L Loach Docs
Ctrl K

Storage & privacy

Loach is local-first. Your content lives on your machine, and only requests to remote providers ever leave it. Here's exactly what is stored, where, and what (if anything) goes over the network.

Where things live

WhatWhere
Chats, messages, Spaces, Snippets, MCP servers, app settingsSQLite at <app-data-dir>/loach.db
OpenAI-compatible API keyOS credential manager (Windows Credential Manager / Linux Secret Service / macOS Keychain)
App-lock hash + hintOS credential manager — same store, separate entry
Attached files (images, text)Inlined into the message at send time — no separate file store
App data dir on Windows%APPDATA%\dev.loach.app\
App data dir on Linux~/.local/share/dev.loach.app/

Offline by default

Loach launches and works completely offline as long as you stick to local providers. The following are all available without any network access:

Only chat generations against remote endpoints (OpenAI, Groq, OpenRouter, …) need an internet connection.

No telemetry

Loach does not phone home. There is no usage tracking, no analytics, no crash reporting service. The only outbound traffic the app makes on its own is the update check (which can be disabled).

Secrets handling

API keys and app-lock credentials are stored in your operating system's credential manager via the keyring crate:

App-lock secrets are hashed with Argon2id before they're stored; the plaintext is never written anywhere.

Backup, restore and wipe

From Settings → Data management you can:

API keys are not part of the export — they live in the OS credential manager and stay there until you remove them.