Privacy Policy

Last updated: April 2026

Medha ("we", "our", "us") is a spaced repetition learning tool that helps you remember what you learn from AI conversations. This policy explains what data we collect, how we use it, and your rights.

1. What We Collect

• Account information: Your email address when you sign up.
• Q&A pairs: Question and answer text from your AI conversations (Claude, ChatGPT) that you choose to capture via the Medha extension or MCP server.
• Review data: Your answers to review questions and scores, used to schedule future reviews.
• Usage data: Number of captures per month (for free tier quota tracking).

2. What We Do NOT Collect

• Your full conversation history — only the specific Q&A pairs you capture.
• Passwords or financial information (handled by Supabase and Dodo Payments respectively).
• Browsing history outside of Claude.ai and ChatGPT.
• Location data.

3. How We Use Your Data

• To extract learning concepts from your Q&A pairs using AI (Anthropic Claude API).
• To schedule and deliver spaced repetition reviews via email and dashboard.
• To track your learning progress and streak.

4. Data Sharing

We do not sell your data. We share data only with the following service providers who process it on our behalf:

• Supabase — authentication and database hosting.
• Anthropic — AI processing of Q&A pairs for concept extraction.
• Resend — email delivery for review reminders.
• Dodo Payments — payment processing (Pro plan). Dodo Payments never shares payment data with us.

5. Data Retention

Your data is retained as long as your account is active. You can delete your account and all associated data at any time from the Profile page. Deletion is immediate and irreversible.

6. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

• Access a copy of your data (export from Profile page).
• Delete your data (delete account from Profile page).
• Rectify incorrect data (edit from Profile page).
• Object to processing or request restriction.

7. Chrome Extension

The Medha Chrome extension:

• Only activates on claude.ai and chatgpt.com.
• Stores authentication tokens and session data locally in your browser.
• Captures only the Q&A pairs you generate — never your full conversation or other browsing activity.
• All captured data is sent securely (HTTPS) to our servers.

8. Security

We use industry-standard security practices including HTTPS encryption, JWT-based authentication, and bcrypt password hashing. We do not store plain-text passwords or payment card numbers.

9. Contact

For privacy questions or to exercise your rights, contact us at: support@trymedha.com

← Back to Medha · Terms of Service