Data Privacy

Mnemosyne's privacy-first design ensures your data stays under your control.

Privacy Principles

1. Data minimization: Only store what's necessary
2. Local processing: No cloud required — all data and embeddings stay local
3. User control: Full control via remember(), recall(), and forget()
4. Transparency: All operations are inspectable via get_stats()

Data Flow

flowchart LR
  U[User Input] -->|Local| M[Mnemosyne]
  M -->|Local| E[fastembed Embeddings]
  M -->|Local| DB[(SQLite)]
  
  style M fill:#e0f2fe,stroke:#0284c7
  style DB fill:#f0fdf4,stroke:#16a34a

Minimizing External Calls

Data Retention

Use the valid_until parameter on remember() to set expiration times for memories:

from mnemosyne import Mnemosyne
from datetime import datetime, timedelta

mem = Mnemosyne(session_id="support-bot")

# Memory expires in 30 days
mem.remember(
  content="User prefers dark mode",
  importance=0.3,
  valid_until=(datetime.now() + timedelta(days=30)).isoformat(),
)

Data Deletion

Remove specific memories using forget():

from mnemosyne import Mnemosyne

mem = Mnemosyne(session_id="default")

# Store a memory
mem.remember(
  content="User email is alice@example.com",
  importance=0.5,
)

# Delete a specific memory by ID
stats = mem.get_stats()
# ... find the memory_id ...
mem.forget(memory_id="mem_abc123")

Scope-Based Isolation

Use the scope parameter to control memory visibility:

from mnemosyne import Mnemosyne

mem = Mnemosyne(session_id="my-agent")

# Session-scoped memory (default)
mem.remember(
  content="Working on bug #42",
  scope="session",
)

# Global memory visible across sessions
mem.remember(
  content="Project uses Python 3.12",
  scope="global",
)

PII Handling

Mnemosyne does not automatically detect or redact PII. Best practices:

1. Use metadata dict to flag PII-containing memories
2. Set valid_until for time-limited PII retention
3. Use separate session_id values to isolate PII by context
4. Use forget() to remove PII when no longer needed