Privacy & Data Handling
Version 2.0 · June 2026 · Reflects the current hosted Argus setup
Plain-English Summary
Argus is not a generic SaaS dashboard, and the current hosted setup is not “everything stays on a device in your office.” Each client profile runs on Argus-operated VPS infrastructure with separate credentials, memory, logs, and integrations.
To do useful work, Argus connects to third-party systems: Google Workspace for Gmail and Calendar, Telegram or another messaging channel for chat, Google Gemini API or other configured model providers for reasoning, and email delivery providers where configured. We aim to send only the context needed for the task, but data does leave the VPS when those services are used.
Current Architecture
| Layer | Where It Runs | What It Does |
|---|---|---|
| Argus runtime | A dedicated Linux VPS operated for the client profile | Runs the Hermes/Argus agent, tool calls, scheduler, profile config, encrypted credentials, logs, and memory files. |
| Google Workspace | Google APIs over OAuth | Gmail and Calendar access happens through Google OAuth scopes approved by the client. Tokens are stored in the client profile on the VPS and can be revoked from the Google Account. |
| AI model calls | Google Gemini API, and other configured model providers where needed | Only the task context needed for an answer or action is sent to the model provider over HTTPS. Model providers process that data under their own API/data-processing terms. |
| Messaging interface | Telegram Bot API / approved chat channels | Client messages, bot replies, voice notes, and attachments pass through Telegram or the selected messaging platform before reaching Argus. |
| Outbound email | Google Gmail API and/or AgentMail where configured | Argus may draft or send emails only when authorized. Sent-message metadata and delivery data are handled by the email provider used for that account. |
| Website onboarding | withargus.ai on Vercel plus hosted OAuth callback endpoints | The public onboarding page initiates Google OAuth and routes the callback so the client profile can store the resulting token securely. |
What Data Argus Processes
Depending on the client’s approved integrations and requests, Argus may process messages, voice-note transcripts, email metadata and bodies, calendar events, contacts, files or documents explicitly provided, task history, preferences, and operational logs.
OAuth credentials, API keys, profile memory, and logs are stored in the client’s Argus profile on the VPS. They are used to operate the assistant, troubleshoot issues, and maintain continuity across conversations.
What Leaves the VPS
- Client instructions, message text, and attached files sent through Telegram or another connected messaging platform.
- Relevant snippets from Gmail, Calendar, files, or prior conversation context when they are needed to complete a requested task.
- Prompts and tool results sent to model providers such as Google Gemini over encrypted HTTPS.
- Google Workspace API requests and responses for the scopes the client approved, such as Gmail read/send and Calendar read/write.
- Outbound messages, emails, calendar invites, or documents the client asks Argus to send or create.
- Operational metadata required to run the service, such as timestamps, tool errors, and delivery status.
Access Controls & Operating Practices
| Single-client profiles | Each client runs in a separate Hermes/Argus profile with its own tokens, memory, configuration, and logs. |
| OAuth revocation | Google access can be revoked at any time from the client’s Google Account security settings. |
| Approval gates | Sensitive outbound actions such as sending emails, sending calendar invites, or messaging third parties are designed to require explicit user approval unless a client has configured an automation rule. |
| Least-context prompting | Argus aims to send the minimum task context needed to the active model provider rather than full archives by default. |
| Server access | The VPS is operated by the Argus team for setup, maintenance, monitoring, and support. Access is restricted to authorized operators. |
| Provider boundaries | Data sent to Google, Telegram, AgentMail, Vercel, or model APIs is governed by those providers’ own terms and retention policies. |
Provider-Specific Notes
Google Workspace: Gmail, Calendar, and Tasks access is authorized by OAuth. Argus stores the resulting token in the client profile and uses it for approved workflows such as inbox scans, meeting briefings, draft replies, calendar preparation, event edits, and task management. Google user data is used only to provide user-requested assistant functionality. We do not sell Google user data, use it for advertising, or use it to train generalized AI models.
Google Gemini / model APIs: Relevant prompts, snippets, and tool results may be sent to Gemini or another configured model provider. Argus does not send entire archives by default, but a user request can require sensitive context to be included in a prompt.
Telegram and chat platforms: Messages and attachments sent to Argus pass through the chat platform before reaching the Argus VPS. The platform’s own privacy and retention terms apply.
Vercel / public website: withargus.ai is hosted on Vercel. The onboarding page is public marketing and OAuth-routing infrastructure; the client’s operational agent data lives in the client profile, not in the public website repository.
Frequently Asked Questions
Is Argus fully on-device?
No. The current hosted Argus setup runs on a dedicated VPS, not only on a Mac in the client’s home or office. Some client-side or local deployments may be offered separately, but this hosted onboarding flow uses VPS infrastructure.
Does Argus send data to AI model providers?
Yes. When a task requires reasoning, summarization, drafting, extraction, or planning, Argus sends relevant task context to the configured AI model provider. The default production path may include Google Gemini API calls. Other model providers can be used if configured for a profile.
Does Google Gemini train on my data?
Argus uses API access rather than consumer chatbot sessions. Google’s API and Cloud terms govern how that data is processed. Clients with stricter requirements should request a written provider-specific configuration and DPA review before connecting sensitive accounts.
Can Argus read all my email?
Only after the client grants the relevant Gmail OAuth scopes. In normal operation, Argus searches or reads messages needed for a requested workflow, such as scanning unread mail, drafting a reply, or preparing a meeting brief. Access can be revoked from Google at any time.
Are Telegram messages private from Telegram?
No. Telegram messages pass through Telegram’s infrastructure. Argus receives those messages via the Telegram Bot API or approved messaging bridge, then processes them on the Argus runtime and, when needed, through model/tool providers.
Can Argus send messages or emails without me?
By default, human approval is expected for client-visible outbound actions. Some clients may deliberately configure automations or delegated authority for low-risk recurring actions; those should be documented per profile.
Important Limitations
This page is a technical and operational overview, not a legal opinion or universal compliance certification. Data handling depends on the client’s configured integrations, enabled model providers, automation rules, and the third-party services used for messaging, email, hosting, and AI inference.
Clients with regulated, confidential, or cross-border data requirements should request a profile-specific architecture note, subprocessors list, and legal review before connecting sensitive accounts.
For questions, contact alex@riverventures.co or support@withargus.ai or book a call.