Privacy Protocol

Status: Active / Version 1.1

Last Updated
MARCH 07, 2026
Data Collection

Harbor Cloud is designed as a zero-trust infrastructure. We only collect the minimum metadata required to operate the gateway.

  • [01]Account Metadata: Email and cryptographic password hashes.
  • [02]Telemetry: Aggregate request counts, connector identifiers, and timestamps.
  • [!!]Encrypted Payload: Memories and schemas are end-to-end encrypted (E2EE) client-side before transmission. We hold the bits, but not the keys.
Security Policy

Your context is private by default. We use PostHog for anonymous product analytics (page views, feature usage) to improve the service. We do not sell data or maintain data-sharing agreements with third parties.

All transport is secured via TLS 1.3. Persistent storage utilizes AES-256 at rest for system metadata. User context data remains unusable by the infrastructure due to client-side encryption.
Infrastructure

Processing occurs on isolated nodes managed by Fly.io. Data persistence is handled by Neon (Serverless PostgreSQL).

The Harbor CLI is open source. You are encouraged to audit the source code or self-host your own gateway if the cloud protocol does not meet your requirements.

Data Disposal

Context deletion is immediate and permanent across all synced nodes. To purge your core account metadata, transmit a request to privacy@oseaitic.com.