MemoFlow

English

简体中文

English

简体中文

Appearance

Privacy Policy

Last updated: March 15, 2026

This Policy applies to the data-processing behavior visible in the current public-repository implementation of the MemoFlow client (the “Client”). MemoFlow is currently a local-first capture, organization, sync, and review tool whose core purpose is to connect to user-configured Memos services and other external capabilities. The project maintainer does not provide a centralized hosted account system.

1. Data processed by the Client

1.1 Account, identity, and connection data

The Client may process the following account and connection information:

  • Memos server address (Base URL)
  • Basic account information returned by the Memos service
  • Access tokens (PAT / access token / session-related credentials)
  • Account, password, or other authentication information entered during sign-in
  • Multi-account and multi-workspace related state

Notes:

  • Passwords are mainly used for sign-in and credential exchange and are not intended to be kept as long-term plaintext passwords.
  • Credentials and some sensitive connection data are stored, under the current implementation, in device secure storage (for example flutter_secure_storage) or app-private storage.

1.2 Local memo and business data

The Client processes and stores the following business data locally on the device:

  • Memo content, tags, visibility, status, timestamps, and statistics-related data
  • Version history, import history, sync queue, random review / daily review / monthly stats related data
  • Attachment metadata (file name, type, size, remote link, and similar fields)
  • Local attachment files, audio files, image files, and draft content
  • Tag snapshots and certain local caches

Notes:

  • These data are mainly stored in local databases and app-private file directories.
  • Local-first does not mean data will never leave the device. Related data may be transmitted to the corresponding external service only when the user expressly selects and initiates the relevant sync, AI, image-bed upload, backup, sharing, or similar feature flow.

1.3 Feature settings and preference data

The Client may process the following settings or preference data:

  • AI settings: generation endpoint, API key, model name, embedding endpoint, embedding API key, embedding model, quick prompts, custom insight template, user profile, route bindings, and related configuration
  • Image bed settings: service URL, account, password, strategy ID, image-bed token, and related data
  • Image compression settings: enable flag, max side, quality, and output format
  • Location settings: location toggle, provider selection (such as AMap / Baidu / Google), corresponding keys, and location precision
  • Reminder settings: reminder toggle, notification title/body, ringtone, vibration, and quiet hours
  • Template settings: template list, template-variable settings, and weather-variable related config
  • WebDAV settings: service URL, auth data, root path, backup mode, backup schedule, retention, and related security settings
  • App lock / Vault related settings: password hash, salt, snapshot, and recovery-related information (not plaintext password)
  • General preferences such as third-party share, quick input, theme, and language
  • MemoFlow Bridge (Obsidian bridge) settings: host, port, pairing token, device name, server name, last paired time, and related bridge information

Notes:

  • Depending on the current implementation, these settings may be written to device secure storage, app-private directories, or local config files.
  • Some of these settings may also be synchronized as JSON configuration files through WebDAV settings sync.

1.4 AI results and analysis history

When you use AI insight / AI summary features, the Client may also process:

  • Memo text within the time range or filter scope you selected
  • Request prompts, insight templates, and custom supplemental instructions
  • Whether private memos are included
  • AI analysis results, locally saved history entries, report titles, and summary information

Notes:

  • AI history and related results are stored locally so you can reopen and review them later.
  • An AI result is saved as a memo or shared externally only when the user expressly selects the relevant save or share function and completes the corresponding feature flow.

1.5 Diagnostic, log, and error data

The Client may process the following diagnostic data:

  • Debug logs and network request / response logs (toggleable in settings)
  • Status information related to sync, backup, restore, and bridge health checks
  • WebDAV debug logs

Notes:

  • Under the current implementation, log files are kept locally by default and are not automatically uploaded to maintainer-owned servers.
  • The log module includes sanitization or truncation for tokens, cookies, passwords, coordinates, memo content, and similar fields, but users should still manually review logs before export, sharing, or submission.

