← Human Layer

Privacy

The technical facts behind every claim.

The Short Version

Human Layer is built so that the most honest thing you can write has a home that can't read it. Your writing lives encrypted on your Mac. The AI that reflects on it runs on your Mac. The letters you choose to send are sealed and encrypted before they touch the network. It works without internet — there is no central server, no cloud dependency. There's no account, no analytics, no telemetry.

What We Don't Collect

The honest exception: when you visit this site, our hosting provider (Cloudflare) sees the HTTP request — IP, user agent, timing — the same way any web server does. That's normal log data and Cloudflare's policy governs how long it's kept.

What Stays on Your Mac

Everything you actually write, plus everything Human Layer derives from it.

If You Lose Your Passcode

We can't help you. There is no recovery email, no account-side backup, no support process that ends with you getting your writing back. The data is encrypted with a key only you hold.

This is the price of the privacy promise — and it's the right trade. Pick a passphrase you'll remember, write it down somewhere physical if you must, and consider exporting an encrypted backup you store outside the app.

How Reflections Work

Mirror, Dream, Ask Your Vault, Wrapped, Float, and Voice Reading all run on a small language model that lives on your Mac (Ollama). No external AI provider is contacted. No prompt, no passage, no output ever leaves the device.

When you ask your vault a question — or when Mirror surfaces a pattern — the same engine fires: your query is embedded locally via nomic-embed-text, the top semantically-similar passages are retrieved from your in-memory index, and those passages plus the query plus a surface-specific prompt are passed to the local chat model. The model answers with inline citations back to the source passages so every claim is traceable to your own words.

Letters and Inbox

Letters you send to other Human Layer users are sealed to their public key on your machine before they touch the network. Our relay sees the ciphertext (which it can't read) and the envelope (who sent to whom, when). After delivery, the relay's copy is deleted.

Incoming mail to inbox@thehumanlayer.co is sealed at the edge with your vault's public key (a libsodium sealed box). Our infrastructure stores the sealed blob. Only your laptop, with the matching private key, can open it.

The One Call the App Makes On Its Own

On launch, the app checks whether a newer version exists and shows a quiet prompt if so. That's one HTTP request to api.thehumanlayer.co/updates/latest.json. No identifying data, no telemetry payload — just what's the current version?

Under the Hood

The short, technical facts behind the privacy claims. Each one is verifiable from the open source.

Key Derivation
Argon2id from your passphrase (m=256 MiB, t=10, p=1) — the modern memory-hard KDF, resistant to GPU/ASIC brute force.
Encryption
XChaCha20-Poly1305 AEAD on every entry. 192-bit nonce space lets us use random nonces safely; constant-time decode resists timing attacks.
Vault Location
~/HumanLayer/. Run xxd on any entry file — you'll see ciphertext. No back door.
AI Runtime
Ollama on your Mac. Llama 3.2 / Qwen 2.5 / Phi 3.5 — your choice. No external API ever contacted for reflections.
Letters
libsodium sealed boxes — Curve25519 public keys, ciphertext-only on the relay, deleted after delivery.
Backups
HLBKUPv1 — a single encrypted archive using the same primitives as the live vault. Portable across machines you own; readable only with your passphrase.

Deeper

Questions, Mistakes

If you find something on this page that doesn't match what the code or the app actually does, that's a bug we want to hear about. Email joe@thehumanlayer.co and we'll either fix the wording, fix the code, or both.

For the technically curious: the source files that govern these guarantees are open and reviewable. The claims on this page map to specific assertions in src-tauri/src/intelligence/, src-tauri/src/ollama.rs, and src-tauri/src/vault.rs.