What we keep. What we don't.

Effective date: April 18, 2026.

MnemoPay is a developer SDK operated by J&B Enterprise LLC (the "Company," "we," "us"). This policy covers mnemopay.com and the managed MnemoPay service ("Service"). The self-hosted SDK ships entirely in your infrastructure and is outside the scope of this policy.

1. What we collect

Account data

• Email address, organization name, and billing address when you sign up for Pro or Enterprise.
• Payment details handled directly by Stripe — we never see raw card numbers.

Agent data (managed tier only)

• Agent identifiers, Ed25519 public keys, Merkle roots of agent memory, behavioral-finance signals, and credit score inputs.
• We do not read agent memory contents except when required to execute a feature you invoke (e.g., recall ranking).

Technical data

• IP address, user agent, request timestamps — retained for 90 days for abuse prevention and debugging.
• Aggregate usage metrics (call counts, error rates) for capacity planning. Not linked to individual agents.

2. What we don't do

• We don't sell data.
• We don't share data with third parties for advertising.
• We don't run behavioral ad networks on the site.
• We don't inspect agent memory contents except when a feature requires it.

3. How we use it

• To operate and improve the Service.
• To compute Agent Credit Scores and related outputs you explicitly request.
• To bill and communicate with account holders.
• To detect abuse (rate limits, fraud signals, canary honeypots).

4. Subprocessors

The managed tier currently uses: Stripe (billing), Paystack (Africa fiat rail), Cloudflare (CDN / DDoS), Vercel (site hosting), Neon (Postgres), and AWS (backups). All listed in the Enterprise Data Processing Addendum.

5. Retention & deletion

• Account data retained while your account is active.
• Request logs: 90 days.
• Agent Credit Score history: retained to preserve the score's reliability; purgeable on request.
• Account deletion: email jeremiah@getbizsuite.com — we purge within 30 days, retaining only what's required by tax or fraud-response law.

6. Your rights

If you're in the EEA, UK, California, or other jurisdictions with data-protection laws: you have rights to access, correction, deletion, portability, and objection. Email us and we'll respond within 30 days.

7. Security

Ed25519 signed receipts, Merkle-chained integrity, TLS everywhere, encrypted at rest. No system is perfectly safe, but we engineer as if every component will be audited — because eventually, every receipt will be.

8. Children

The Service is for developers and businesses. Not directed at children under 13.

9. Changes

We'll post material changes here and, for paid accounts, email them at least 30 days in advance.

10. Contact

J&B Enterprise LLC · Dallas, TX · jeremiah@getbizsuite.com

© 2026 J&B Enterprise LLC