Privacy Policy

This Privacy Policy explains how Prism Technologies Inc collects, uses, discloses, and protects information when you use Prism and related websites, applications, command-line tools, agent surfaces, and APIs.

Prism is managed Hermes hosting. Each Prism account comes with a workspace that runs the Hermes agent on a real Linux machine with persistent storage, root access, and a network connection that we provision and operate on your behalf. This policy describes the data that flows through that environment.

By creating an account, launching a workspace, taking a snapshot, connecting over SSH, or otherwise using Prism, you acknowledge the practices described in this policy.

We collect account information such as your name, email address, authentication identifiers, organization membership, plan tier, billing status, support communications, and any SSH public keys you upload.

We collect operational telemetry from your Prism workspaces, including workspace lifecycle events (provision, start, stop, snapshot, fork, destroy), uptime, CPU, memory, disk, and network usage, and aggregated outbound traffic metadata used for capacity planning and abuse prevention.

We collect product usage information such as pages viewed, features used, agent invocations, device and browser data, approximate location derived from your IP address, and diagnostic logs from our control plane.

If you purchase paid services, our payment processors collect billing details and payment instruments. Prism generally receives limited payment metadata such as transaction status, plan, amount, and billing contact information.

Your Prism workspace stores whatever you and the Hermes agent put on it: source code, files, datasets, generated media, package installs, environment variables, running processes, shell history, and any other state on the filesystem.

We also process agent prompts, tool calls, command transcripts, and the outputs the Hermes agent produces while it is working in your workspace, so that the agent can take its next action and so you can review what it did.

Your content may be processed by Prism and by third-party infrastructure or AI model providers in order to run the agent, execute commands, render media, moderate clearly abusive activity, troubleshoot, and deliver the service you request. We do not use the contents of your workspace or your agent transcripts to train foundation models.

You should treat any secret you place in your Prism workspace, including API keys, tokens, and credentials, the same way you would treat a secret on any other server you operate. Do not store secrets you are not willing to grant the Hermes agent access to.

We use information to provision and operate Prism workspaces, run the Hermes agent, execute commands, manage snapshots, render media, deliver SSH and web access, bill for usage, and provide support.

We use operational telemetry and limited control-plane logs to monitor reliability, detect outages, debug failures, enforce resource limits, and prevent abuse such as crypto mining, denial-of-service activity, malware distribution, or other prohibited use of the platform.

We may use aggregated, deidentified information to analyze performance, understand feature usage, enforce our Terms of Service, comply with legal obligations, and communicate service updates, product changes, or promotional information where permitted.

We use cookies, local storage, pixels, analytics tools, and similar technologies on our websites and console to keep you signed in, remember preferences, attribute referrals, measure marketing performance, understand product usage, and improve the service.

You can control cookies through your browser settings. Some features may not work correctly if cookies or local storage are disabled.

We share information with service providers that help us operate Prism, including cloud compute, networking, storage, database, observability, authentication, payment, email, customer support, AI model, and security providers. These providers may host, transit, or otherwise process portions of your data on our behalf.

We may disclose information if required by law, legal process, or government request; to protect Prism, users, or the public; to enforce our terms; to investigate suspected abuse of the platform; or in connection with a merger, acquisition, financing, restructuring, or sale of assets.

We do not sell your personal information in the traditional sense. Some analytics or advertising technologies on our marketing surfaces may be considered a sale, share, or targeted advertising under certain privacy laws.

Mobile opt-in data, including SMS consent and phone numbers collected for text messaging, will not be shared with third parties for marketing or advertising purposes.

Prism workspaces persist until you stop them, until they idle past the timeout in your plan, or until you delete them. While a workspace is running or stored as a snapshot, its filesystem state is retained so the Hermes agent can resume where it left off.

When you destroy a workspace or a snapshot, we begin a deletion process that removes the underlying volume from our systems. Encrypted backups and logs may persist for a limited window for disaster recovery and abuse investigation, after which they are overwritten or deleted on a rolling basis.

We retain account, billing, and operational records for as long as needed to provide the service, resolve disputes, meet legal obligations, enforce agreements, prevent abuse, and support business operations.

We use technical and organizational measures designed to protect information against unauthorized access, loss, misuse, alteration, and disclosure. Prism workspace volumes are encrypted at rest, and traffic to the control plane and SSH endpoints is encrypted in transit.

Each Prism workspace is scoped to your account and isolated from other tenants. SSH access is gated by keys you provide or by short-lived credentials we issue to you.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security. You are responsible for keeping your account credentials, SSH private keys, and any secrets placed in your workspace confidential.

You may stop, snapshot, fork, or destroy your Prism workspaces at any time from the product. You may also access, update, or delete account information through the product or by contacting support, and you can unsubscribe from marketing communications using the instructions in those messages.

Depending on where you live, you may have privacy rights such as requesting access, correction, deletion, portability, restriction, objection, or opt-out of certain processing. We will respond to applicable requests as required by law.

Prism is operated from the United States and may process information in the United States and other countries where Prism or our infrastructure providers operate.

By using the service, you understand that your information, including the state of your Prism workspaces, may be transferred to and processed in countries that may have privacy laws different from those in your location.

Prism is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to Prism, please contact us so we can take appropriate action.

We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify users. Your continued use of Prism after changes become effective means you acknowledge the updated policy.

Questions, requests, or concerns about this Privacy Policy can be sent through Prism support.