DSGVO-Compliant AI Assistant.
No Cloud. No Data Processing.
No cloud provider. No data transfer. No data processing agreement required. All AI processing happens locally on your device - GDPR/DSGVO compliant without additional configuration.
DSGVO / GDPR Compliance
The General Data Protection Regulation (GDPR), known as DSGVO (Datenschutz-Grundverordnung) in German-speaking countries, sets strict requirements for processing personal data. Any AI tool that transmits data to the cloud typically requires a Data Processing Agreement (Auftragsverarbeitungsvertrag / AVV) under Article 28 GDPR, along with safeguards against unauthorized third-country transfers.
Cloud AI vs. Skales: GDPR/DSGVO Perspective
Not a policy - an architecture.
All Data Stored Locally
Every conversation, every memory, every file you share with Skales is stored at ~/.skales-data on your own machine. No data is transmitted to any external server. No cloud storage, no third-party backup.
No Data Processing Agreement Needed
Because Skales processes data locally, there is no data controller-processor relationship under GDPR Article 28. No vendor DPA (Auftragsverarbeitungsvertrag) to negotiate, no Article 46 transfer safeguards, no data flow outside your premises.
Fully Offline with Ollama
Connect Ollama and Skales runs without any internet connection. No API calls to OpenAI, Anthropic, or any cloud provider. Complete air-gap capability - suitable for law firms, medical practices, and regulated industries.
No Account, No Registration
No email address required. No account to create. No login portal, no password, no profile. There is no Skales account - so there is no Skales user database holding your personal data.
API Keys Encrypted Locally
If you choose to use a cloud API provider (OpenAI, Anthropic, etc.), your API key is stored in your OS keychain - encrypted locally, never transmitted to Skales servers. We never see your key.
Source Code Available
Skales is source-available under BSL-1.1. The full source code is readable on GitHub. Any technically capable person can verify exactly what data is collected, transmitted, and stored - and confirm that it matches what we describe here.
“Our data protection officer approved it in one meeting. That has never happened before.”