Overview
Harmonica is designed for structured conversations that often involve sensitive opinions, organizational feedback, and candid perspectives. We take data privacy seriously.Where data is stored
- Database: Neon Postgres, hosted in the US (Washington, DC region)
- File storage: Vercel Blob (for uploaded documents)
- Authentication: Auth0
Data is NOT used for training
Harmonica does not use your session data to train AI models. Conversations are processed by the configured LLM provider (OpenAI, Anthropic, Google, or your own via BYOM) to generate facilitation responses and summaries, but the data is not retained by Harmonica for model training purposes.Each LLM provider has their own data policies. If this is a concern, consider using BYOM with a provider whose terms you’ve reviewed, or use local models via Ollama for fully offline operation.
Participant anonymity
Hosts can configure sessions to support anonymous participation:- Name field can be made optional — participants can skip it or enter any name
- No account required — participants don’t need to create a Harmonica account to join a session
- Summaries are aggregated — AI-generated summaries synthesize themes across participants, not individual attributions
Open source & self-hosting
Harmonica is open-core under the AGPL license:- Source code is public — you can audit exactly how data is handled
- Self-hosting is supported — run Harmonica on your own infrastructure for full data sovereignty
- BYOM (Bring Your Own Model) — use your own AI provider keys so conversation data only flows to providers you control
Access control
- Session-level permissions — hosts control who can view results (owner, admin, editor, viewer roles)
- Project-level sharing — share access to groups of sessions with team members
- API key authentication — programmatic access uses scoped API keys (
hm_live_prefix) - Visibility settings — control whether sessions are public or private, and which result tabs are visible