Hivepod Privacy Policy

1. Introduction

This Privacy Policy ("Policy") describes how Hivepod ("the App", "we", "us") handles your information across the iOS mobile app, the macOS / Windows / Linux desktop app, and the optional Relay service. Please read it carefully before using the App.

The App is developed and operated by Shenzhen Resopod Technology Limited Company. For any question about this Policy, contact us at feedback@resopod.ai.

2. Who We Are

Hivepod is a desktop graphical front-end for command-line AI agents such as Claude Code, Kimi, and Codex. The desktop app integrates these AI agents into a unified graphical interface and adds voice input, personas, and a skill system. The iOS mobile app is a remote client of the desktop app, letting you reach a Hivepod instance running on your own computer from your phone. Hivepod itself does not run any AI model — all AI execution happens through the underlying AI agent installed on your own computer.

3. Design Principles

The App is designed to be local-first:

• Your conversations, settings, installed skills, and personas are stored locally on your device by default (under ~/.hive/ on desktop).
• We do not operate a user account system and do not require your name, ID number, phone number, or other personal identifiers.
• We do not perform server-side analytics on your conversations or usage behavior.
• The mobile app does not run any AI service; it is purely a remote front-end of the desktop.

4. Information We Handle

4.1 Local Data (Not Transmitted)

The following is stored only on your device. We have no access to it:

• Conversation history with AI agents
• Application configuration and preferences
• Skills, personas, MCP tools you install, along with their configuration
• Local files or snapshots you import or create

You can remove all local data by deleting the ~/.hive/ directory (desktop) or uninstalling the App (mobile).

4.2 AI Provider Data Forwarding

When you interact with an AI agent through Hivepod:

• Conversation content is sent directly from the underlying AI agent running on your own computer to the AI provider it is configured to use (Anthropic, Moonshot, OpenAI, Alibaba, Tencent, Zhipu AI, etc.).
• We do not receive, store, or process any conversation content.
• Handling of that content is governed by the relevant AI provider's own privacy policy, which you should review separately.
• The Hivepod mobile app does not hold or proxy any third-party API credentials.

4.3 Remote Connection (Optional)

If you enable remote connections between the desktop and mobile apps, you can choose from four peer-level transport options — all uniformly protected by end-to-end encryption (TweetNaCl):

• Our optional Relay server — a WebSocket relay we operate
• Direct LAN — device-to-device on your local network
• Tailscale — your own Tailscale virtual network
• User-operated tunnels — e.g. ngrok or self-hosted

All messages are end-to-end encrypted; intermediate servers (including our Relay) cannot decrypt message content. You may bypass our infrastructure entirely by choosing LAN, Tailscale, or a user-operated tunnel.

If you choose to use our Relay, it retains the following connection metadata for pairing, load balancing, and diagnostics:

• Device identifier (not linked to any personal identity)
• Activation code (used for device authorization)
• Session start / end timestamps
• Bytes-forwarded counters

Metadata is retained for 30 days and automatically purged afterwards. If you do not use our Relay, none of this metadata is produced on our servers.

4.4 Activation Codes

To gate Relay access, the App uses activation codes (invite codes):

• Activation codes are bound to device identifiers and are not linked to your personal identity.
• Activation code state (active / revoked) and the list of authorized devices are maintained by our Relay service.
• You can request revocation of an activation code at any time.

4.5 Mobile App Specifics

• The mobile app is a remote front-end and cannot operate as a complete product on its own (standalone screens — login, settings, activation code, pairing wizard — do work without a desktop). Full functionality requires a paired desktop Hivepod instance.
• The mobile app does not run any AI service itself and does not hold or proxy any third-party API credentials.
• The mobile app requests the following system permissions, each used only when you actively trigger the corresponding feature:
  • Camera — to scan pairing QR codes and capture image attachments
  • Photo Library — to attach images to messages
  • Microphone — for voice input
  • Local Network — to discover desktop instances on the same LAN
• The mobile app does not integrate third-party analytics, advertising, or behavioral tracking SDKs.

4.6 Crash and Error Reports (Opt-in)

The desktop App can send anonymous crash and error reports to a self-hosted error tracking service we operate. This feature is off by default and is enabled only after your explicit opt-in:

• We collect crash stack traces, device context (OS version, app version, locale, hardware class), an anonymous installation ID, and technical breadcrumbs.
• We do not collect conversation content, files, API keys, or personal identifiers.
• Data is sent to a self-hosted server we operate, located in mainland China (ICP-filed under our company entity).
• Retention: 30–90 days.
• You can disable it any time in Settings → Privacy, or email to request deletion of all reports tied to your installation.

The iOS mobile app does not currently integrate any crash-reporting SDK. If we add one in the future, we will disclose it in a release update and this Policy revision.

5. Cookies and Similar Technologies

Neither the desktop nor the mobile app uses cookies. If you visit our websites (https://resopod.ai/products/hivepod, https://resopod.ai, https://www.resopod.cn), cookie usage there is covered by those websites' own notices.

6. Data Sharing

We do not share your data with third parties except in these cases:

• AI providers — when you actively configure and invoke them (see 4.2).
• App distribution platforms — such as Apple App Store or Google Play, when you obtain the App through them; their own privacy policies apply.
• Legal compliance — when required by applicable law in the jurisdiction where we operate.

We do not use your data for advertising, we do not sell it, and we do not trade it.

7. Data Security

• The security of local data depends on the security of your device. We recommend enabling a device lock and safeguarding your API keys.
• Remote connections are protected by end-to-end encryption (TweetNaCl) on top of transport-layer security.
• We apply reasonable administrative and technical measures to protect any connection metadata retained on our Relay.

8. Your Rights

You may:

• Access your local data (by inspecting ~/.hive/ or through in-app settings).
• Delete your local data (by removing the directory or uninstalling the App).
• Revoke your activation code to stop further Relay usage.
• Provide feedback or complaints via feedback@resopod.ai.

If you reside in the EU, UK, California, Mainland China, or other jurisdictions with specific data protection regimes (GDPR / UK GDPR / CCPA / PIPL), you have additional rights including access, rectification, erasure, restriction of processing, data portability, objection, and withdrawal of consent. Contact feedback@resopod.ai to exercise them; we will reply within a reasonable timeframe.

9. Children

The App is not intended for children under 13 and we do not knowingly collect information from children under 13. If you are a parent or guardian and believe your child has provided information to us, contact us and we will delete it.

10. International Data Transfers

• Content you send to an AI provider is processed wherever that provider operates. Some providers (e.g. Anthropic) are based outside Mainland China.
• Relay server locations vary by network condition (United States, Hong Kong, Mainland China), selected by routing proximity.
• For users in Mainland China using our Relay: we commit to complying with the Personal Information Protection Law (PIPL), including obtaining your separate consent where required.
• The connection metadata retained on the Relay does not constitute "important data" or large-scale personal information under PIPL Article 38, but we still log and govern its cross-border flow per PIPL requirements.

11. Policy Changes

We may update this Policy from time to time. When we do, we will notify you in-app, on our website, or at the feedback email you provided. Continued use of the App after an update constitutes acceptance of the updated Policy.

12. Contact Us

For any question, suggestion, or complaint regarding this Privacy Policy: