The Short Version
Human Layer is built so that the most honest thing you can write has a home that can't read it. Your writing lives encrypted on your Mac. The AI that reflects on it runs on your Mac. The letters you choose to send are sealed and encrypted before they touch the network. It works without internet — there is no central server, no cloud dependency. There's no account, no analytics, no telemetry.
What We Don't Collect
- No account. You don't sign up. There's nothing for us to associate your writing with.
- No analytics, no telemetry. No page-view tracking on this site, no usage events from the app. We don't know how many entries you've written, when you opened the app, or which features you use.
- No third-party scripts. This site loads two fonts from Google Fonts (so typography renders) and nothing else. The app makes no third-party requests at all.
- No cookies. No advertising IDs, no fingerprinting, no cross-site tracking.
- No "anonymized" aggregate data. We're not collecting word counts or sentiment scores or topic distributions in the background.
The honest exception: when you visit this site, our hosting provider (Cloudflare) sees the HTTP request — IP, user agent, timing — the same way any web server does. That's normal log data and Cloudflare's policy governs how long it's kept.
What Stays on Your Mac
Everything you actually write, plus everything Human Layer derives from it.
- Journal entries — encrypted with XChaCha20-Poly1305 under a key derived from your passphrase via Argon2id. Live in
~/HumanLayer/. - Reflections from Mirror, Dream, Float, Ask, Wrapped, and Voice Reading — generated by an on-device model (Ollama). Never leave.
- Embedding vectors for semantic search — built in memory at unlock, wiped on lock.
- Goals, todos, drafts, marks — encrypted in the vault.
- Your passphrase — we don't have it. There is no back door.
If You Lose Your Passcode
We can't help you. There is no recovery email, no account-side backup, no support process that ends with you getting your writing back. The data is encrypted with a key only you hold.
This is the price of the privacy promise — and it's the right trade. Pick a passphrase you'll remember, write it down somewhere physical if you must, and consider exporting an encrypted backup you store outside the app.
How Reflections Work
Mirror, Dream, Ask Your Vault, Wrapped, Float, and Voice Reading all run on a small language model that lives on your Mac (Ollama). No external AI provider is contacted. No prompt, no passage, no output ever leaves the device.
When you ask your vault a question — or when Mirror surfaces a pattern — the same engine fires: your query is embedded locally via nomic-embed-text, the top semantically-similar passages are retrieved from your in-memory index, and those passages plus the query plus a surface-specific prompt are passed to the local chat model. The model answers with inline citations back to the source passages so every claim is traceable to your own words.
Letters and Inbox
Letters you send to other Human Layer users are sealed to their public key on your machine before they touch the network. Our relay sees the ciphertext (which it can't read) and the envelope (who sent to whom, when). After delivery, the relay's copy is deleted.
Incoming mail to inbox@thehumanlayer.co is sealed
at the edge with your vault's public key (a libsodium sealed
box). Our infrastructure stores the sealed blob. Only your
laptop, with the matching private key, can open it.
The One Call the App Makes On Its Own
On launch, the app checks whether a newer version exists and
shows a quiet prompt if so. That's one HTTP request to
api.thehumanlayer.co/updates/latest.json. No
identifying data, no telemetry payload — just what's the
current version?
Under the Hood
The short, technical facts behind the privacy claims. Each one is verifiable from the open source.
m=256 MiB, t=10, p=1) — the modern memory-hard
KDF, resistant to GPU/ASIC brute force.
~/HumanLayer/. Run xxd on any
entry file — you'll see ciphertext. No back door.
HLBKUPv1 — a single encrypted archive using the
same primitives as the live vault. Portable across machines
you own; readable only with your passphrase.
Deeper
-
Local Intelligence →
Semantic search over your writing. How it stays local, what gets wiped on lock, what swap-to-disk does, and why FileVault is the right companion.
Questions, Mistakes
If you find something on this page that doesn't match what the code or the app actually does, that's a bug we want to hear about. Email joe@thehumanlayer.co and we'll either fix the wording, fix the code, or both.
For the technically curious: the source files that govern these
guarantees are open and reviewable. The claims on this page map
to specific assertions in
src-tauri/src/intelligence/,
src-tauri/src/ollama.rs, and
src-tauri/src/vault.rs.