Melxis

Privacy Policy

Effective date: 2026-05-15
Last updated: 2026-05-15

1. Introduction

Melxis ("we," "us," or "our") is an information management service operated by Autor LLC, a company registered in Japan. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website (melxis.com), MCP server, and related services (collectively, the "Service").

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller for this Service is Autor LLC.

Contact email: privacy@melxis.com

Our personal information protection manager is the company representative. Information that we are required by law to disclose, such as the company's registered address and the name of the representative, will be provided promptly upon request to the contact above (in accordance with Article 32, Paragraph 1 of Japan's Act on the Protection of Personal Information).

Complaints contact: privacy@melxis.com

Authorized personal information protection organization: none applicable.

3. Information We Collect

3.1 Information You Provide

  • Account information: Email address, name, and authentication credentials (managed through an external authentication service).
  • Payment information: Billing details processed by Stripe. We do not store credit card numbers on our servers.
  • Content: Mels, Hives, Tasks, related links, metadata, and other text you save through the Service.

3.2 Information Collected Automatically

  • Usage data: Timestamps of access, service requests, and feature usage patterns.
  • Device and connection data: IP address, browser type, operating system.
  • Cookies: See Section 9.

4. How We Use Your Information

We use your information for the following purposes:

  • Service delivery: To provide, maintain, and enhance the Service, including storage, organization, connection, and retrieval of Mels, Hives, and Tasks, and Apis or AI-assisted organization and linking for eligible plans.
  • Payment processing: To manage subscriptions and billing through Stripe.
  • Communication: To send service-related notices (e.g., plan changes, security alerts). We do not send marketing emails without your consent.
  • Security: To detect and prevent fraud, abuse, or violations of our Terms of Service.
  • Analytics: We aggregate server-side logs to understand how the Service is used and maintain performance. We do not use third-party analytics cookies or tracking tags.

4.1 Apis and AI Processing

If you subscribe to a plan that includes Apis or AI-assisted organization features, your content and related metadata may be processed by AI models to generate summaries, tags, relationship signals, and link suggestions. This processing is performed solely to provide the Service and make your saved content easier to use, and is not used to train third-party AI models.

5. Geographic Scope

The Service is not currently offered to users located in the European Economic Area (EEA), the United Kingdom, or Switzerland. If we obtain personal data of a user located in these regions, we will promptly delete such data.

6. Data Sharing

We share your personal data only with the following categories of third parties, and only as necessary:

Third PartyPurposeData Shared
Google CloudInfrastructure, hosting, authentication, and Apis or AI-assisted organization and linkingAccount information, authentication data, service data, Mels, Tasks, and related metadata
StripePayment processingEmail, billing details
ResendDelivery of invitation emails and other service-related emailsEmail address and information included in email content

We do not sell your personal data. We do not share your data with advertisers.

7. International Data Transfers

Your data is stored primarily on servers in Japan. However, some processing (such as AI-assisted processing and payment processing) may involve data transfer to servers outside Japan. We share data only to the extent necessary and only after confirming that recipients have appropriate data protection measures in place.

8. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of receiving a deletion request.
  • Content (Mels, Hives, Tasks, and related metadata): Retained while your account is active. Individual Mels and Tasks can be deleted through MCP tools. If you delete a Hive through the web interface, the Mels and Tasks contained in that Hive are also deleted. Deleted content is removed from our storage. Due to technical characteristics, prior versions may remain in the database for up to 3 days after deletion (these are not accessible to third parties during this period).
  • Payment records (such as charge amount, charge date, and Stripe customer ID; credit card numbers are not included): Retained for 7 years as required by the Corporation Tax Act and the Companies Act of Japan.
  • Server logs: Retained for up to 90 days for security and debugging purposes.

9. Cookies

We use cookies only for essential functions. We do not use analytics, advertising, or tracking cookies.

  • Authentication cookies: Required for sign-in and session management.
  • Locale preference cookie: Stores your selected language so the interface remains in your preferred language.

Because we only use strictly necessary cookies, no consent banner is required under GDPR / ePrivacy. You can clear or block cookies through your browser settings, but doing so may prevent you from signing in.

10. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Portability: Request your data in a machine-readable format.
  • Restriction: Request that we limit processing of your data.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at privacy@melxis.com. After verifying that the request comes from you, we will respond free of charge within the timeframe required by applicable law (for requests under Japan's Act on the Protection of Personal Information, promptly and generally within 30 days of receipt).

10.1 Rights under Japanese Law

Under Japan's Act on the Protection of Personal Information (APPI), you have the right to request disclosure, correction, or cessation of use of your personal information.

11. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will delete it promptly.

12. Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit and at rest.
  • Access controls and authentication.
  • Regular review of security practices.

We continuously review our security practices and take appropriate protective measures. If you discover a security concern or vulnerability, please report it to security@melxis.com.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. Your continued use of the Service after the effective date of the updated policy constitutes acceptance of the changes.

14. Contact Us

Autor LLC

Email: privacy@melxis.com