Legal

Privacy Policy

Last Updated: March 4, 2026

JimboMesh ("we," "us," or "our") is operated by Ingress Technology LLC, a Colorado limited liability company. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our open source Holler Server software, our SaaS platform (app.jimbomesh.ai, api.jimbomesh.ai, admin.jimbomesh.ai), and our website (jimbomesh.ai).

1. Our Privacy-First Architecture

JimboMesh is built with privacy as the default state, not a feature toggle.

Standalone Mode

The open source Holler Server runs 100% locally. In standalone mode, zero data is transmitted to JimboMesh, Ingress Technology, or any third party. No account required. No telemetry. No phone home. Your data never leaves your machine.

Mesh Mode (Optional)

When you voluntarily connect to the JimboMesh SaaS platform, limited operational data is exchanged as described below. Mesh connectivity is entirely opt-in via the `JIMBOMESH_API_KEY` environment variable.

Peer-to-Peer Inference

AI inference data travels directly between users via WebRTC peer-to-peer connections. The JimboMesh SaaS platform acts as a signaling server only. We never see, store, relay, or have access to the content of your AI requests or responses.

2. Information We Collect

2a. Standalone Mode (Open Source Holler Server)

None. We collect absolutely no data when you run the Holler Server in standalone mode. All processing happens locally on your hardware.

2b. SaaS Platform (Mesh Mode)

When you create an account and connect to the mesh, we collect:

  • Account Information: Name, email address, and authentication data provided via Auth0 (our identity provider). We support sign-in via GitHub, Google, Microsoft, and Apple.
  • API Keys: Cryptographic hashes of API keys you generate for Holler authentication.
  • Holler Metadata: Holler name, hardware specifications (GPU model, VRAM, RAM), available models, online/offline status, and heartbeat timestamps.
  • Usage Data: Moonshine token balances, transaction history (credits and debits), job metadata (model requested, tokens processed, duration, cost - NOT the content of requests or responses).
  • WebRTC Signaling: Temporary ICE candidates and SDP offers/answers for establishing peer-to-peer connections. These are ephemeral and not stored.
  • Log Data: IP addresses, browser type, access timestamps for security and abuse prevention.

2c. Website (jimbomesh.ai)

  • Standard web analytics via Cloudflare (anonymized traffic data, page views, country-level geolocation).
  • Contact form submissions (name, email, message), only when you voluntarily submit them.

3. How We Use Your Information

  • Operate the mesh: Route jobs, establish peer-to-peer connections, process Moonshine transactions.
  • Maintain security: Detect abuse, enforce rate limits, manage IP blocklists.
  • Improve the platform: Aggregate, anonymized usage statistics to improve routing and performance.
  • Communicate: Respond to support requests, send critical security notices (never marketing spam).

4. Information We Never Collect

  • AI inference content - your prompts, responses, documents, and embeddings never pass through our servers.
  • Payment card information - handled entirely by third-party payment processors (if/when introduced).
  • Biometric data.
  • Location data beyond country-level geolocation from Cloudflare.

5. Third-Party Services

6. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account deletion request.
  • Job metadata: Retained for 90 days for dispute resolution, then anonymized.
  • Moonshine transaction history: Retained for the life of your account for auditing purposes.
  • Security logs: Retained for 12 months.
  • WebRTC signaling data: Ephemeral, never persisted.

7. Your Rights

Depending on your jurisdiction (GDPR, CCPA, etc.), you may have the right to:

  • Access, correct, or delete your personal data.
  • Export your data in a portable format.
  • Opt out of data collection entirely by running in standalone mode.
  • Withdraw consent and disconnect from the mesh at any time.

Contact us at [email protected] for any privacy-related requests.

8. Children's Privacy

JimboMesh is not directed at children under 13. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 13, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "Last Updated" date at the top reflects the most recent revision.

10. Contact Us

Ingress Technology LLC
6767 S. Vine Street #1016
Centennial, CO 80122
[email protected]
https://jimbomesh.ai