Memori Labs builds agent-native memory infrastructure: an LLM-agnostic layer that turns agent execution history, including tool calls, decisions, traces, and user context, into persistent, structured state agents can rely on across sessions, models, and workflows.
Because memory infrastructure sits in the data path of agent systems, it inherits the sensitivity of everything those agents touch. Memori is built for that reality: fine-grained, pool-based access control that goes beyond standard RBAC, immutable audit logging, configurable retention and deletion, and deployment flexibility across managed cloud, customer VPC, and on-premises environments. Memori conforms to your security and data-governance requirements, not the other way around.
This Trust Center provides current information on Memori's security program, compliance posture, policies, subprocessors, and operational controls. Memori is in the final stage of its SOC 2 Type II observation period, with Prescient Security engaged as our auditor. Our controls across SOC 2, GDPR, ISO 27001, and HIPAA are continuously monitored via Sprinto, with audit attestation to follow.
Our goal is simple: give you what you need to evaluate Memori clearly and confidently.
Here are the important security policies and documents which are a part of Memori Labs’s compliance program.
Access Control Policy
Policy
Asset Management Policy
Policy
Business Continuity and Disaster Recovery Plan
Policy
Code of Conduct
Policy
Cryptography Policy
Policy
Data Management Policy
Policy
Human Resource Security Policy
Policy
Incident Response Plan
Policy
Information Security Policy AUP
Policy
Information Security Roles and Responsibilities
Policy
Operations Security Policy
Policy
Physical Security Policy
Policy
Risk Management Policy
Policy
Secure Development Policy
Policy
Third Party Management Policy
Policy
Records of processing activities (ROPA) and data flow maps
Document
ISMS Manual
Document
System Description
Document
ISMS Scope Document
Document