Keli's approach
Keli runs as a native desktop app. Your files and local projects stay on your machine unless you explicitly attach or reference them in a conversation — we don't upload your file system to any server in the background. Everything that does leave your device, such as a prompt sent to a model or a license check, travels over TLS-encrypted connections.
Model inference runs through OpenRouter
Keli doesn't host or train AI models. Chat, Cowork, and Code all send requests through OpenRouter, which routes each request to the model provider you've selected and returns the response. Because all model traffic flows through OpenRouter's infrastructure, we inherit the security posture they've built and independently verified — we don't need to (and don't) re-implement inference-layer security ourselves.
Per OpenRouter's Trust Center, that includes:
- SOC 2 Type II certification, covering their security controls over time, not just a point-in-time snapshot.
- Third-party penetration testing of their application, with reports available on request.
- Encryption in transit and at rest across their infrastructure.
- Continuous monitoring, vulnerability and patch management, and formal incident response processes.
- Access controls including reviewed data access, two-step verification, and passkey support internally.
- Business continuity practices, including tabletop exercises and infrastructure status monitoring.
OpenRouter Trust Center
View their SOC 2 report, pentest summary, subprocessor list, and DPA directly.
Because the model provider you choose (for example Anthropic, OpenAI, Google, or an open-weight model) also processes your prompt to generate a response, your data is additionally subject to that provider's own security and data-handling practices as made available through OpenRouter.
Zero Data Retention
We enforce Zero Data Retention (ZDR) on our OpenRouter routing. That means every request from Keli is restricted to model endpoints that have committed not to retain your prompt after returning a response, and OpenRouter's own infrastructure does not log your prompts either. We don't enable prompt logging on your behalf.
Data that isn't retained can't be used to train a model — by us, by OpenRouter, or by the underlying provider. This is a stronger guarantee than a "we promise not to train on your data" policy: there's no stored copy of your prompt left to train on in the first place.
Data handling summary
- Stays on your device: your local files and projects, unless attached to a conversation.
- Sent to Keli's servers: account and billing data, app usage and crash telemetry, and support communications.
- Sent through OpenRouter to a model provider: the prompt and any attached content for the conversation you're actively running.
See our Privacy Policy for the full breakdown of what we collect and why.
Responsible disclosure
If you believe you've found a security vulnerability in Keli, please report it to security@keli.ai. We investigate all reports and will work with you on responsible, coordinated disclosure.