1. Who we are and what this policy covers
Rizzma Inc. operates the official HivemindOS website and hosted services described in this Privacy Policy. This policy covers the official HivemindOS application, hivemindos.app, official HIVE identity and community services, and other HivemindOS-managed services that refer to it.
HivemindOS is open source and can be self-hosted or modified. A third-party fork, deployment, model, wallet, runtime, integration, plugin, skill, or website is controlled by its own operator and is not covered by this policy. A managed product may provide an additional notice for practices specific to that product.
2. The local-first privacy model
The private local core is the default architecture, not a marketing wrapper around a cloud account. The dashboard server, agent bridge, durable dashboard state, chats, work records, schedules, local wallet records, shared-brain vault, search indexes, operational receipts, and local telemetry are designed to live on the device, workspace, or private fleet you control.
The app does not require a HivemindOS cloud account for local, bring-your-own-key, self-hosted, or local-model operation. A local-only workflow can remain entirely on the machines and private network you control when you select local runtimes and do not enable remote integrations.
The first-run desktop flow does not read private filesystem locations until you approve setup and local filesystem access. The component historically named the telemetry collector is a local agent bridge; its ordinary fleet and runtime telemetry stays on your device or private fleet rather than being uploaded to HivemindOS.
3. Information stored locally
Depending on the features you use, HivemindOS may store app preferences, terms acceptance, agent profiles, chat messages, attachments or file references, working directories, task and schedule records, notifications, runtime usage, budgets, approvals, wallet metadata, encrypted local wallet secrets, integration credentials, logs, evaluations, and operational receipts under the local HivemindOS application data directory, configured workspace, runtime directories, or shared vault.
Shared Brain content, memories, skills, indexes, retrieval records, and conversation mirrors remain in the configured local vault unless you enable a sync or remote-agent feature. Shared credentials are stored in the local HivemindOS environment file and may be copied to your own private fleet only when you configure that replication.
Production builds do not enable the app's detailed local developer telemetry by default. When local telemetry is enabled for development or diagnostics, it is written to a rotating file under the local application data directory. It is not HivemindOS cloud analytics.
4. Information that is not sent merely by opening the app
Installing or opening the app does not by itself send your prompts, responses, chat history, files, vault content, credentials, wallet private keys, seed phrases, local telemetry log, or detailed machine inventory to Rizzma Inc.
HivemindOS does not sell this local content or use it to build advertising profiles. Local data can still be exposed by malware, an insecure device, a misconfigured network, a plugin or skill, a provider you connect, a command you authorize, or another person with access to your system.
5. Limited automatic technical connections
The official website is delivered through Cloudflare, which necessarily receives technical request information such as IP address, approximate network location, browser and device type, user agent, requested URL, request time, referral information, and security events needed to deliver and protect the site.
Packaged desktop builds check the signed GitHub release endpoint when the dashboard loads and approximately every six hours while it remains open so the app can show that an update is available. The update is downloaded and installed only after you choose the update action. Source-checkout builds may query the configured Git remote for the current revision when showing source and fleet update status.
A connected feature may retrieve public availability, pricing, safety, payment, or policy configuration from HivemindOS or a provider when you open or use that feature. These technical checks can reveal ordinary network metadata such as IP address and request time, but they are not designed to include your prompts, responses, files, vault content, credentials, or wallet secrets.
6. When you choose a model or agent runtime
Local model servers can process prompts and outputs on your own machine. When you select a remote model, hosted runtime, coding agent, image or video provider, search provider, or paid API, the information required for that request is sent to the selected provider. This may include prompts, conversation context, system instructions, files or excerpts you attach, tool inputs, generated outputs, model and usage metadata, and technical request information.
If you choose an official HivemindOS-managed agent or model gateway, Rizzma Inc. and its infrastructure providers may process the request content, workspace or agent identifiers, authorization or entitlement data, usage, costs, tool results, error details, and receipts needed to provide, secure, bill, and audit that service. Provider-specific supplemental notices may apply.
If you use your own provider key, the provider receives data under its own terms and privacy policy. HivemindOS does not make a remote provider private merely because its controls appear inside a local app.
