PerchAI
How it works

Security and data

How Perch handles your files and your data, what stays on your device, what is processed in the cloud, and the providers involved.

Perch is built for work where confidentiality matters. This page explains exactly how your files are accessed, what stays on your machine, what is processed off it, and who processes it. We would rather tell you precisely how it works than ask you to take it on faith.

How Perch accesses your files

On the desktop, Perch operates under a permission mode that you control:

  • Default. Perch works only inside folders you explicitly approve.
  • Auto Review. Common working folders (Desktop, Documents, Downloads, Projects) are available; anything else asks first.
  • Full Access. Any folder in your home directory is available.
  • Take the Wheel. Perch can act autonomously within the limits below.

You choose the level of autonomy, and you can change it at any time. Perch does not roam your disk on its own.

Protected by default

Sensitive paths are always off limits

A built-in blocklist prevents Perch from reading credentials and system locations in every mode, including Take the Wheel. This covers items such as SSH and cloud keys, environment and credential files, key and certificate files, and protected system directories. The block applies before any permission mode is evaluated, so autonomy never overrides it.

Actions that require confirmation

High-impact actions are gated unless you have explicitly enabled an autonomous mode. Bulk deletions, mass sends, and force pushes prompt for confirmation before they run, so an automated step cannot quietly do something irreversible on your behalf.

Analysis runs in a sealed sandbox

When Perch runs analysis code to verify numbers or process data, that code executes in a sandbox with network access and package installation disabled, isolated from the rest of your machine. The analysis is shown in the transcript, so you can see what was run, not only what was concluded.

What is processed off your device

Perch is local-first for access and control, but it is not air gapped, and we will not imply otherwise. To produce an answer, the material needed for that turn, including relevant document content, is sent to our inference providers for processing. If you index a folder, those files are split into passages and stored in your workspace so retrieval can work. Your memory and conversation history are stored in your workspace as well. All of this is scoped to your account and workspace.

How your data is handled

  • Your inputs and outputs are not used to train any model.
  • Your data is not shared with model vendors.
  • Data is encrypted in transit and at rest.
  • Inference runs on established enterprise providers used by major organizations.
  • You can request deletion of your workspace data.

Subprocessors

Perch relies on the following providers to operate the service:

  • Amazon Web Services (Amazon Bedrock). Model inference.
  • Weights and Biases (W&B Inference). Model inference.
  • Supabase. Authentication, your workspace index, memory, and conversation storage.

We keep this list current. If you need our data processing terms for a security review, contact us.

The operator and agents

How Perch goes beyond chat to read files, run analysis in a sandbox, and coordinate focused workers on larger tasks.

Personas

Quill and Saffron share the same workspace. One drafts with care. The other reads files under pressure.

On this page

How Perch accesses your filesProtected by defaultActions that require confirmationAnalysis runs in a sealed sandboxWhat is processed off your deviceHow your data is handledSubprocessors
Security and data | Perch AI