MemoFlow

English

简体中文

English

简体中文

Appearance

Terms of Service

Last updated: March 15, 2026
Effective date: March 15, 2026

These Terms apply to the current code-implemented scope of the MemoFlow client (the “Client”). Before installing, accessing, or using the Client, users should read and understand these Terms in full. By starting to use the Client, the user is deemed to have read and agreed to be bound by these Terms.

1. Parties and scope

  1. These Terms are published by the MemoFlow project maintainer and apply to the Client and its later versions.
  2. The Client is a local-first capture, organization, sync, and review tool whose core purpose is to connect to user-configured Memos services and other external capabilities.
  3. These Terms govern the Client’s usage rules, allocation of responsibility, and risk disclosures only. They do not replace the contractual relationship between users and third-party service providers.

2. Nature of the service and current feature scope

Based on the current code implementation, the Client mainly provides the following capabilities:

  • Connect to a user-specified Memos service for sign-in, authentication, memo read/write, attachment handling, and sync.
  • Store memos, attachments, drafts, version history, settings, logs, and related cache locally on the device.
  • Provide AI insight / AI summary features, including user-configured chat models, optional embedding models, custom templates, analysis history, and saving or sharing results.
  • Provide WebDAV settings sync and WebDAV local-library backup / restore.
  • Provide reminders, third-party share, image-bed upload, image compression, location, templates, import/export, app lock, and multi-account / multi-workspace switching.
  • Provide MemoFlow Bridge (Obsidian local bridge) capability to pair with a user-installed Obsidian plugin over LAN and sync data.

Unless explicitly stated otherwise, the Client does not provide maintainer-operated centralized account hosting, cloud-storage hosting, or hosted AI services.

3. User eligibility and prerequisites

  1. Users should have the required civil capacity and ensure that their use complies with applicable laws and regulations.
  2. Users must ensure that server addresses, accounts, passwords, Personal Access Tokens, API keys, image-bed credentials, WebDAV credentials, map-service keys, and similar information they configure are lawful and authorized for their use.
  3. Users are responsible for their device environment, network environment, external-service availability, and configuration correctness.

4. Accounts, credentials, and access-control responsibility

  1. The Client supports password-based login and token / PAT-based authentication. Credentials are stored according to the current implementation using device secure storage or app-private storage.
  2. For one-time-returned credentials or tokens, users should keep them safely by themselves. The Client does not guarantee that the same plaintext credential can be retrieved again.
  3. The project maintainer does not host user Memos accounts and does not directly control the user’s Memos authentication rules, permission model, workspace rules, or access policies.
  4. Risks and losses caused by poor credential management, mistaken sharing, credential leakage, misconfigured server addresses, or misplaced trust in third-party services are borne by the user.

5. Third-party services and external dependencies

The Client can connect to or call various third-party services. All such use is voluntary and configured by the user, who bears the related responsibility:

  1. Memos services: for memo primary data, attachments, authentication, and sync.
  2. AI services: for AI insights, summaries, and analysis through user-configured generation-model and embedding-model endpoints.
  3. WebDAV services: for settings sync, backup storage, and restore.
  4. Map / geocoding services: the current code supports providers such as AMap, Baidu, and Google for location-related features.
  5. Image-bed services: when enabled, images and necessary credentials are sent to the configured image-bed service.
  6. Obsidian plugins / local bridge: for pairing, health checks, and data sync through local LAN bridge endpoints.
  7. Operating-system capabilities such as share sheets, notifications, location, camera, microphone, and file-system access.
  8. Update announcement config sources: the app may fetch public announcement or version configuration.

When using third-party services, users must also comply with those third parties’ terms, privacy policies, usage restrictions, and billing rules.

6. Local-first model, data boundaries, and processing

  1. Under the current implementation, the Client follows a local-first approach. Large portions of business data, settings, logs, exported files, and cache are stored on the user’s device.
  2. The project maintainer has not implemented automatic uploading of user memo bodies, attachments, or logs to maintainer-owned servers in the current code scope.
  3. Relevant data may leave the local environment only when the user expressly selects and initiates the corresponding sign-in, sync, sharing, export, image-bed upload, AI analysis, WebDAV backup / restore, or Obsidian bridge pairing / upload flow, and only to the extent required by that feature flow.
  4. Template rendering, some settings handling, image compression, and similar features are mainly executed locally, but that does not mean the resulting data will never be transmitted later to user-configured external services.

7. Special notice for AI features

  1. AI features depend on user-configured external model services by default. The project maintainer does not provide built-in hosted model capability.
  2. When AI is enabled, memo content within the user-selected scope, prompts, user profile, and custom templates may be sent to the relevant AI endpoint for processing.
  3. The current code supports generation models and optional embedding models. If users configure embedding-related settings, vectorization requests may also be sent to the configured embedding endpoint.
  4. AI output is for note-taking, organization, review, and reference only. It does not constitute medical, legal, investment, tax, or other professional advice.
  5. Users are solely responsible for reviewing the accuracy, suitability, and publishability of AI output, and for any consequences of using it.

8. Sync, backup, restore, and import/export

  1. WebDAV settings sync is a file-level synchronization mechanism for app settings and certain configuration data.
  2. WebDAV local-library backup supports client-side encryption before upload in the current implementation. Backup passwords are managed by users.
  3. When features such as “remember backup password” are enabled, related passwords or recovery information may be stored in device secure storage.
  4. Import/export features are mainly for user-managed migration or backup. Once exported data leaves the device or is accessed by third parties, the related risk is borne by the user.
  5. Sync, backup, restore, import, and export are all affected by network conditions, file systems, third-party availability, device state, disk space, and user actions. The Client does not guarantee absolute success, absolute real-time behavior, or absolute completeness.
  6. Users should maintain an independent backup strategy and periodically verify that backups are actually restorable.

