Privacy
policy.

Controller. Hermes Agent Hosting is operated by anycast.io UG (haftungsbeschränkt), Hintere Strasse 125a, 90768 Fürth, Deutschland. Use the secure contact form for privacy requests and other contact. We do not publish a support email address on the website.

Legal basis. We process personal data to provide the managed hosting contract, handle billing and support, protect the service, comply with accounting and tax duties, and process consent-based features such as waitlists or optional OAuth profile data. Where we rely on legitimate interests, those interests are security, abuse prevention, reliability, support traceability, and product operation.

Account data. We process account email address, optional name, role, newsletter preference, update preferences, authentication cookie state, magic-link token hashes, deletion request token hashes, and timestamps for account creation, login, security, support, and account administration.

Managed instances. We process instance slug, selected VM plan, bot platform, AI tier, model selection state, status, web URL status, IP addresses, provisioning jobs and events, backup/update metadata, channel mode and channel status, gateway/search-key status, and provider identifiers required to create, operate, change, back up, and delete managed Hermes Agent instances.

Billing and vouchers. We process selected plans, monthly prices, payment status, Mollie customer/payment/subscription identifiers, next billing dates, renewal state, pending plan or model changes, and voucher metadata such as voucher code, label, discount percentage, and discount amount. We use this data for checkout, subscriptions, invoicing, support, tax documentation, and payment dispute handling.

Model and search usage. When you use managed model or search gateway features, we store usage records such as cost, prompt and completion token counts, model family, routing category, search cost, search query, and timestamp. We use this for budget enforcement, billing, abuse prevention, troubleshooting, and operational analytics. Prompt content is proxied to the selected model provider as needed to perform the requested AI operation.

Support and contact. Dashboard support tickets and replies are stored with subject, message, priority, status, author metadata, and timestamps. The public contact form collects name, email address, subject, message, a local captcha answer/token, and technical submission metadata. Contact form messages are forwarded through Postmark and are not published.

Website data and analytics. We process server request metadata such as IP address, timestamp, URL, HTTP status, and user agent for security, reliability, diagnostics, and abuse prevention. The public website may use Plausible Analytics for privacy-conscious aggregate measurement. We do not use advertising cookies or sell personal data.

Processors and providers. Hermes Agent Hosting can use Hetzner for infrastructure, Mollie for payments, Postmark / ActiveCampaign for transactional email and contact forwarding, OpenRouter and direct model providers for AI requests, Brave Search for optional managed web search, Google for OAuth login if enabled, and Plausible for aggregate website analytics. Provider use depends on the feature you choose and the active deployment configuration.

International transfers. The controller is based in Germany. Some providers are located in, or can process data in, the United States or other countries outside the EEA. Where applicable, transfers rely on adequacy decisions such as the EU-US Data Privacy Framework, standard contractual clauses, provider safeguards, consent, or contractual necessity for the requested service.

Retention. Account and instance records are kept while the account or instance exists and afterwards only as needed for billing, tax, support, legal defense, security, abuse prevention, backups, and operational recovery. Billing records can be kept for statutory accounting periods. Server logs are rotated on a short operational schedule. Magic-link and deletion tokens expire and are stored only as hashes. Voucher metadata is retained as part of billing traceability.

Secrets and exports. Operational secrets such as gateway tokens, channel credentials, Brave Search keys, BYOK references, and authentication token hashes are processed for service operation. For security reasons, account exports do not disclose raw secrets; they include status and metadata where exposing the raw value would endanger your account, agents, or our infrastructure.

Your rights. Depending on applicable law, especially the GDPR where it applies, you may request access, correction, deletion, restriction, objection, withdrawal of consent, and portability of personal data. Logged-in users can download a JSON account export from the dashboard. Use the secure contact form to exercise privacy rights.

Supervisory authority. You may lodge a complaint with a data protection supervisory authority. For our German establishment, the competent authority is the Bayerisches Landesamt fuer Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany.

Automated decisions. We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you within the meaning of GDPR Art. 22.