7. Integrations, sync, remote machines, and communications
GitHub, Google, Slack, Discord, Telegram, email, browser automation, cloud deployment, external MCP servers, and other integrations communicate with the provider only after you configure, connect, authorize, or invoke them. The provider may receive account identifiers, OAuth tokens or API credentials, prompts, messages, files, repository data, destinations, and action details needed for the operation.
Hivemind Sync, Syncthing, Taildrop, shared-env replication, remote agents, and Hivemind Link move selected data between machines you configure. Those paths are intended for your own private fleet, but Tailscale, Syncthing relays, network operators, hosting providers, or other infrastructure may process connectivity metadata under their own policies.
Messages, posts, emails, deployments, commits, pull requests, and other outward actions go to the destination you choose and may become visible to recipients or the public. Approval and preview controls do not make an external action private after it is sent.
8. Honey rewards and usage metadata
Honey rewards are disabled by default and must be enabled by you. When enabled, HivemindOS may submit workspace ID, agent ID, token count or delta, model label, timestamp, source, and event ID to the official Honey ledger so usage can be deduplicated and credited.
The ordinary Honey usage observer is designed not to send prompts, responses, files, wallet keys, or detailed machine information to the Honey ledger. If you instead route model requests through the optional HivemindOS reward or compute gateway, that gateway necessarily processes the model request content and provider response needed to perform inference and measure usage.
9. Wallet and blockchain information
When you choose to connect or use a wallet, HivemindOS may read the wallet address you approve, active chain ID, public token balance, public staking state, contract state, transaction status, and other public blockchain information through your wallet or a configured RPC provider. Wallet addresses and blockchain activity are public identifiers and may be linkable to other activity.
When you authorize staking, trading, payment, transfer, withdrawal, or another blockchain action, wallet software, RPC providers, blockchains, facilitators, marketplaces, counterparties, and block explorers may process the transaction and related public information. Ordinary external-wallet connection does not give HivemindOS your seed phrase or private key. If you create or import a secret into the encrypted local wallet vault, the secret is stored locally and is used only for operations you authorize under the configured governance controls.
Official payment, marketplace, managed-credit, and entitlement services may receive wallet address, network, asset, amount, transaction or settlement proof, product or resource, tenant or agent identifier, and fraud-prevention metadata needed to verify and provide paid access.
10. HIVE identity claims and X OAuth
When you choose the public identity-claim flow, the service processes your wallet address, active chain ID, verification nonce, signed proof message, wallet signature, X OAuth state and PKCE data, redirect and timing information, and the X profile fields authorized by the requested scope. Those fields may include X user ID, handle, display name, avatar, profile URL, bio, and public follower, following, and post counts.
The OAuth access token is used to request the authorized X profile during the callback and is not stored in the identity database. The claim screen uses sessionStorage, a session-only browser store, to carry the wallet address through the redirect and removes it after the flow returns.
A verified wallet and X association, wallet address, X handle, selected public profile information, public metrics, and verification time may appear in the public HIVE identity or community feed. Do not submit a claim if you do not want that association to be public.
11. Public community and reward information
HivemindOS may collect public X posts, reposts, profile information, post URLs and timestamps, public engagement metrics, and public wallet associations relating to HivemindOS, HIVE, or configured community accounts. Community systems may generate contribution scores, score reasons, nomination status, reviewer notes, payout intent, HIVE amount, public transaction hash, and payment status.
This information is used to operate public community feeds, verify identity, prevent duplicate or fraudulent claims, review contributions, administer rewards, and provide an auditable public record. Source posts and blockchain records remain controlled by X and public networks even if HivemindOS removes its own copy.
12. How information is used
Depending on your location and the feature, information is processed to provide the service you requested; honor your choices and consent; secure accounts, payments, systems, and public claims; prevent abuse and fraud; troubleshoot and improve reliability; maintain records and audit trails; enforce the Terms; and comply with legal obligations.
Where consent is the legal basis, you may withdraw it for future processing. Withdrawal does not make earlier lawful processing unlawful and cannot erase data controlled by a public blockchain, a recipient, a social network, or another independent service.
