Babai logo markBabai

Privacy Policy

Last updated: May 21, 2026

At Babai Cloud, we are committed to protecting your privacy. This Privacy Policy explains how Babai Cloud ("we", "us", or "our") collects, uses, discloses, and safeguards your information when you visit our website (babai.cloud) and use our Hosted Hermes Agent console and platform (collectively, the "Service").

Babai Cloud operates as a portfolio company of OneBab AI (© 2026 OneBab AI. All rights reserved.).

Please read this Privacy Policy carefully. By accessing or using our Service, you agree to the collection and use of your information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

We collect information that you provide directly to us, information collected automatically when you use our Service, and information related to your agent runtimes.

A. Personal Data

When you register for an account, subscribe to early access, or contact us, we may collect:

  • Account Credentials: Email address and login credentials (managed securely via our identity provider).
  • Profile Information: Your name and professional affiliation.
  • Billing Information: Credit card numbers, billing addresses, and payment histories. All payment transactions are processed through our PCI-DSS compliant third-party billing providers (Stripe and Razorpay). We do not store your complete card details on our servers.

B. Usage & Diagnostic Data

When you navigate our website or console, we automatically collect certain technical details:

  • Device & Connection Metrics: IP addresses, browser types, browser versions, operating systems, and unique device identifiers.
  • Activity Metrics: Timestamp of visits, pages viewed, time spent on those pages, console navigation paths, and platform interaction logs.

C. Agent Sandbox Data (Platform Content)

As an agent hosting service, we process data generated by your autonomous agent runtimes to provide the Service:

  • Runtime Logs: Console standard output (stdout) and standard error (stderr) generated by your Hosted Hermes Agent sandboxes.
  • Agent States & Databases: SQLite database backups and filesystem state snapshots created during execution.
  • Integration Messages: Metadata and body content of webhook integrations (e.g., Telegram, WhatsApp, and Slack messages routed to your agent).

2. Our Technology Stack & Subprocessors

To deliver a secure, low-latency agent hosting environment, we utilize industry-leading third-party cloud infrastructure. By using Babai Cloud, you acknowledge that your data may be processed through these trusted subprocessors:

  • Hosting & Compute: Google Cloud Platform (GCP). Your agent sandboxes are hosted on hardened, isolated GKE (Google Kubernetes Engine) container pools located in our secure regional nodes.
  • Authentication & Settings: Supabase. We utilize Supabase Postgres and Supabase Auth to securely manage user authentication, session state, and account settings.
  • State Replication & Backups: Litestream. We utilize Litestream for 1-second Recovery Point Objective (RPO) backups, streaming encrypted SQLite blocks directly to Google Cloud Storage (GCS) buckets.
  • Frontend Delivery: Vercel. Our landing pages, documentation, and agent console are compiled and served globally via the Vercel Edge Network.
  • Transactional Communications: Resend. Account confirmations, security notices, and platform updates are delivered via Resend.
  • Payment Infrastructure: Stripe and Razorpay are utilized for secure, encrypted subscription checkout and billing management.

3. Strict AI Model Training Exclusions

[!IMPORTANT] We respect your proprietary IP. Under no circumstances do we sell your personal data or use your sandbox code, environment variables, agent execution logs, SQLite backups, or messaging histories to train, tune, or refine third-party or proprietary AI models. Your agent runtimes and historical states remain strictly yours.

4. How We Use Your Information

We process your information to fulfill our contractual obligations, secure our infrastructure, and improve your user experience:

  • To set up, maintain, and secure your developer account.
  • To provision, isolate, and orchestrate Hosted Hermes Agent sandboxes on GKE.
  • To process payments, manage subscriptions, and prevent billing fraud.
  • To continuously sync and back up database states utilizing Litestream.
  • To route incoming messages from Telegram, WhatsApp, and Slack webhooks to your running agents.
  • To deliver critical administrative notifications (such as billing updates, schema warnings, or security alerts).
  • To diagnose server issues, patch vulnerabilities, and defend our network against sandbox escape attempts.

5. Security & Isolation

We implement advanced technical and organizational security measures to protect your account and container environments:

  • Kernel-Level Isolation: Every Hosted Hermes Agent runs in a sandboxed, restricted virtual container environment on GKE, backed by custom gVisor/AppArmor system-call filtering to prevent container escapes.
  • Data Encryption: All data transferred to and from our Service is encrypted in transit using TLS 1.3, and SQLite backup blocks are encrypted at rest inside Google Cloud Storage.
  • Session Security: User authorization is enforced through cryptographically signed JWT tokens issued by Supabase Auth.

6. Your Rights & Choice

Depending on your jurisdiction (such as GDPR under European law or CCPA under California law), you hold specific privacy rights:

  • Access & Export: You may request a copy of the personal data we store, as well as export your SQLite Litestream backups and agent configurations directly from the Console.
  • Correction & Deletion: You have the right to correct inaccurate account fields or request the complete deletion of your account and GKE sandboxes. Upon requesting account deletion, all active containers, backup streams, and logs are completely purged from our active systems within 30 days.

7. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page, and, if you have registered an account, we will send an email notification via Resend.

8. Contact Us

If you have any questions or concerns regarding this Privacy Policy or our data protection guidelines, please reach out to us:

  • Email: legal@babai.cloud
  • Corporate Affiliation: Babai Cloud Legal Team, a portfolio company of OneBab AI.