KALKI never collects, stores, or transmits personal data to any server. Your conversations, identity, and location exist only on your device.
The following data is stored only in your browser's IndexedDB — never sent to KALKI servers:
• All conversations and chat history
• Civic profile (location, language preference)
• Saved petitions and complaints
• Notification preferences and history
• App settings (font size, language, theme)
This data is deleted when you use the "Wipe All My Data" button in the About modal. It can be exported as a JSON file and imported on a new device.
When you submit a community report, KALKI stores only:
• A randomly generated SHA-256 hash (16 hex characters) as the report ID
• The report content (category, description, location, severity)
• A server timestamp
We never store: IP addresses · Session IDs · Device fingerprints · Browser information · Any identifier that could link the report to you
The anonymous hash is generated from sha256(timestamp + random_bytes) — it cannot be reversed to identify you.
KALKI uses Supabase (PostgreSQL) as a server-side database. The only data stored there is:
• Anonymous community reports (described above — no personal identifiers)
• Notification cache (public civic alerts — no personal data)
Supabase does not store conversations, user identities, or any personal information.
Activating Ghost Mode (👻) creates a throwaway session ID and disables all IndexedDB writes. While in Ghost Mode:
• No conversations are saved anywhere
• No notifications are cached
• Closing the browser tab leaves zero trace
• Even the throwaway session ID is discarded
KALKI sends your messages to AI providers (Groq, OpenRouter) to generate responses. These providers process your message transiently to produce a response and do not store conversation history on our behalf. We recommend not including sensitive personal information (full name, national ID, financial details) in chat messages.
KALKI cannot be legally compelled to reveal the identity of anyone who submitted a report because we technically do not possess that information.
No IP addresses, no session IDs, no device fingerprints are ever recorded in connection with report submissions. Even under a court order, KALKI can only produce the anonymous hash and report content — nothing that identifies the submitter.
This is not a policy choice — it is a technical architecture decision. We designed the system so that the data we cannot hand over is data we never collected.
• Right to export: Download all your data anytime via About → Export My Data
• Right to delete: Wipe all device data via About → Wipe All My Data
• Right to anonymity: Use Ghost Mode for zero-trace sessions
• Right to transparency: KALKI's source code is open (GPL v3)