13. When information is public or disclosed
Information may be disclosed to the public when you choose a public identity, community, publishing, deployment, repository, marketplace, wallet, or blockchain feature; to infrastructure and service providers that help deliver the selected feature; to connected providers and destinations you authorize; to advisers, auditors, transaction counterparties, authorities, or successors where reasonably necessary and lawful; and to a self-hosted operator if you use an installation controlled by that operator.
We do not sell personal information and do not share personal information for cross-context behavioral advertising. Verified claims and local app content are not used to build advertising profiles.
14. Cookies, browser storage, and analytics
The current public website does not set first-party advertising cookies or run first-party behavioral analytics. The identity claim flow uses the session-only browser value described above. Connected wallets, extensions, X, Cloudflare, GitHub, and external destinations may use their own cookies or storage under their own policies.
If HivemindOS later adds material analytics, advertising, or tracking technologies, this policy will be updated and consent or opt-out controls will be provided where required.
15. Retention and deletion
Local data remains under your control subject to the app's deletion tools, your filesystem and backup practices, configured retention limits, and copies held by runtimes or destinations you selected. Deleting a local record does not delete an independently stored provider copy, recipient copy, public post, blockchain record, synced backup, or third-party log.
HivemindOS-managed services retain information only as long as reasonably necessary for service delivery, entitlement and payment records, claim integrity, fraud prevention, community and reward administration, dispute resolution, security, accounting, and legal compliance. Retention depends on the record and whether it remains active, disputed, security-relevant, or legally required.
Public X content and blockchain records may remain public indefinitely. Cloudflare, GitHub, model providers, integration providers, and other third parties retain information according to their own configurations and policies.
16. Security
HivemindOS uses safeguards appropriate to the feature, including local-only defaults, private-network collectors, least-privilege connection design, signed wallet proofs, short-lived nonces, OAuth state and PKCE, encrypted local secret storage where offered, authenticated local routes, approval controls, spending limits, and provider access controls.
No system is completely secure. HivemindOS cannot guarantee that information will never be accessed, altered, lost, or disclosed without authorization. Keep devices patched, use strong authentication, review connected tools, restrict permissions, maintain backups, and never send a seed phrase or private key to a support contact.
17. International processing and privacy rights
Rizzma Inc. and connected providers may process information in the United States and other countries whose data-protection rules differ from those where you live. Where legally required, an applicable transfer mechanism or other lawful basis is used. Public blockchain and social-network data can be accessed globally by design.
Depending on your location, you may have rights to know or access personal information, correct it, delete it, restrict or object to processing, receive a portable copy, withdraw consent, appeal a decision, and lodge a complaint with a data-protection authority. You will not be discriminated against for exercising applicable privacy rights.
Submit a request to privacy@hivemindos.app and identify the relevant service, wallet address, or X handle without sending private keys, seed phrases, or unnecessary sensitive information. Proportionate verification may be required. HivemindOS may be unable to remove public blockchain records, source social content, recipient copies, or independent copies made by others.
18. U.S. state disclosures
In the preceding 12 months, official services may have collected the categories described above: identifiers; internet, network, and electronic activity; user-provided content; public social-profile and community information; blockchain, transaction, and commercial information; approximate location inferred from network requests; and inferences such as community contribution scores. These categories are used and disclosed for the operational purposes listed in this policy.
Rizzma Inc. does not sell these categories and does not share them for cross-context behavioral advertising. Sensitive personal information is not used or disclosed to infer characteristics about people. If practices materially change, this notice and any legally required opt-out or limitation mechanism will be updated.
19. Children
The official site and Services are not directed to children under 13, and wallet, staking, identity-claim, marketplace, and financial features are intended only for people legally able to use them. Rizzma Inc. does not knowingly collect personal information from children under 13 through these services. Contact privacy@hivemindos.app if you believe a child submitted information.
20. Changes and contact
This policy may be updated when services, providers, data flows, or legal obligations change. The effective date and version identify the current notice. Material changes will be highlighted or presented again where required.
Privacy questions and rights requests may be sent to privacy@hivemindos.app. General legal questions may be sent to legal@hivemindos.app. Do not include wallet secrets, private keys, or unnecessary sensitive information.