2. Where data may be sent

2.1 Your configured Memos service

The Client sends necessary requests to the Memos service address you configure, for sign-in, authentication, sync, reading, and writing memos and attachments.

Important notice:

  • The current Android manifest allows cleartext traffic (usesCleartextTraffic=true).
  • If you use an http:// address, the transport channel may not be encrypted. https:// is strongly recommended.

2.2 Your configured AI service endpoints

When you use AI insight / AI summary features, the Client sends relevant data to the AI service endpoints you configure.

Such data may include:

  • Memo text within the scope you selected
  • Time-range information, counts, and other analysis context
  • Prompts, user profile, and custom template content
  • Your choice about whether private memos are included
  • If you configure an embedding endpoint, vectorization requests may also be sent to your configured embedding service

The project maintainer does not provide a default hosted AI service. The current implementation mainly relies on remote or local model endpoints configured by the user.

2.3 Map / geocoding services (optional)

When you enable location features and configure a provider, the Client may send location-related data to the corresponding service, such as:

  • AMap
  • Baidu
  • Google

This usually involves coordinate or geocoding requests in order to obtain human-readable place text.

2.4 WebDAV (user-configured service)

Under the current implementation, the Client provides two main WebDAV-related capabilities:

  1. Settings sync
  • Data that may be synchronized include preferences, AI settings, reminder settings, image-bed settings, image-compression settings, location settings, template settings, app-lock snapshots, note drafts, tag snapshots, and similar configuration items
  • This mechanism is configuration / file synchronization and is not the same as encrypted local-library backup
  1. Local-library backup and restore
  • Backup data, object chunks, and indexes are encrypted client-side according to the current implementation before upload
  • If features such as “remember backup password” are enabled, related password information may be stored in device secure storage

2.5 Image-bed services (optional)

When image-bed upload is enabled, image data and required authentication information are sent to the image-bed service you configure (for example Lsky Pro).

If image compression is also enabled, images may first be compressed locally and then sent to the image bed or later upload target.

2.6 MemoFlow Bridge / Obsidian local bridge (optional)

When you use MemoFlow Bridge, the Client may send the following to the paired target in your local network:

  • Host / port / pair-code pairing requests
  • Health-check requests
  • Memo data and attachment upload requests
  • Necessary bridge information such as device name, bridge version, and pairing token

In addition:

  • The Client supports mDNS discovery of pairable services on the local network
  • On supported platforms, QR scanning may be used to complete pairing

2.7 System share and external import sources

When Third-party Share is enabled and you choose “Share to MemoFlow” from another app, the Client receives text, links, images, or other files from the system share sheet and feeds them into MemoFlow’s input flow.

2.8 Update announcement config sources

The Client may fetch public announcement or version JSON from public config URLs in order to display update notices and announcement content.

3. Notes on image compression, templates, and local processing

Some features are mainly executed locally, including but not limited to:

  • Image compression and format conversion
  • Template rendering and variable substitution
  • Draft saving
  • Version-history handling
  • Certain review-statistics calculations and local caching

However:

  • Locally processed results may still be transmitted externally, but only when the user later expressly selects and initiates the relevant sync, AI, image-bed upload, export, or sharing flow.

4. Permission usage (Android)

According to the current code and manifest, the Client may request or use the following permissions / capabilities when you trigger related features:

  • INTERNET: access to Memos, AI, WebDAV, image-bed, update-config, and related endpoints
  • POST_NOTIFICATIONS, SCHEDULE_EXACT_ALARM, RECEIVE_BOOT_COMPLETED: reminders, exact alarms, and reboot recovery
  • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS: to improve reminder stability on some systems
  • VIBRATE: haptic feedback
  • CAMERA: photo attachments and possible QR-scanning related capability
  • RECORD_AUDIO: audio attachments
  • ACCESS_FINE_LOCATION / ACCESS_COARSE_LOCATION: location recording
  • READ_MEDIA_IMAGES, READ_MEDIA_VIDEO, READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE: image/file access, import/export, and shared-attachment handling depending on Android version and user action
  • CHANGE_WIFI_MULTICAST_STATE: local-network discovery such as mDNS

If you deny, disable, or revoke related permissions, the corresponding features may stop working or work only partially.

