Privacy Policy
homie is a self-hosted AI home assistant. The bulk of the personal data it processes — household members, calendars, messages, voice transcripts — stays on your own device. A small amount passes through our Cloudflare infrastructure so household members can sign up and so authentication tokens can be exchanged. This policy explains what we collect, where it lives, and what your rights are under the GDPR.
1. Who we are
homie ("homie," "we," "our," "us") is operated by Jonas Hermann, a sole trader based in Stockholm, Sweden. We are the data controller for the personal data described below.
For privacy questions or to exercise your rights, contact hello@heyhomie.tech.
2. What this policy covers
This policy applies when you:
- Install and run the homie software on hardware you own (typically a Mac mini or a Linux server)
- Visit hihomie.app, welcome.hihomie.app, or related subdomains
- Use the household authentication service that we host on Cloudflare
It does not cover personal data held by third-party services you choose to connect (Google, Spotify, Twilio, OpenAI, Anthropic, Home Assistant, and others). Those providers act as their own controllers or as separate processors for you, under their own terms. The services we currently integrate with are listed in §6.
3. What we process, where it lives, and why
3.1 On your device
homie is designed so that almost all personal data sits in a local SQLite
database on the device that runs homie (typically at
~/.config/Klaus/db/klaus.db or
Klaus/db/klaus.db). We do not have access to this database.
Depending on which features you enable, this local database may contain:
- Household members: names, email addresses, phone numbers, dates of birth, roles, avatars
- Calendar data: events and reminders synced from Google Calendar (only if you connect it via OAuth)
- Messaging logs: iMessage, Telegram, and SMS messages that homie reads or sends on your behalf
- Voice and conversation logs: transcripts of spoken interactions with homie, with timestamps and which household member spoke
- LLM prompt and response logs: the prompts homie sends to its language model and the responses received, with token counts
- Smart-home and music history: device states, songs played, automations performed
- Computer-action logs: records of automated actions homie performed on your computer
- Memory: persistent notes about household preferences, routines, and members
- User-created content: contact lists, shopping lists, recipes, briefings, pantry inventory, gift ideas
This data stays on your device. We have no copy and no access. Its security depends on your operating system, your disk encryption, your backups, and who can reach the device.
3.2 In our Cloudflare infrastructure
To enable household signup and to coordinate authentication, a small
amount of data passes through a Cloudflare Worker
(auth.hihomie.app) and a Cloudflare KV namespace
(homie_tokens):
- Household identifier and HMAC secret — a random ID per household and a cryptographic secret used to verify your daemon's requests. Stored while your household is active.
- OAuth tokens — when you connect Google Calendar, the OAuth refresh token is briefly placed in KV for your daemon to pick up. Auto-deleted after one hour or on pickup, whichever comes first.
- Member signup settings — when a new household member finishes signup at welcome.hihomie.app, the name, avatar, and calendar preference they entered are stored for up to one hour while the daemon picks them up.
- Open-invite claims — when you create a shareable signup link, the link metadata (slug, expiry, household reference) is stored until expiry. Default 24 hours, maximum 30 days.
- Member slugs — short identifiers used to keep member IDs unique within a household.
We process this data on the legal bases of performance of a contract with you (GDPR Article 6(1)(b) — operating the service you asked for) and our legitimate interest in running the authentication system securely (Article 6(1)(f)).
3.3 On our websites
hihomie.app and welcome.hihomie.app are static pages hosted on Cloudflare. They do not use analytics, advertising, or tracking cookies.
Cloudflare itself receives standard HTTP request information (IP address, user-agent, requested URL) as part of operating the network. We do not access individual visitor logs. See Cloudflare's privacy policy.
When you submit an invite link at welcome.hihomie.app, the data you enter (name, avatar, calendar preference) is stored as described in §3.2.
4. How long we keep your data
| Data | Location | Retention |
|---|---|---|
| Household secret (HMAC) | Cloudflare KV | While the household is active. Deleted on request. |
| OAuth tokens | Cloudflare KV | Maximum 1 hour, or deleted on pickup |
| Member signup settings | Cloudflare KV | Maximum 1 hour, or deleted on pickup |
| Open-invite claims | Cloudflare KV | Default 24 hours, maximum 30 days |
| Conversation logs, messages, LLM logs, memory | Your local device | Indefinite by default. You control deletion. |
Local data on your own device is yours. We have no copy and cannot delete it for you. We recommend periodically reviewing what your local database stores, and deleting the SQLite file if you uninstall homie.
5. Your rights under the GDPR
You have the right to:
- Request access to the personal data we hold about you (Article 15)
- Request correction (Article 16) or erasure (Article 17)
- Restrict or object to processing (Articles 18 and 21)
- Receive your data in a portable format (Article 20)
- Withdraw any consent you have given (Article 7(3))
Because most of homie's data sits on your own device, you exercise most of these rights directly by editing or deleting local files. For the small amount of data held in our Cloudflare KV, email hello@heyhomie.tech and we will respond within 30 days.
You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) at imy.se.
6. Third-party services we connect to
When homie communicates with the following services, personal data is sent to them and is governed by their own privacy policies. We list them here for transparency.
| Service | Purpose | Location | Privacy policy |
|---|---|---|---|
| Cloudflare, Inc. | Web hosting, Workers, KV, DNS | Global edge | link |
| Anthropic, PBC | LLM (Claude) for assistant reasoning | USA | link |
| OpenAI, LLC | Realtime voice and text-to-speech | USA | link |
| Google LLC | Calendar, optionally Drive (OAuth) | USA / global | link |
| Spotify AB | Music playback (optional) | EU / USA | link |
| Twilio, Inc. | SMS and voice (optional) | USA | link |
| Open-Meteo | Weather forecasts (no personal data sent) | EU | link |
| SMHI | Swedish weather data (no personal data sent) | EU | link |
Transfers to processors located outside the European Economic Area (Anthropic, OpenAI, Twilio, and parts of Google and Cloudflare) are protected by the European Commission's Standard Contractual Clauses, and additional safeguards where applicable.
7. Children
homie is designed for use by households and may be configured by adult household members to include children. We do not knowingly collect personal data from children under 13 without parental involvement. If you believe a child's data is being processed without appropriate consent, contact hello@heyhomie.tech and we will assist.
8. Security
All daemon-to-Worker communication is authenticated with HMAC-SHA256 signatures using the household secret. OAuth tokens stored in Cloudflare KV are short-lived and deleted on pickup. Local data security depends on your own operating system, disk encryption, and backup choices.
No system is perfectly secure. If you discover a vulnerability, please report it to hello@heyhomie.tech.
9. Changes to this policy
We may update this policy. Material changes will be reflected by the "Last updated" date at the top of this page and, where feasible, by a notice on hihomie.app.
10. Contact
Email: hello@heyhomie.tech
Postal: Jonas Hermann, Stockholm, Sweden — full address available on request.