mmemo Cookie Policy
21 May 2026
1. About this Cookie Policy
This Cookie Policy explains how mmemo.ai OÜ uses cookies and similar technologies when you visit our website or use the Service. It should be read together with our Privacy Policy, which sets out how we process your personal data more generally.
In this document, "cookies" includes both cookies in the strict sense (small text files stored on your device) and similar technologies such as local storage, session storage, web beacons, pixels and software development kits that read or write data on your device.
2. Who is responsible
The controller responsible for the use of cookies on mmemo is:
mmemo.ai OÜ
Narva maantee 7a, office 404
15172 Tallinn, Estonia
Email: privacy@mmemo.com
3. Why we use cookies
We use cookies to:
- enable the basic functioning of the Service, including authentication, session management and security;
- remember your preferences, such as your language and interface settings;
- measure how the Service is used, in an aggregated and pseudonymised form, in order to improve it;
- where you consent, support marketing and audience-development activities.
We do not use cookies to:
- create cross-site behavioural advertising profiles;
- sell your personal data to data brokers;
- track you across websites we do not operate.
4. Categories of cookies we use
We classify cookies into four categories. The first category is strictly necessary and is set without consent. The other three are set only after you have given consent through our cookie banner, and you can withdraw your consent at any time (see Section 7).
4.1. Strictly necessary cookies
These cookies are required for the Service to function. Without them, you would not be able to log in, your session would not be secured, and you would not be able to make a payment. Under Article 5(3) of the ePrivacy Directive 2002/58/EC, these cookies do not require your consent.
They include:
- Authentication cookies, which keep you signed in to your mmemo account.
- Security cookies, including CSRF tokens that protect against cross-site request forgery.
- Session cookies, which maintain the state of your interaction with the Service.
- Consent storage, which remembers your choices in the cookie banner so we do not ask you again on every page.
- Load-balancing and routing cookies, which ensure stable connections.
- Payment cookies set by Stripe when you go through checkout. Stripe acts as Merchant of Record for the sale of the Service. Stripe's use of cookies during checkout is governed by Stripe's own Privacy Policy, available at https://stripe.com/privacy.
4.2. Functional cookies
These cookies enable enhanced functionality and personalisation. They are set with your consent.
They include:
- Language and locale preference, so that you do not have to select your language every visit.
- Interface preferences, such as light or dark theme, sidebar layout and recent-conversations shortcuts.
- Accessibility settings, where applicable.
If you do not consent to functional cookies, the Service still works, but some preferences will reset between sessions.
4.3. Analytics cookies
These cookies help us understand how visitors use the Service, in an aggregated and pseudonymised form. They are set with your consent.
They include providers such as [TO BE COMPLETED - e.g. Plausible Analytics (self-hosted, EEA), PostHog or Google Analytics 4]. The exact list of analytics cookies in use at any given time, together with their retention periods, is available in our Cookie Declaration accessible through the cookie banner.
If you do not consent to analytics cookies, the Service works fully; we simply do not measure your visit.
4.4. Marketing cookies
We do not use marketing cookies on launch. We reserve the possibility of using them in the future for limited, transparent purposes such as measuring the effectiveness of campaigns we may run. If we begin to use marketing cookies, we will update this Cookie Policy and request your prior consent through the cookie banner. They will never be activated by default.
5. Third-party cookies
Some cookies are set by third parties that we have integrated into the Service. The main third parties are:
- Stripe, for payment processing during checkout. Stripe acts as an independent data controller for payment-related cookies. See https://stripe.com/privacy.
- Identity providers, where you choose to log in via Google or Apple. The relevant identity provider's privacy notice applies to its own cookies.
- Analytics provider [TO BE COMPLETED], for aggregated usage measurement. Used only with your consent.
We carefully select third-party providers and put in place data protection agreements where required. The current list of third parties setting cookies on mmemo is available in the Cookie Declaration accessible through the cookie banner.
6. Retention periods
The retention period of each cookie depends on its purpose:
- Session cookies are deleted automatically when you close your browser.
- Persistent cookies remain on your device for a defined period, after which they expire. The maximum retention period for non-essential cookies on mmemo is 13 months, in line with guidance from the French data protection authority (CNIL) and the European Data Protection Board (EDPB). After 13 months we will ask for your consent again.
- Consent records are kept for 3 years from your last interaction with the cookie banner, in order to demonstrate compliance with applicable law.
The Cookie Declaration accessible through the cookie banner indicates the precise retention period of each cookie.
7. Your choices and how to manage cookies
7.1. The cookie banner
When you first visit mmemo, a cookie banner is displayed. The banner offers you three equally accessible options:
- Accept all – activates all categories of cookies.
- Reject all – activates only strictly necessary cookies.
- Customise – lets you accept or reject each category individually.
You can change your choice at any time by clicking the cookie preferences link in the footer of the website.
We do not use pre-ticked boxes. Consent is not inferred from continued browsing, scrolling or closing the banner.
7.2. Browser settings
You can also block or delete cookies through your browser settings. Each browser is different; instructions are available at:
- Chrome: https://support.google.com/chrome
- Firefox: https://support.mozilla.org/products/firefox
- Safari: https://support.apple.com/safari
- Edge: https://support.microsoft.com/microsoft-edge
Please note that disabling strictly necessary cookies through browser settings will prevent the Service from functioning correctly.
7.3. Withdrawal of consent
You can withdraw your consent to non-essential cookies at any time through the cookie preferences link in the footer. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
7.4. Do Not Track
Modern browsers offer "Do Not Track" or "Global Privacy Control" signals. We monitor developments in this area and intend to honour Global Privacy Control signals for users in jurisdictions where this is legally required (in particular under the California Consumer Privacy Act and the Colorado Privacy Act).
8. Cookies and international data transfers
Some cookies, in particular those set by analytics or third-party providers, may transmit data to servers located outside the European Economic Area, including in the United States.
Where such transfers take place, we put in place appropriate safeguards under Chapter V GDPR, including Standard Contractual Clauses. See Section 9 of our Privacy Policy for details.
9. Cookie Declaration
A detailed, up-to-date list of all cookies set by mmemo, including their name, provider, purpose, type (first-party or third-party), category, and retention period, is available in our Cookie Declaration accessible through the cookie preferences link in the footer of the website.
The Cookie Declaration is updated automatically when we add, remove or modify a cookie.
10. Your rights
In addition to the choices described above, you have all the data subject rights set out in Section 11 of our Privacy Policy, including the right of access, rectification, erasure, restriction, portability, objection and the right to lodge a complaint with a data protection supervisory authority. The Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) can be contacted at Tatari 39, 10134 Tallinn, info@aki.ee, https://www.aki.ee.
11. Changes to this Cookie Policy
We may amend this Cookie Policy from time to time to reflect changes in the law, the cookies we use, or our practices. The current version, together with its effective date, is always available at the URL where you are reading this document. Material changes will be notified to you through the cookie banner or by email.
End of Cookie Policy.