Galore Interactive

Privacy Policy

Last updated: February 2026

1. Who We Are

Memsight is operated by Galore Interactive, based in Marietta, Georgia, United States. This policy describes how we collect, use, and protect your information when you use the Memsight platform (“the Service”).

2. What We Collect

Account information

When you create an account, we collect your email address and account metadata. Authentication is handled through our auth provider (Supabase Auth), and we do not receive or store your plaintext password. We generate an API key for authenticating your runtime SDK, and we store API key hashes/prefixes (not the full raw key after creation). We do not collect your real name, phone number, or physical address unless you provide it voluntarily (e.g., through the partner inquiry form).

Schema and configuration data (Memsight)

To support Memsight cloud translation features, the Unity SDK can sync schema metadata (for example: source/type names, field names, paths, and related schema structure metadata) to our cloud service. We use this to build derived indexes (such as SIM / schema intelligence data) so we can translate natural language into structured Memsight queries. Query execution itself still happens locally in your application.

Cloud feature request data (Memsight)

When you use Memsight cloud features (for example natural-language translation, interpretation, or playbook/insight generation), we collect the request data needed to provide that feature. Depending on the feature, this can include your natural-language question, schema context or hashes, generated query expressions, response metadata, usage/billing metrics, and service diagnostics. We do not execute your live runtime object graph in the cloud; the SDK executes structured queries locally.

Editor telemetry

The Memsight Unity editor plugin collects telemetry only on an opt-in basis. This telemetry includes editor/product usage events (for example UI interactions, feature usage, timings, success/failure flags), Memsight/Unity version information, and hashed project/device identifiers. It is stored as event-level telemetry (not just aggregate counters), and can be disabled in Memsight settings.

Our current Unity editor telemetry implementation intentionally avoids collecting raw natural-language questions. For example, it may store question length and a generated structured query string for telemetry/performance analysis, but not the original question text.

Optional quality and diagnostic reports (Memsight)

Memsight supports consent-gated quality reporting to help diagnose translation/result issues. Depending on your organization's consent tier (for example off, metrics_only, or full), we may store no report, a metrics-only diagnostic trace, or a more detailed redacted trace. When organization-level quality reporting is off, certain Unity flows can still send a one-time diagnostic report only if you explicitly choose to share it (for example a one-time “Share & Report” action).

3. How We Use Your Data

  • Query processing: Your queries are processed to translate natural language into structured queries, execute them against your runtime data, and generate AI-powered insights.
  • Service improvement: We use product telemetry and consent-gated quality diagnostics to improve query translation accuracy, feature prioritization, reliability, and support workflows. Some of this data is stored as event-level records and may be linked to an organization/account for billing, quota enforcement, support, abuse prevention, and privacy auditing.
  • Account management: Your email is used for account authentication, billing notifications, and critical service communications.
  • Billing: Payment information is processed by Stripe. We do not store credit card numbers or payment details on our servers.
  • Consent auditing and exports: We maintain an audit trail of certain Memsight consent actions (including Unity telemetry opt-in/out and one-time quality sharing events we receive) and use it to support privacy exports and compliance requests.

4. What We Do Not Do

  • We do not sell your data to third parties
  • We do not use your customer query data or runtime application data to train our own AI models
  • We do not share your individual query data with other users
  • We do not track your activity outside of the Memsight Service
  • We do not run Memsight query execution in our cloud against your live in-memory application objects (execution happens in the SDK)

5. Third-Party Services

We use third-party services to operate Memsight and the website, including:

  • AI providers (including Anthropic / Claude and Google / Gemini): For AI-powered translation, interpretation, and insight generation in Memsight cloud features. We may route requests across supported providers based on feature behavior, availability, or fallback logic.
  • Stripe: For payment processing. Stripe handles all payment data according to PCI DSS standards.
  • Supabase: For authentication and database services.
  • Upstash: For rate limiting and caching. Cached data uses expirations where configured.
  • Inngest: For background job orchestration and scheduled processing (for example exports and operational health checks).
  • Resend: For transactional email delivery (for example support notifications and optional admin alert emails).

6. Runtime SDK Data

The Memsight runtime SDK operates within your application and has access to your application's state data. Important privacy properties of the SDK:

  • Local-first: The query engine runs locally within your application. Structured queries are executed locally without transmitting data to our cloud service.
  • Cloud opt-in: Using Memsight cloud features (for example natural-language translation or cloud-based interpretation) sends the request data required for those features. This is separate from optional telemetry and optional quality diagnostics, which have additional consent controls.
  • Optional telemetry (editor): Unity editor telemetry is opt-in and can be enabled/disabled in Memsight settings. When telemetry is off, the Memsight telemetry endpoint skips storing those telemetry batches.
  • Optional diagnostic/context sharing: Certain developer-initiated workflows can send additional diagnostic context to the cloud (for example logs, input state, screenshots/visual captures, or filtered diagnostic traces) to generate deeper insights or report a bad result. Some of these flows are explicitly one-time and require an in-product confirmation action.
  • Development/editor-focused behavior: Many Memsight Unity features are designed for editor and/or development builds. Some runtime-facing Memsight/trigger/telemetry code paths are compiled or active only in editor/development configurations unless explicitly enabled for your build and use case.

7. Data Retention

  • Account and organization data is retained while your account is active, subject to deletion requests and legal obligations
  • Memsight translation request records are currently retained until deletion request (service operation / support / audit needs)
  • Optional-sharing Memsight quality/result reports are currently retained until deletion request unless a shorter retention is introduced later
  • Memsight consent audit events may be retained as an audit trail to document consent-related actions
  • Billing and financial records are retained as required by applicable tax and financial regulations (for example, service usage / billing records may be retained for longer periods)

We are actively evolving retention controls. For organizations requesting exports, we provide a data inventory/retention report in the export package that reflects the current implemented retention categories.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request deletion of your account and associated data
  • Request an export of your organization's Memsight data (including consent audit trail and optional-sharing datasets, where applicable)
  • Opt out of non-essential communications
  • Disable Unity editor telemetry collection
  • Control Memsight quality reporting consent (organization-level settings and certain one-time in-product share actions)

To exercise any of these rights, contact us at memsight@galoreinteractive.com.

9. Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS), encrypted storage, API key authentication, and access controls. However, no system is completely secure. If you discover a security vulnerability, please report it to memsight@galoreinteractive.com.

10. Children

The Service is not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or a prominent notice on the Service. The “Last updated” date at the top of this page reflects when the policy was last modified.

12. Contact

Questions about this privacy policy? Contact us at memsight@galoreinteractive.com.

See also our Terms of Service, Memsight SDK EULA and Safety Philosophy.