Security

What happens to your data

Straight answers for security teams and decision makers.

Where data is processed

Everything runs locally. By default the model loads into the app process — the model file sits on your disk and requests go nowhere. Doka has no servers, no cloud, no accounts.

What data is collected

The app does not collect message content, files or local-model requests — they stay on the device.

What permissions the app requests

Access is granted narrowly and on explicit confirmation.

  • File system — only the folder you explicitly choose.
  • Network — to reach the selected model.
  • Browser — launches only with your confirmation.
  • Terminal — running commands requires confirmation.

Cloud models

Doka supports GigaChat, YandexGPT and any OpenAI-compatible API, plus local models. With a third-party API, data is handled under that provider's policy — Doka is only the interface.

How to verify yourself

All app traffic is verifiable in real time.

  • Charles Proxy — GUI for macOS and Windows.
  • Wireshark — low-level analysis by host or port.
  • DevTools in Electron — built-in network inspector.

Security requirements and on-prem

For enterprise, Doka deploys inside your perimeter: local inference or your server, access policies set by security, white-label and local model integration.

Need a company rollout?

We'll show how Doka works inside your perimeter and run a pilot.

For business