Hosted in Europe
All Dokyo infrastructure runs on servers in the European Union. Your data never leaves the EU and benefits from the world's strictest data protection regulations.
Your data deserves serious protection. Here's how Dokyo keeps your documents, files, and workspace secure.
Every layer of Dokyo is built with security and privacy first. No exceptions, no afterthoughts.
All Dokyo infrastructure runs on servers in the European Union. Your data never leaves the EU and benefits from the world's strictest data protection regulations.
Every connection to Dokyo is encrypted using TLS 1.2 or higher (HTTPS). Whether you're editing a page or uploading a file, your data is always protected in motion.
Your documents, files, and database records are stored on encrypted volumes. Even at the infrastructure level, your data is protected against physical access.
Passwords are hashed using bcrypt with a high work factor. Dokyo also supports passwordless login via OAuth (Google, GitHub), and session tokens are signed and rotated.
Each workspace is fully isolated at the database level. Users can only access pages and data within workspaces they belong to, enforced server-side on every request.
Dokyo includes no analytics trackers, ad networks, or third-party scripts. No Google Analytics, no Meta Pixel, no fingerprinting. Zero tracking, period.
All API endpoints are protected against cross-site request forgery (CSRF). User-generated content is sanitized to prevent cross-site scripting (XSS) attacks.
Dokyo is designed with GDPR principles from the ground up. Data minimization, consent, user rights, and European hosting are built in, not bolted on.
We monitor for vulnerabilities, apply patches promptly, and keep all dependencies and infrastructure up to date to protect against emerging threats.
Trust built on concrete commitments, not promises.
All Dokyo infrastructure runs on servers in the European Union. Your data is never stored outside the EU and is subject to GDPR and other strict European data protection laws.
No. Dokyo includes no analytics trackers, ad networks, or third-party scripts. We do not use Google Analytics, Meta Pixel, or fingerprinting. We do not sell your data or share it with advertisers.
The optional AI assistant is disabled by default. When you enable it, only the content you explicitly send to the assistant is processed. The AI does not train on your data, and your documents are never used to improve the model without your consent.
We keep your account data and content for as long as you have an active account. If you delete your account, we securely delete all your data within 30 days. Consent records are kept only as long as required by law.
You have the right to access, correct, and delete your personal data. You can export your documents at any time and request a copy of all data Dokyo holds about you. Contact us at [email protected] to exercise these rights.
Dokyo is built to comply with GDPR and other European privacy laws. We follow privacy-by-design principles, minimize data collection, and respect user rights across all jurisdictions.