9. Feature components and related risks

  1. When Third-party Share is enabled, text, links, or images from other apps can enter MemoFlow through the system share sheet. Users should decide for themselves whether sensitive content should be imported.
  2. When Image Bed is enabled, images are sent to the configured image-bed service and may be written into memos as remote links.
  3. When Image Compression is enabled, newly added image attachments may be compressed, converted, or resized locally before upload. If users need original quality, they should keep originals themselves.
  4. When Location is enabled, geographic information may be attached to memos. Users should choose location precision according to their privacy needs.
  5. Reminder capability depends on system notifications, exact alarms, battery policies, and related platform behavior. The maintainer does not guarantee perfect timing on every device.
  6. Obsidian Bridge is a LAN local-bridge mode. Users should verify the trustworthiness of the paired target, LAN environment, and plugin source by themselves.

10. Permissions and device capabilities

According to the current code and platform manifests, the Client may request or use the following when users trigger related features:

  • Network access, notifications, reminders, boot restore, exact alarms, and battery-optimization-related capabilities.
  • Camera, microphone, location, gallery, and file read/write permissions.
  • System share sheet, QR scanning, LAN discovery, vibration, and notification-channel related capabilities.

If users deny or revoke permissions, the related features may become limited or unavailable.

11. User content and compliance obligations

  1. Users bear the corresponding legal responsibility under applicable law for content they create, import, upload, sync, share, export, or process through AI, image beds, WebDAV, or the bridge.
  2. Users must ensure that such content does not infringe intellectual property rights, privacy rights, reputation rights, trade secrets, or other lawful rights of third parties.
  3. Users must not use the Client for illegal activities, and must not abuse, attack, scrape, harass through, bypass permissions of, or otherwise misuse third-party interfaces.
  4. If the user’s content or actions lead to disputes, claims, administrative action, penalties, or losses, the user shall bear the corresponding responsibility under applicable law. To the extent permitted by law, the user shall indemnify the project maintainer for losses actually suffered by the maintainer and legally attributable to the user.

12. Fees and third-party billing responsibility

  1. According to the current public code implementation, the Client does not include mandatory subscriptions, automatic charging, or maintainer-operated billing logic.
  2. Any charges arising from Memos services, AI APIs, WebDAV, image-bed services, map services, object storage, or network traffic are borne by users themselves.
  3. If the future product form changes, the maintainer will describe that through documentation updates.

13. Security notice and risk disclosure

  1. The current Android manifest permits cleartext traffic (usesCleartextTraffic=true). When users configure http:// endpoints, encrypted transport may not be present.
  2. The project maintainer recommends using https:// endpoints for Memos, WebDAV, AI, image-bed, and other external services whenever possible.
  3. Risks such as root/jailbreak, debug injection, malware, OS vulnerabilities, weak passwords, LAN hijacking, or third-party misconfiguration are outside the maintainer’s control.
  4. Although the app contains sanitization or truncation logic for logs, errors, and some display flows, users should still manually review sensitive information before exporting, sharing, or submitting logs.

14. Intellectual property

  1. Intellectual-property ownership of the Client’s software code, documents, and related identifiers is subject to the open-source license, project notices, and applicable law.
  2. Users retain rights to their own memo content. However, for the technical purposes of local storage, sync, encryption, export, sharing, AI processing, and restore, users grant the Client the necessary technical authorization to process such content.

15. Disclaimer

  1. The Client is provided on an “as is” basis. The project maintainer makes no express or implied warranty regarding uninterrupted availability, complete error-free behavior, full compatibility, full security, or fitness for a specific purpose.
  2. For losses caused by third-party unavailability, network interruption, system constraints, device failure, configuration error, user misoperation, data corruption, password loss, or force majeure, the maintainer may rely on exclusions or limitations of liability to the extent permitted by applicable law; however, this does not apply where liability cannot be excluded or limited under applicable law, including losses caused by the maintainer’s willful misconduct or gross negligence.
  3. AI output, reminder delivery, backup/restore, bridge sync, image-bed upload, and location results all may contain technical error, delay, interruption, or failure. Users should verify and maintain their own fallback measures.

16. Limitation of liability

To the extent permitted by applicable law, the project maintainer’s aggregate liability for any dispute or claim is limited to the direct consideration paid by the user for the Client, if any. If there is no direct paid consideration, liability will be determined in accordance with applicable law. The foregoing limitation does not apply where liability cannot be excluded or limited under applicable law, including losses caused by the maintainer’s willful misconduct or gross negligence.

17. Updates, suspension, and termination

  1. The project maintainer may update these Terms due to feature iteration, compliance requirements, product adjustments, or operational needs.
  2. Updated Terms will be published on the help documentation pages, together with an updated “Last updated” date.
  3. To the extent permitted by applicable law, continued installation, access, or use of the Client after the updated Terms are published constitutes acceptance of the revised Terms.
  4. Users may stop using the Client at any time and may delete local data, settings, cache, and backup files by themselves.
  5. For illegal use, interface abuse, or usage that clearly harms the project, community, or third-party rights, the maintainer may limit related support or assistance to the extent permitted by law.

18. Governing law and dispute resolution

  1. The formation, performance, interpretation, and dispute resolution of these Terms are governed by the laws of the People’s Republic of China (excluding conflict-of-law rules, subject to any mandatory rules of the applicable jurisdiction).
  2. Disputes arising from these Terms should first be resolved through friendly negotiation. If negotiation fails, either party may bring the dispute before a competent people’s court.

19. Contact

These Terms are written based on the functionality visible in the current public repository. If feature boundaries, external dependencies, or data-handling methods change, this page will be updated accordingly.