Security & Privacy

Probably implements comprehensive security measures to protect your data, ensure privacy, and maintain the highest standards of information security.

Probably’s security model is built around local data processing:

• Local Processing: Data analysis happens entirely on your machine
• Standard Encryption: Uses HTTPS for external API communications
• File System Access: Standard file system permissions apply
• Simple Authentication: Basic API key management for AI services

File Storage

• API keys stored as plain text files in local cache directory
• Data processed using standard file system permissions
• Temporary files handled by operating system cleanup
• Cache directory follows platform conventions

Network Communication

• HTTPS for AI provider API calls
• Standard TLS encryption provided by Python requests library
• Database connections use provider’s native encryption
• No additional encryption layers implemented

Data Minimization

• Only relevant data context sent to AI providers
• Full datasets remain on local machine
• No automatic PII detection implemented
• Users control what data is analyzed

API Key Management

• API keys stored in local files
• Simple validation by testing provider endpoints
• Manual key rotation when needed
• Single-user desktop application model

Basic TLS

• Standard HTTPS connections to AI providers
• Uses Python requests library defaults
• No additional security layers
• Standard certificate validation

Request Security

• Standard API authentication headers
• Basic rate limiting by providers
• No additional request signing

Application Logs

• Standard Python logging to cache directory
• Basic error and warning messages
• No security event monitoring
• Standard log rotation by OS

Data Control

• Data remains on your local machine
• No data uploaded to cloud analytics platforms
• Direct database connections when using external sources
• Users control what context is sent to AI providers

Local Data

• Data files remain in their original locations
• Standard backup practices apply
• Cache data can be regenerated
• Configuration stored in user cache directory

API Key Security

• Store API keys securely according to your organization’s policies
• Rotate keys periodically based on provider recommendations
• Use minimal permissions when configuring API keys
• Monitor usage through provider dashboards

Data Handling

• Follow standard file system security practices
• Use appropriate database security for external connections
• Consider network security when accessing remote databases

Geographic Control

• Data processing happens on your local machine
• Only query context sent to AI providers
• Users choose which AI providers to use
• No data stored on external analytics platforms