you ask us to delete it | | Primary-user setup data | Until the trusted contact deletes the seat or the account | | Scan metadata rows | 90 days, then pruned automatically | | Wellbeing signals (family-side welfare events) | 2 years | | Safety-incident content (threat / self-harm / abuse triggering transcript) | 2 years from detection, or until counsel-signed dismissal, whichever is later — narrow disclosed exception to our zero-retention promise. See §8A. | | Safety-incident metadata (identity packet, classifier output, admin audit log) | Indefinite — required for legal + audit compliance | | CSAM incident metadata (hashes, NCMEC report IDs, identity packet) | 7 years (NCMEC guidance + potential law-enforcement needs) | | CSAM image content | Never held on our servers — Cloudflare CSAM Scanning Tool + NCMEC are the custodians | | Admin incident-console audit log (every view, export, disposition) | 7 years (tamper-evident accountability) | | Subscription records | Lifetime of the account, then 7 years for tax and audit | | Audit log (admin actions, DSARs) | 3 years for routine admin; 7 years for incident-related | | Photos / explanations / audio (ordinary path) | Not retained on our servers (in-memory only). Held in AWS Bedrock's prompt cache for up to 5 minutes to serve follow-up questions, then automatically purged. Not used for training. | | Blocked inbound email (quarantine) | 90 days — narrow disclosed exception. See §8B. |

8A. Safety-incident retention exception

The zero-retention promise for photos, audio, and explanations applies to ordinary-path traffic. It has one narrow, disclosed exception:

• When our automated classifiers detect apparent CSAM, a credible threat of violence against an identifiable third party, imminent self-harm indicators, or elder-abuse indicators, we create an access-controlled safety incident record. The triggering content (transcript for voice/text; hash + classifier metadata for images) is preserved in this record so that authorities can be contacted and can subsequently identify the submitter.
• Incident content is encrypted at rest, accessed only by named officers and counsel under two-factor authentication, and purged automatically at the retention boundary above unless an ongoing law-enforcement matter requires extension.
• Political content is never preserved. Our classifier filters politically-referenced content to a plain refusal; no incident is created; no authority is contacted.
• You may request a list of any incident records associated with your account by emailing support@memecare.ai, except that CSAM incident existence may not be disclosable in certain circumstances under federal law.

8B. Blocked inbound email (quarantine) retention exception

The email-reminder inbox feature allows a trusted contact to approve specific senders who can email reminders on behalf of the Primary User. Emails that are blocked before reaching the Primary User — due to authentication failures (DMARC / SPF / DKIM), an unrecognized recipient address, an unapproved sender, a rate-limit excess, a disallowed attachment type, or a malformed calendar invite — are retained in a quarantine store for up to 90 days.

• This content was never delivered to the Primary User and is not part of the Primary User's MeMe Care experience.
• It is stored solely to allow MeMe Care staff to investigate spoofing campaigns, abuse patterns, and configuration errors.
• The retained content may include the sender's email address, display name, subject line, and message body (plain text only, capped at 4,000 characters).
• Quarantine records are accessible only to MeMe Care staff under two-factor authentication and are automatically purged after 90 days.
• No AI model processes quarantine content; it is stored and reviewed by humans only.

9. Your rights

Everyone

• Export your data: via the family dashboard at app.memecare.ai or by emailing support@memecare.ai
• Delete your account: via the family dashboard or by emailing support@memecare.ai

We aim to respond within 45 days. We may ask you to verify identity via the email and phone on file before we act.

California residents (CCPA / CPRA)

• Right to know what we collect and how it's used
• Right to delete
• Right to correct
• Right to opt out of sale or sharing (we don't sell or share for ads — nothing to opt out of)
• Right to non-discrimination for exercising any of these rights
• You can designate an authorized agent

New York residents

New York does not currently have a comprehensive consumer-privacy-rights law, but we honor the same rights framework available to residents of states that do: you may request access, deletion, and correction of your data by emailing support@memecare.ai. We will respond within 45 days.

