HUMILITAS.AI
Privacy and identity-blind design
Protocol
PRIVACY STATEMENT

The source is not the signal.

Humilitas.ai is designed to collect a thought without asking for the identity of the person transmitting it. The public intake does not request a name, account, email address, telephone number, username, rank, title, employer, or organization.

What the application stores

When the intake endpoint is activated, the application stores an encrypted submission payload, a randomly generated receipt identifier, a coarse UTC date, and whether the contributor permits verbatim review or synthesis only. Exact submission time is deliberately not retained in the database.

What the application does not store

The application does not write source IP addresses, user-agent strings, referrers, persistent session identifiers, cookies, or request headers to the submission database. The site contains no advertising analytics, tracking pixels, social widgets, third-party fonts, or public file-upload capability.

Important limitation

No public internet service can promise absolute anonymity. Hosting providers, network operators, a contributor's device, and local network may process or expose connection information. A contributor may also identify themselves through their writing style, facts, timing, or details contained in a submission. Humilitas.ai is therefore described as identity-blind at the application layer, not absolutely anonymous.

Retention and review

Submissions remain encrypted at rest and are reviewed only by authorized moderators. Content is not published automatically. Identifying details, protected information, unsafe material, and operationally sensitive information are removed or rejected. Final retention periods should be set in the production operating policy and disclosed here before public launch.

Read anonymous transmission protocol