5. Behaviors not found in the current code scope

Within the scope visible in the current public repository, the following behaviors have not been found:

  • No integration of common third-party analytics or crash-upload SDKs such as Firebase Analytics, Sentry, Crashlytics, Mixpanel, or Amplitude
  • Memo body is not automatically sent to AI services unless AI-related features are explicitly used
  • Local logs are not automatically uploaded to project-maintainer-owned servers

6. Retention and deletion

Under the current implementation, most data processed by the Client is stored locally on the user’s device and is generally kept until the user deletes the relevant content, clears app data, uninstalls the app, overwrites a backup, removes exported files, or otherwise removes the data through app or system functions.

  • Settings or records related to AI history, templates, reminders, image compression, image beds, location, WebDAV, and the bridge are generally kept until the user modifies, replaces, resets, or deletes the relevant configuration. Actual retention time may vary depending on device state, storage location, and user settings.
  • Data transmitted to Memos, AI, WebDAV, image-bed, map, object-storage, or local-network bridge counterparties is retained according to the rules of the relevant third-party service provider, receiving party, or the user’s own arrangement. The project maintainer cannot unilaterally control or uniformly delete such data.
  • Exceptions apply where retention is required by laws or regulations, or where retention is necessary for dispute handling, security protection, or compliance with legal obligations.

7. How you may exercise related rights

For data stored on the local device, users can generally exercise rights such as access, correction, deletion, export, withdrawal of authorization, or restriction of processing, as applicable law provides, through in-app deletion, cleanup, import/export, account removal, permission revocation, system settings, or uninstalling the app, subject to the entry points available in the current version.

  • For data already sent to Memos, AI, WebDAV, image-bed, map, object-storage, or other third-party services, users should also exercise rights such as access, correction, deletion, or withdrawal of authorization in accordance with the relevant third party’s rules.
  • If you have questions about this Policy, or believe that the implementation visible in the current public repository is inconsistent with this Policy, you may contact us via mailto:hzc073@gmail.com, GitHub Issues, or the help page. The project maintainer will respond and handle the matter within a reasonable scope based on applicable law and verifiable circumstances.

8. What you can control

Under the current implementation, users can generally control or revoke the following:

  • Whether Third-party Share is enabled
  • Whether private memos are included in AI analysis
  • Whether network request / response logging is enabled
  • Whether WebDAV settings sync, encrypted backup, and “remember backup password” are enabled
  • Whether component features such as image bed, image compression, location, reminders, templates, and bridge are enabled
  • System-level permissions such as location, camera, microphone, notifications, and storage access

Users can also use app functions to:

  • Remove accounts and clear corresponding local cache
  • Clear local-library data, attachments, logs, or exported files (depending on the available entry point)
  • Migrate data through import/export flows

9. Security recommendations

  • Prefer https:// endpoints for Memos, AI, WebDAV, image-bed, and other external services
  • Keep tokens, API keys, WebDAV credentials, image-bed credentials, and backup passwords private
  • Before exporting logs, sharing files, or connecting to local-network bridge services, verify that the receiver and target address are trustworthy
  • If privacy sensitivity is high, be cautious when enabling location recording, third-party share, image-bed upload, and AI analysis features

10. Minors

MemoFlow is a general-purpose note-taking and productivity tool. Minors should use related features under guardian guidance, especially features involving external services, sharing, location, and AI.

11. Policy updates and contact

If the product’s feature boundaries, external dependencies, or data-processing methods change, this page will be updated accordingly. For privacy-related questions, use: