HomeHow it worksFeaturesPricingFAQWaitlistGet the app

Security

We built Hephaestus for highly personal life context. This page summarizes our security and privacy practices — full legal detail is in the Privacy Policy.

Your data stays yours

Hephaestus stores personal life context — voice transcripts, goals, relationships, and reflections. We treat that data as highly sensitive and design the product to minimize collection and exposure.

Encryption and access control

Sensitive fields are encrypted at the application layer. Every read and write is scoped to the signed-in account owner — there is no cross-user access, including vector search over your memory.

  • TLS in transit for all client and API traffic.
  • Secrets stored in environment / cloud secret managers — never in source code.
  • Admin access to user data is least-privilege, audited, and metadata-first by default.

No permanent raw media

We do not permanently store raw audio recordings or original images. Voice is transcribed and images are OCR-processed; derived text may be kept to serve you, per our Privacy Policy.

Audit and accountability

Sensitive operations — sign-in, export, deletion, AI processing, and admin actions — are logged with identifiers, not personal content.

Your rights

You can export or delete your account data in the app. For privacy requests, contact us via the Contact page.

Privacy Policy

How it worksFeaturesPricingFAQWaitlistGet the appAboutBlog
Terms of UsePrivacy PolicyCookie PolicyContactSecurityAI transparencySubprocessors

Language

EnglishУкраїнськаहिन्दी

© Hephaestus · Mykhailo Sheludiakov, private entrepreneur (Ukraine)