We additionally comply with:

• NY SHIELD Act (NY General Business Law §899-bb) — reasonable administrative, technical, and physical safeguards to protect the confidentiality, integrity, and availability of your private information.
• NY GBL §899-aa (data-breach notification) — see §11 below.
• NY Stop Hacks and Improve Electronic Data Security Act — incident-response practices documented in our Written Information Security Program.

Other US states

Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Delaware, New Hampshire, New Jersey, Indiana, Tennessee, Kentucky, Maryland, Minnesota, and Rhode Island have substantially similar rights under their state privacy laws. You may submit requests through the family dashboard or by emailing support@memecare.ai. We honor Global Privacy Control (GPC) signals as opt-outs of any sale or sharing of personal information — though we do not sell or share for cross-context behavioral advertising.

Deceased users

If the Primary User has died, the Account Holder (or an authorized estate representative) may:

• Report the death via the family dashboard to freeze the seat and pause billing.
• Request a metadata export within 60 days.
• After 60 days, seat and scan metadata are purged except legally-required financial and safety-incident records.

A new Account Holder may assume control of an account with documentation (power of attorney, executor letters, or guardianship order) emailed to support@memecare.ai.

Biometric information (Illinois, Texas, Washington)

We do not collect, create, or retain biometric identifiers or biometric information as defined under Illinois BIPA, Texas CUBI, or Washington HB 1493:

• We do not extract, store, or compare voiceprints.
• Our AI describes document photos only — it does not analyze or describe facial features, hair color, eye color, ethnicity, or any other identifying personal characteristics of persons who incidentally appear in submitted photos.
• We do not perform facial recognition.

If biometric identifiers ever incidentally appear in a submitted photo, they are not retained (ordinary-path ZDR applies).

10. Children

MeMe Care is designed for adults (a trusted contact setting up for another adult who will be the Primary User). We do not knowingly collect data from children under 13. If you believe a child's data is in our system, email support@memecare.ai and we will delete it.

11. Security

• TLS 1.3 in transit
• Application-layer envelope encryption (AES-GCM-256) for Protected Health Information columns when operating B2B tenant workloads
• Secrets stored in Cloudflare Worker secrets and Doppler
• Zero photo/audio retention by design
• Rate limiting, abuse detection
• Principle of least privilege on admin access
• Security incidents trigger the response plan in our Written Information Security Program

No system is perfectly secure. MeMe Care is a US-only service. If we learn of a breach affecting your data:

• NY SHIELD Act (NY General Business Law §899-aa): we notify affected NY residents, the NY Attorney General, the NY Department of State, and the NY Division of State Police without unreasonable delay after discovery, consistent with §899-aa(2).
• Other US state laws: we follow each state's specific timeline (most require "without unreasonable delay"; some specify 30–90 days).
• HIPAA: we are not a HIPAA covered entity on the consumer product. Where we operate B2B workloads for HIPAA-covered entities under a Business Associate Agreement, we follow HIPAA Breach Notification Rule requirements (45 CFR §§164.400–414).

12. Legal framing

MeMe Care is an informational tool. It is not medical advice, legal advice, financial advice, or tax advice. See our Terms of Service and AI Disclosure for more.

On the consumer product we are not a HIPAA covered entity or Business Associate. For B2B tenant deployments (home-health, hospice, PACE, payers, hospitals), we may act as a Business Associate under a signed Business Associate Agreement with the tenant covered entity.

13. Changes

We will post changes to this policy on memecare.ai/privacy and update the "Last updated" date. Material changes will be announced in-app at least 30 days before they take effect and may require re-acceptance per Section 13A of the Terms of Service.

14. Contact

Questions, complaints, or requests: support@memecare.ai

BNC Solutions LLC 418 Broadway, Ste. N Albany, NY 12207

A Spanish-language informational translation of this Policy is available at memecare.ai/privacy?lang=es. The English version is the legally binding document.