doloop.io
Code Read, gate, and teach your AI - on your machine The doloop CLI Read a codebase you have never opened, gate a change against its own conventions, and emit those rules to AGENTS.md so your AI writes fitting code. Local, deterministic, bring your own model. The diff you can't trustwhy AI code that compiles and passes tests still breaks the codebase's own rules Merge with confidencethe reviewer's no that no test can explain, made visible Read any reposee how a repo you've never opened works, in a minute In your editorwhere to look, painted into VS Code and Cursor Security rulesthe universal injection sinks, caught deterministically Legacy modernizationhand the AI the safe parts, keep your architects on the risks Documents Auditable Intelligence for Documents Extract data you can trust Pull data from contracts, statements, and filings with every value located at its source on the page - not generated, so it cannot hallucinate a number that is not there. Try it on a PDFthe live extraction viewer, every value tied back to the page The data roomM&A diligence: every figure tied out and traced to the page Model risk · SR 26-2why a located value sits outside the model-risk regime Does your LLM dream of electric sheep?a 60-second test for whether you can trust what your model extracted Loops A loop for every kind of AI output All the loops Every kind of output your AI produces, each closed by its own deterministic loop. Codecheck an AI change against your codebase's own conventions Answer engineanswers from your own content, or says it doesn't know Documentspull tables and numbers out of a PDF, every cell tied back to the page Writingcatch AI filler, hedging, and padding in prose Defensive engineering The platform, and the proof Deterministic gates for AI output The whole approach in one page: why a reproducible check beats an LLM reviewing itself. Model risk · SR 26-2why a rule-based check sits outside the model-risk regime The method & the evidencehow the inference works, the studies, the theory, and the honest nulls AI Code Barometerconvention rates read live across millions of public files Answersthe questions a skeptic asks first Playground Sign in

Privacy Policy

Last updated: 2026-06-05

Draft pending counsel review. This policy is published in good faith as a working baseline. If you need a signed copy or a redlined version for your procurement team, email hello@doloop.io.

What this covers

This policy applies to doloop.io and all subdomains, including wysiwyd.doloop.io and any future doloop product surface. Where a product has additional product-specific terms (for example, a separate enterprise data-processing agreement), those terms take precedence.

What we collect

Files you upload to WYSIWYD

If you upload a PDF to wysiwyd.doloop.io for extraction, the file is temporarily stored on the API server (Fly.io, San Jose region) for the duration of your session. We retain uploaded PDFs for at most 24 hours, after which a background process unlinks the file from disk. Files are not backed up, archived, or copied to any other system.

We do not use your uploaded PDFs to train, fine-tune, or evaluate any model. We do not share them with third parties. Our extraction pipeline is fully deterministic and runs entirely on our own infrastructure; no third-party AI services are invoked for the standard extraction flow.

Usage data

We count the number of pages each IP address has scanned in the current month, in a small usage database, to enforce the free tier (10 pages per IP per month). This counter rolls over on the first day of each month. We do not log the contents of your scans, your filenames, or anything else identifying.

Browser data

Our static pages (doloop.io and the WYSIWYD landing) do not set tracking cookies, do not run any analytics scripts, and do not load third-party tags. The only outbound requests from these pages are: (1) Google Fonts for typography, (2) federalreserve.gov for the SR 26-2 source link, (3) the WYSIWYD API endpoints on wysiwyd-api.fly.dev when you use the live upload widget.

What we do not collect

  • We do not collect personally identifiable information (PII) on the free tier (no email, no name, no credit card).
  • We do not collect or process Protected Health Information (PHI). Do not upload PHI to the free tier; if you need a HIPAA Business Associate Agreement for healthcare workloads, email us about the Enterprise tier.
  • We do not retain, fingerprint, or share the contents of your PDFs.
  • We do not place advertising cookies or behavioral-tracking scripts.

Where data lives

  • Static site files: BlueHost shared hosting (United States).
  • API service: Fly.io, San Jose region (United States).
  • Uploaded PDFs (temp): Fly.io tmpfs on the API container, deleted within 24 hours.
  • Free-tier usage counter: usage database on a Fly.io persistent volume, San Jose region.

Your rights

Because the free tier does not collect PII, there is no identifiable record of your activity to access, modify, or delete. If you have used the Pro or Enterprise tier and want to request data access or deletion, email hello@doloop.io and we will respond within 30 days.

Changes to this policy

If we materially change this policy we will update the "Last updated" date above. We will not retroactively reduce your privacy protections for data already collected.

Contact

Privacy questions: hello@doloop.io.

doloop WYSIWYD Thesis Privacy Terms Security AskContact

Built deterministically.

Ask doloop

Routes you to a real doloop page, asks when your question is ambiguous, or tells you when there is no answer. No model runs on the answer path, so it cannot invent one.

Deterministic · reproducible · cannot invent