Privacy Policy

Your signals.
Your keys.
Your intelligence.

Last updated: July 1, 2026 · Effective immediately · Applies to hermionai.xyz

Hermion is built on a single architectural commitment: your messages never leave your device. We extract mathematical signals from your interactions locally, transmit only those signals — never the underlying text — and run all intelligence on those signals alone. This document describes precisely what we collect, how we use it, and what we never do.

1. What Hermion Is

Hermion is an interaction intelligence platform. It models the structural dynamics of interactions — relationships, sales, hiring, fundraising, support — by extracting numerical signals from message data and running those signals through the Hermion intelligence engine (powered by Hermion's proprietary intelligence engine).

Hermion does not read, store, or transmit the content of your messages. It reads structure. It measures signal. It never sees your words.

2. What We Collect

2a. On-Device Signal Extraction (Web App & Chrome Extension)

When you upload a WhatsApp export or use the Chrome Extension, your messages are processed entirely on your device. The classifier runs locally using on-device WASM/ONNX models. The output — numerical signals, category embeddings, and metadata — is what gets transmitted to our servers. The messages themselves never leave your device.

We transmit:

  • Extracted signals (numerical vectors, not text)
  • Category classifications per message window
  • Metadata: message count, timestamp range, actor labels you provide
  • Context type and goal label you select

2b. Server-Side Fallback Classification

On devices with insufficient memory for on-device classification, we offer an optional server-side classification path. In this case, anonymised message text is transmitted to our classifier servers solely to extract signals, and is deleted immediately after classification completes. No message text is stored at any point.

2c. Account Data (Hermion Pro)

If you create a Hermion Pro account, we collect your email address for authentication and communication. Signal data associated with your account is encrypted with your account key before storage. Hermion cannot decrypt your stored signals without your active session.

2d. Usage Analytics

We collect anonymised, aggregated usage data: feature usage patterns, session duration, error rates, and performance metrics. This data contains no message content, no signals, and no personally identifiable information unless you have an account.

2e. API & MCP Usage

Developers and agents using the Hermion API or MCP integration transmit signals or raw interaction data to our servers for analysis. All data processed via API is subject to the same signal-only policy: message text is processed transiently and never stored. API usage is logged for rate limiting and abuse prevention purposes.

3. What We Never Collect

  • ×The content of your messages, texts, or conversations
  • ×Names, phone numbers, or contact identities from your exports
  • ×Audio, images, or media attachments
  • ×Device identifiers beyond what is standard for web sessions
  • ×Location data
  • ×Biometric data of any kind

4. How We Use Your Data

We use collected data exclusively to:

  • Deliver the Hermion intelligence report for your interaction
  • Improve the accuracy of the Hermion intelligence engine and signal classifier
  • Maintain platform security and prevent abuse
  • Communicate with you about your account (Pro users only)
  • Enforce rate limits on API and MCP access

We do not sell your data. We do not share your data with advertisers. We do not use your data to train external AI models.

5. Data Retention

Free users: No signal data is retained after your session ends. All in-memory data is discarded when you close the analysis or reload the page.

Pro users: Encrypted signal data is retained for as long as your account is active, enabling re-analysis and full topology tracking across time. You may delete your signal history at any time from your account dashboard.

API / MCP: Request logs (not signal content) are retained for 90 days for rate limiting and abuse monitoring, then permanently deleted.

Server-side fallback: Message text processed during fallback classification is deleted immediately after signals are extracted, within the same request lifecycle.

6. Security

Signal data in transit is encrypted via TLS 1.3. Pro user signal storage uses account-level encryption — your account key is derived from your credentials and never stored in plaintext on our servers. Our infrastructure is hosted on Hetzner (EU) with Coolify for orchestration.

We conduct regular security reviews and apply principle-of-least-privilege access controls across all internal systems.

7. Your Rights

You have the right to:

  • Access any personal data we hold about you
  • Request deletion of your account and all associated data
  • Export your stored signal data (Pro users)
  • Withdraw consent to analytics collection at any time
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at privacy@hermionai.xyz

8. Third-Party Services

We use the following third-party services in the operation of Hermion:

  • Hetzner: Server infrastructure (EU-based)
  • Vercel: Frontend hosting and edge delivery
  • Hugging Face (ONNX/WASM): On-device model delivery

None of these services receive message content. Signal data is only processed on Hermion's own infrastructure.

9. Children

Hermion is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a minor has submitted data to Hermion, contact us at privacy@hermionai.xyz and we will delete it immediately.

10. Changes to This Policy

We will notify users of material changes to this policy via the platform and, where applicable, by email. Continued use of Hermion after changes constitutes acceptance of the updated policy.

11. Contact

Questions about this policy or your data:

Email: privacy@hermionai.xyz
Platform: hermionai.xyz