This Privacy Policy describes how AppliedAgentics Pty Ltd (ABN 98 697 110 517) ("AppliedAgentics", "we", "us", "our") collects, uses, stores, and protects information in connection with the Memory Core service ("Service"). This policy applies to subscribers of the Service through Microsoft Azure Marketplace, direct subscribers, and visitors to memorycore.com.au.
1. Information we collect
1.1 Account and subscription information
When you subscribe to the Service via Azure Marketplace or directly, we receive your subscription identifier, tenant configuration, plan tier, and contact email. We do not receive your Microsoft account credentials.
1.2 Customer data submitted to the Service
The Service stores graph-structured data you submit through our API — including nodes (text content you elect to store), relationships between nodes, and embedding vectors derived from your content. This data is the "Customer Data".
1.3 Operational telemetry
We collect API usage metadata required to operate, secure, and bill the Service: request counts per tier dimension, error rates, response times, and authentication events. This telemetry does not include the content of Customer Data.
1.4 Website analytics
Our website collects standard server log information (IP address, user agent, referrer) and may use first-party cookies for analytics. We do not use third-party advertising or tracking cookies.
2. How we use information
- To provide the Service. Customer Data is processed solely to fulfil your API requests — storing, retrieving, ranking, and returning the data you have submitted.
- To bill the Service. Operational telemetry is reported to Microsoft Azure Marketplace Metering Service for subscription billing.
- To secure the Service. Telemetry is monitored for abuse, abnormal access patterns, and security events.
- To communicate with you. We may use your contact email for service announcements, security notices, and account-related correspondence.
3. Per-tenant data isolation
Each subscription receives an isolated tenant namespace. Customer Data is partitioned at the data plane: queries from one tenant cannot return data belonging to another tenant by design, enforced at the application and database layers — not contractually only.
We do not aggregate, combine, derive insights from, or train models on Customer Data across tenants. We do not learn from one customer's data to improve service for another.
4. Data we do not collect
- We do not collect data from your Microsoft account beyond what Microsoft Azure Marketplace shares as part of the subscription lifecycle.
- We do not collect special-category personal data (health, biometric, political, religious, sexual orientation) — these data classes should not be submitted to the Service.
- We do not sell Customer Data or operational telemetry to any third party.
5. Sub-processors
We use the following sub-processors to operate the Service:
- Microsoft Azure — Azure SQL Database (Customer Data storage), Azure App Service (compute), Azure Front Door (TLS termination), Azure Marketplace (subscription billing).
- Plain — customer support ticketing (contact email + support correspondence only).
All sub-processors are bound by data-processing agreements consistent with this policy.
6. Data retention and deletion
- Active subscription: Customer Data is retained for the duration of your subscription.
- Suspended subscription (e.g., payment issue): Customer Data is retained for 90 days, after which the subscription is treated as cancelled.
- Cancelled subscription: Customer Data is retained for 30 days for recovery, then permanently deleted from production systems. Backups containing Customer Data are purged within a further 60 days.
- Operational telemetry: Retained for 12 months for audit and security purposes, then aggregated and the raw events deleted.
7. Encryption
- In transit: all API traffic is encrypted via TLS 1.2 or higher.
- At rest: Customer Data is encrypted at rest using Azure SQL Database transparent data encryption and Azure-managed keys.
8. Your rights
- Access: You can retrieve your Customer Data at any time via the Service API.
- Export: Bulk export of your tenant's data is available on request to support@memorycore.com.au.
- Deletion: You may delete individual nodes via the API, or request full tenant deletion by cancelling your subscription (see Section 6).
- Correction: Customer Data is under your control — corrections are made by updating nodes via the API.
- Complaint: If you have a privacy concern we have not resolved, you may complain to the Office of the Australian Information Commissioner (oaic.gov.au).
9. International data transfer
The Service is hosted in Microsoft Azure regions in Australia by default. We may use additional Azure regions for redundancy and geo-distributed load. Any cross-region transfer is between Microsoft-operated facilities and is governed by Microsoft's data-protection commitments.
10. Children
The Service is not directed to children under 16. We do not knowingly collect data from children.
11. Changes to this policy
We may update this policy from time to time. Material changes will be notified by email to the subscription contact at least 30 days before taking effect. Continued use of the Service after the effective date constitutes acceptance.
12. Contact
For privacy questions, requests, or complaints: