It is a "harness" that manages conversations/interactions with LLMs. An extended interaction can include- many turns of conversation, providing files for the LLM to process, having the LLM direct the running of programs called tools by the harness. The privacy aspect is determined by which LLM you configure OpenCode to use. If you configure it to use an LLM you host yourself, then you maintain your privacy. If you have it use an LLM provider you do not host yourself then your conversation and file and tool results and whatever else is sent to the provider and your privacy is dependent on the provider. There have been no reports of OpenCode communicating out of band with user data to any servers- it does do things like check for version updates and can download plugins and the like. But in that sense OpenCode is reasonably configurable for privacy. The default however is to use an external provider for LLM, not a local model, so you have to change that and not use it oob.

To have your own LLM provider, you have to run different software. Ollama is one option (though it also by default uses external provider) and llama.cpp is another. Jan and LMStudio are other options for actually running a model on your own hardware, to which you can direct OpenCode.