← Home

Privacy Policy

Last updated: March 25, 2025

Who we are

lokei is operated by Open Growth Group Inc., a Delaware corporation (“we”, “us”, “our”). This policy explains how we collect, use, and protect your information when you use the lokei CLI, cloud dashboard, tunnel relay, and related services (collectively, the “Service”).

Information we collect

Account information. When you sign in with Google or GitHub, we receive your name, email address, and profile picture from the OAuth provider. We do not receive or store your password.

Username and API keys. If you claim a username or create API keys, we store them so your tunnels get stable URLs and you can authenticate programmatically.

Tunnel metadata. When you open a public tunnel, we log connection metadata (tunnel name, timestamps, client IP address, connection duration). We do not inspect, store, or log the content of traffic passing through tunnels.

Local-only data. The lokei CLI generates a local Certificate Authority, TLS certificates, DNS configuration, and route/port state. This data lives entirely on your machine in ~/.lokei/ and is never sent to us.

Usage analytics. We may collect anonymous, aggregated usage statistics (e.g., command frequency, framework detection counts) to improve the product. These contain no personally identifiable information.

How we use your information

  • To provide, maintain, and improve the Service
  • To authenticate you and associate tunnels with your account
  • To enforce rate limits and prevent abuse
  • To communicate service-related notices (e.g., security alerts, breaking changes)

We do not sell your personal information. We do not use your data for advertising.

Data sharing

We share your information only when necessary to operate the Service:

  • Infrastructure providers that host the relay and dashboard (e.g., cloud hosting, CDN)
  • OAuth providers (Google, GitHub) to authenticate your sign-in
  • Legal obligations — if required by law, subpoena, or to protect our rights

Data retention

Account data is retained for as long as your account is active. Tunnel metadata logs are retained for 90 days and then deleted. You can request deletion of your account and associated data at any time by contacting us.

Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), hashed API keys, and access controls on our infrastructure. No system is perfectly secure — if you discover a vulnerability, please report it to security@lokei.dev.

Cookies

The dashboard uses session cookies for authentication. We do not use tracking cookies or third-party analytics cookies.

Children

The Service is not directed at children under 13. We do not knowingly collect personal information from children.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated via the dashboard or email. Continued use of the Service after changes constitutes acceptance.

Contact

Questions or requests? Email privacy@lokei.dev.

Open Growth Group Inc.
Registered in Delaware, USA