Memori Labs builds agent-native memory infrastructure: an LLM-agnostic layer that turns agent execution history, including tool calls, decisions, traces, and user context, into persistent, structured state agents can rely on across sessions, models, and workflows.
Because memory infrastructure sits in the data path of agent systems, it inherits the sensitivity of everything those agents touch. Memori is built for that reality: fine-grained, pool-based access control that goes beyond standard RBAC, immutable audit logging, configurable retention and deletion, and deployment flexibility across managed cloud, customer VPC, and on-premises environments. Memori conforms to your security and data-governance requirements, not the other way around.
This Trust Center provides current information on Memori's security program, compliance posture, policies, subprocessors, and operational controls. Memori is in the final stage of its SOC 2 Type II observation period, with Prescient Security engaged as our auditor. Our controls across SOC 2, GDPR, ISO 27001, and HIPAA are continuously monitored via Sprinto, with audit attestation to follow.
Our goal is simple: give you what you need to evaluate Memori clearly and confidently.
Here are the controls implemented at Memori Labs to ensure compliance, as a part of our security program.
Production System User Review
Situational Awareness For Incidents
Notification of changes
Inventory of Infrastructure Assets
Testing for Reliability and Integrity
Inventory of Personal Data (PD)
Choice & Consent
Data Subject Access
Limit Network Connections
Transmission Confidentiality
Anomalous Behavior
Conspicuous Link To Privacy Notice
New Hire Policy Acknowledgement
Periodic Policy Acknowledgement
Incident Reporting Assistance
Risk Assessment
Fraud
Assigned Cybersecurity & Privacy Responsibilities
Internal Audit using Sprinto
Data Protection Impact Assessment (DPIA)
EU Representative
Testing
Customer Obligations
Retention of Policies
Chief Privacy Officer (CPO)
Privacy Act Statements
Asset Ownership Assignment
Shared Responsibility
Periodic Security & Privacy Training Records