meraGPT

June 18, 2026 · 5 min

Private by default, not by promise

Every AI company has a privacy policy. It’s a page of promises: we won’t train on your data, we won’t sell it, we’ll delete it if you ask. You’re meant to read it, trust it, and hope it doesn’t quietly change next quarter.

meraGPT doesn’t work that way, and not because our promises are nicer. It’s that there’s nothing to promise. Your AI runs on a box that’s yours. Your conversations and everything it remembers about you sit on that box. We can’t read them, because there is no pipe from your box to us that carries your data. Privacy here isn’t a policy you have to trust. It’s a side effect of where your stuff lives.

Where your conversations actually live

When you talk to your agent, the messages and its memory of you get written to Hermes’s own storage on your box: plain files on a machine only you can reach. Not a row in our database. Not an event in our analytics. We don’t hold a copy, and our control plane has no way to fetch your files.

Being straight about the one exception: we can log into a box to fix it when something breaks, or to act on an abuse report. That’s hands-on ops on a specific machine, not an automated feed of your chats into anything. We don’t read your conversations to improve a model, because we don’t have a model. We don’t mine them for ads, because we don’t sell ads. There is genuinely no product on our side that wants your data.

The one link we don’t control, and how you do

Here’s the part most “private AI” pitches skip. Your agent still has to send your prompt to a model, and that model runs at whatever provider’s API you plugged in. So that provider processes your prompts, the same as anything else built on their API.

The difference is that you chose them, and you can choose well. Because you bring your own key, you pick the provider and the terms. Most major providers don’t train on API traffic by default, and several offer explicit zero-retention modes you can switch on in their dashboard. You can even point your box at a privacy-first or self-hosted OpenAI-compatible endpoint and we won’t blink. With a consumer chatbot you get one provider and one policy. Here you get to shop for the privacy you want, and move the day you stop trusting one.

When you leave, you actually leave

Ownership cuts both ways. The same /backup command that exports your memory exports the whole agent: skills, sessions, all of it, as a zip you keep. Cancel and the box is destroyed at the end of the period you paid for. We don’t tuck a copy away in cold storage just in case. Your data arrived when you started and it’s gone from our side when you go. That is what owning it means. You can take everything, and leave nothing behind.

Why “mine” is the whole point

meraGPT means “my GPT”. Privacy isn’t a toggle we hand you as a favour. It falls out of the arrangement itself: your box, your keys, your files. A company that keeps your AI on its own servers can only ever promise to behave. When the AI runs on a machine that’s yours, good behaviour isn’t something you have to take on faith, because the access to misbehave was never there to begin with.

Related