OIOXO
Account

Privacy by design

Most AI IDEs upload your code to do their work. OIOXO’s architecture makes that unnecessary — the model runs in your browser. Here is the exact accounting of what stays local and what doesn’t.

Stays on your device — always

  • Your code and files. Projects live in browser memory or your local folder. Opening a folder uses the browser’s file-system access; nothing is uploaded.
  • Your prompts. They go to the model running on your own GPU.
  • Your API keys. BYOK keys and GitHub tokens are stored in browser storage on your machine. OIOXO’s servers never receive them.
  • Rules, memory, skills, settings, snapshots. All local.

Goes directly to a third party — only when you use that feature

  • BYOK: your browser calls your chosen provider (OpenAI, Anthropic, …) directly. OIOXO does not proxy the traffic.
  • GitHub: opening a repo or pushing a commit talks to GitHub’s API from your browser, with your token.
  • Publish: publishing puts the site you chose to publish on GitHub Pages.
  • Share live: a short code brokers the connection; the project files then travel browser-to-browser over an encrypted peer connection.

Touches OIOXO’s servers

  • Account: your email/login if you create an account.
  • Usage metering: token counts (numbers), to enforce the free allowance fairly across devices. Never the content of what was generated.
  • Billing: handled by Stripe; OIOXO doesn’t store card numbers.
  • Model delivery: the one-time model download, and a version check so the “Refresh to update” banner can appear.
Check it yourself

Open OIOXO Doctor (tools menu → “Run health check”). The footer line is the policy in one sentence: “Everything runs on your device. Nothing here is uploaded.” And your browser’s network tab will confirm it.

The legal version of this page is the Privacy policy.