Privacy
How Heuricity handles your chats, in plain language. We would rather tell you exactly how this works than make a claim we cannot keep.
The one thing to understand first
To answer you, the server has to send your message to a model (Claude, GPT, Gemini, or Grok). That means the server sees your message in plain text. This is true of every cloud AI chat product, including ChatGPT and Claude. Anyone who tells you their cloud chat is impossible for them to read is not being straight with you. What you are actually trusting, anywhere, is the operator's discipline. Ours is written down here.
Who can see your chats
Heuricity's tools: no one. There is no admin screen, no support view, and no feature anywhere that shows one person's chats to another human. We do not build those.
The operator, with database credentials: technically yes. Someone who runs the database could query it directly. That is true of every chat app you have used. We keep database access limited to as few places as possible, and we keep a log of every manual connection to the production database.
The infrastructure provider: at the disk level. Your data sits in a managed Postgres database with the standard encryption at rest that comes with it.
The model that answers you: sees that prompt. When a message is answered by a model, that provider receives the prompt under their API terms. By default the major providers do not train on API data, and retention windows apply. When a turn runs on one of your own connections, it goes to your account under your own agreement with that provider, and the turn is labeled so you can see it.
Training: metadata only, never your words. We tune how Heuricity routes between models using signals about the decision (how hard a message looked, which model was picked), never the text of what you wrote, and only with consent. Nothing you type trains a model.
Other users: no path. Every request is checked against who owns the data. A request for someone else's session returns "not found," never their content.
Someone with a stolen copy of the database: would see plain text today. We are building storage encryption so that even a direct copy of the database shows scrambled content. We will be clear about its limit when it ships: the server still holds the key, because it has to, so it protects against a leaked database, not against the operator.
Deleting really deletes
Deleting your account removes every row you own. Deleting a session removes it. There are no hidden shadow copies left behind.
How would you actually know?
Fair question. The checkable answers:
- Run models on your own key. Connect your own OpenAI, Anthropic, Google, or xAI account and those turns run on your account, not ours.
- Or run a model on your own machine. Connect a local model (Ollama, LM Studio) as a custom connection, and Heuricity's servers see only what you choose to route through them.
- Test the delete. Delete a session or your account and it is gone.
- The training terms are narrow on purpose. They allow routing improvements on metadata, not training on your messages.
The words "end-to-end encrypted" do not appear anywhere in Heuricity, because for cloud models they would not be true. We would rather be specific and checkable than vague and reassuring.