Privacy Policy
Last updated: March 16, 2026
ThreadMemory.ai ("we," "us," or "our") operates the Thread memory layer service. This Privacy Policy explains how we collect, use, store, and protect your information when you use Thread.
1. What We Collect
We collect the following information when you use Thread:
- Account information: Name, email address, and password (stored as a secure hash) when you create an account.
- Billing information: Payment details are processed and stored by Stripe. We do not store your credit card number on our servers.
- Conversational data: The AI session content you route through Thread - messages, decisions, context - that you choose to capture and index.
- Usage data: API key usage, memory write and retrieval counts, session timestamps.
- Technical data: IP address, browser type, and basic request metadata for security and debugging.
2. How We Use Your Information
We use your information solely to:
- Provide and operate the Thread service
- Process payments and manage your subscription
- Respond to support requests
- Send service-related communications (account notices, billing, security alerts)
- Improve reliability and performance of the service
We do not sell your data. We do not use your conversational content to train AI models. We do not share your data with third parties for advertising purposes.
3. How Your Data Is Stored
Thread uses the following infrastructure providers to store and process your data:
- Pinecone: Vector database for storing and retrieving your memory embeddings. Your data is stored in a namespace isolated to your account - other users cannot access it.
- Supabase: Database for account information, API keys, and usage records.
- Stripe: Payment processor for billing information and transaction history.
Each provider maintains their own security and compliance practices. Links to their privacy policies are available on their respective websites.
4. Data Isolation
Your conversational data is stored in a namespace unique to your account. No other Thread customer can access your data. Our systems enforce this isolation at the infrastructure level - it is not configurable and cannot be bypassed.
5. Data Retention and Deletion
We retain your data for as long as your account is active. If you cancel your subscription:
- Your data is retained for 30 days after your subscription ends
- You may request a data export during this window at support@threadmemory.ai
- After 30 days, your data is permanently deleted from our systems and all sub-processors
To request immediate deletion of your data, contact support@threadmemory.ai. We process deletion requests within 30 days.
6. Security
We take reasonable measures to protect your data including:
- API keys are stored as cryptographic hashes - we cannot retrieve your raw key after it is generated
- All data in transit is encrypted via TLS
- Access to production systems is restricted to authorized personnel
No system is perfectly secure. If you discover a security vulnerability, please report it to support@threadmemory.ai.
7. Cookies
We use minimal session cookies required for account authentication. We do not use tracking cookies or third-party analytics.
8. Your Rights
You have the right to:
- Access the data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Export your data in a portable format
To exercise any of these rights, contact support@threadmemory.ai.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email. Continued use of the Service after changes take effect constitutes your acceptance.
10. Contact
Questions about this Privacy Policy? Contact us at support@threadmemory.ai.
ThreadMemory.ai - Birmingham, Alabama