FilDOS is built privacy-first. This policy explains what happens to your data across two separate things: the FilDOS desktop app and the fildos website. In short, the app runs on your own device and sends us nothing (the only exception is any cloud storage you choose to connect, which talks directly to that provider, not to us), and the website uses only cookieless, privacy-friendly analytics.
The FilDOS app is fully on-device
FilDOS is a local file browser. Everything it does with your files happens on your own machine:
- Your files never leave your device. Browsing, search, tags, and organisation all operate on your local filesystem.
- AI runs locally. Semantic search embeddings, the knowledge-graph analysis, and the assistant chat are all computed on-device using models that run on your own hardware. Your file contents, search queries, and chat conversations are not transmitted to us or any third party.
- Your data stays on your disk.The search index, embeddings, chat history, tags, and preferences are stored locally in the app’s data directory on your computer.
- No account, no tracking, no telemetry. The app does not require you to sign in and does not send usage analytics or telemetry back to us.
Model downloads
When you enable AI features, FilDOS downloads open-source model weights so they can run locally. These are fetched directly from their hosting provider (such as Hugging Face) to your machine. Those requests are made by your device to that provider and are subject to the provider’s own privacy policy. We do not receive the contents of, or metadata about, these downloads. Once downloaded, models run entirely offline.
Connecting cloud services
FilDOS can optionally connect to third-party cloud storage such as Google Drive, Dropbox, etc, so you can browse and search those files alongside your local ones. This is entirely opt-in; if you never connect an account, none of this applies to you.
When you do connect a cloud account, here is exactly what happens:
- Authorisation is direct between you and the provider. Sign-in uses a standard OAuth flow that opens in your browser and exchanges tokens directly between your device and the provider (for example, Google or Dropbox). Your credentials and access tokens do not pass through, and are never seen by, any FilDOS server.
- Credentials are stored locally and encrypted.The access tokens (or, for object-storage backends, the keys you enter) are stored on your own device and encrypted at rest using your operating system’s secure keychain.
- File access is device-to-provider. When you browse, open, search, or move a remote file, FilDOS talks to that provider directly from your device. We do not proxy, intercept, or store your cloud files.
- You stay in control.Disconnecting an account from FilDOS deletes its stored credentials from your device. You should also revoke FilDOS’s access in the provider’s own security settings if you want to fully sever the connection.
Your use of each connected service remains subject to that provider’s own terms and privacy policy.
The website
The fildos website is intentionally minimal about data:
- Cookieless analytics. We use Vercel Web Analytics to understand aggregate traffic (page views, referrers, country, device type). It is privacy-friendly by design: it sets no cookies, does not track you across other websites, and does not build a persistent profile of you. Because of this, the site does not need a cookie-consent banner.
- Self-hosted fonts. Fonts are served from our own domain, so visiting the site does not leak your visit to a font provider.
- Strictly-necessary infrastructure. Our hosting provider may set essential cookies required for security and to serve the site. These are not used to track you.
We do not sell your data, and we do not use advertising or cross-site tracking anywhere.
Links to other services
The site and app link out to third-party services such as GitHub, Discord, Hugging Face, and our documentation. Once you follow those links, the destination’s own privacy policy applies.
Changes to this policy
We may update this policy as FilDOS evolves. When we do, we’ll revise the “Last updated” date above. Because FilDOS is open source, the full history of changes is visible in our repository.
Contact
Questions about privacy? Reach us at ahmed.fahim0207@gmail.com or open an issue on GitHub.