Data and Privacy

What the Module does with your users' data

Before you integrate, this is the privacy posture you’d be adopting – what the Module accesses on your users’ devices, what it can never reach, and the rights it preserves. Written plainly enough to relay to your users, precisely enough for your legal team.

Read the full end-user privacy policy

01 / What the Module does

It shares a little of your users' spare bandwidth to load public web pages

When you integrate Honeygain AI Gateway and a user opts in, the Module shares a small fraction of that user’s unused internet bandwidth with the AI Gateway network. The bandwidth is used to fetch public web pages.

The kind of content anyone can see by opening a browser

Each opted-in device is one of millions in the network. Each request is small. The Module runs in the background and backs off when the device is busy or its bandwidth is limited — so your users’ experience is unaffected.

Request flow — responsive (horizontal / vertical)
How a request flows through the network An opted-in device shares a small fraction of its unused bandwidth into the AI Gateway network of millions of devices, which is used to fetch a public web page. Opted-in device A small fraction AI Gateway network millions of devices Public web page
How a request flows through the network An opted-in device shares a small fraction of its unused bandwidth into the AI Gateway network of millions of devices, which is used to fetch a public web page. Portrait layout, flowing top to bottom. Opted-in device A small fraction AI Gateway network millions of devices Public web page
How a request flows

02 / What the Module accesses

Three things and nothing that identifies your users

Platforms table — AI Gateway (light)
WhatWhy
The user's IP address To route web requests through their connection.
Basic connection info Whether they're on Wi-Fi or mobile, their general region, and their connection type.
A device identifierrandom string A random string that lets the network recognise the device across sessions. Not tied to a name or identity.

That’s it. No personal information, no account data, no contact information.

03 / What the Module can never reach

The things your users worry about - none of them are reachable

Sealed space — responsive (desktop / mobile)
The Module runs in its own sealed space Portrait layout. The Module's sealed space (IP address, connection info, device identifier) sits above a boundary marked by a shield; files, messages and contacts, browsing history and cookies, other apps, keystrokes and screen, and identity are out of reach below. Dots travel up and down through the shield. The Module Everything it can use IP address Connection info Device identifier Its own sealed space Out of reach — by design FilesMessages,contacts, callsBrowsing history& cookiesYour other appsKeystrokes& screenTheir identity
Sealed space — the boundary

Their files

Photos, documents, downloads. None of it is accessible.

Browsing history & cookies

What a user does in their browser stays theirs.

Anything typed or seen

No keystroke capture. No screen reading. No usage tracking.

Messages, contacts, calls

The Module has no permission to read any of it.

Your other apps

 The Module runs in its own space and can’t see what the rest of your app – or any other – is doing.

Their identity

Nothing the Module uses is tied to a user’s name or who they are.

This isn’t a policy promise you have to vouch for. The Module is technically built so these things are out of reach – even if it wanted them.

04 / What the bandwidth is used for

The same web-fetching anyone does - just at scale

Your users’ shared bandwidth is used by vetted enterprise partners to access public web pages. Things like:

  • AI assistants checking facts on the live web
  • Market research platforms tracking prices or news
  • Compliance teams monitoring public information at scale
  • Financial systems tracking events as they happen

Every partner who buys access goes through identity verification (KYC). Traffic is only routed to legal, age-appropriate destinations, and suspicious activity is blocked in real time — so your brand isn’t exposed to where the bandwidth goes.

Partner vetting — responsive (desktop / mobile)
How partner access is vetted Portrait layout. Requests for access flow down into a KYC and screening gate. Allowed traffic flows on to legal, age-appropriate public pages; suspicious activity is blocked, shown as a stalled, blinking path. Requests for access KYC + screening Verified · real-time Legal, age-appropriate public pages Where it’s allowed to go Suspicious activity Blocked in real time
How partner access is vetted

05 / The control your users keep

Every user decides whether it runs. You're expected to honour that

That’s it. No personal information, no account data, no contact information.

1

They opt in first

The Module never starts until a user has agreed on the consent screen you show them. No consent, no traffic.

2

They can opt out at any time

You expose a setting – usually labelled something like Share unused bandwidth – that turns the Module off. It stops immediately.

3

Opting out has to be simple

One toggle. No emails, no support tickets, no waiting periods. Making this easy isn’t optional – it’s a contractual requirement of integrating.

4

They can change their mind

Opting out doesn’t lock a user out. They can opt back in whenever they want.

06 / Your users' rights

The rights your users have - handled for you

Depending on where they live, your users have specific legal rights over their data. These apply to the limited data the Module uses, and the network operates the machinery to honour them:

  • Know what data is collected and why.
  • Access a copy of their data.
  • Delete - ask the network to remove what it holds.
  • Opt out of having their data used at all - which the in-app toggle does immediately.

These rights come from GDPR (Europe), CCPA (California), and similar laws elsewhere. They’re honoured whether or not a user’s country specifically grants them – globally, by default.

Users (or you, on their behalf) can exercise these rights at [email protected].

07 / Where to go for more

That's the end of the plain-language version

The binding documents are below. Your legal team will want these.

End User Privacy Policy
End User Terms of Service
Website Cookie Policy
Website Privacy Policy

Users (or you, on their behalf) can exercise these rights at [email protected].

Evaluate your product’s monetization potential

Answer a few short questions — we’ll review your setup and follow up with a tailored recommendation.
Start assessment
I'll browse more