Security & Privacy

Your conversations are your business.

We built Note Genie with privacy as a core design principle, not an afterthought. Here's how we protect your data.

On-Device Recording

Audio is captured and stored locally on your phone or computer. No bots join your calls. No audio is streamed to servers during recording. You decide when and if to upload.

Encrypted Storage

All recordings, transcripts, and summaries are encrypted at rest using industry-standard encryption. Data in transit is protected exclusively via HTTPS/TLS.

No Data Training

Your recordings are your intellectual property. We do not use your data to train AI models. Processing is done via private API calls that do not retain your content.

Native Integrations, No Bots

Direct integrations with Zoom, Teams, and Google Meet capture your meetings without joining as a bot. When native integrations are available, no bot ever joins. Bots are available as a fallback only when you choose.

Privacy Mode

A master switch that disables all cloud capture — bots, native integrations, auto-join, everything. When enabled, nothing records without your explicit action. Built for regulated industries like healthcare, legal, and finance.

Full Data Control

Export your data anytime. Delete individual recordings or your entire account. When you delete, data is permanently removed — recordings, transcripts, summaries, and all associated metadata.

Secure Authentication

JWT-based authentication with rate-limited login attempts. Support for email/password, Google OAuth, and Apple Sign-In. Password reset via time-limited email tokens.

Account Deletion

You can request account deletion at any time from your settings. Here's what happens:

  1. You confirm by typing a confirmation phrase
  2. We send a confirmation email with a time-limited token
  3. You click the link in the email to confirm
  4. All data is permanently deleted — recordings, transcripts, summaries, action items, folders, and account data

Native Integration Privacy

Microsoft Teams

Microsoft generates the transcript within their platform. Audio stays within Microsoft's ecosystem. We receive the finished transcript — never raw audio.

Google Meet

Google generates the transcript within their platform. Audio stays within Google's ecosystem. We receive the finished transcript — never raw audio.

Zoom RTMS

Zoom streams audio directly to our servers via secure WebSocket. We transcribe it with our AI and then delete the raw audio. No bot joins the meeting.

Learn more about our native meeting integrations and capture architecture.

Compliance

GDPR

We respect EU data protection rights. You can access, export, or delete your data at any time. We process data only as necessary to provide the service.

CCPA

California residents have the right to know what data we collect, request deletion, and opt out of data sales. We do not sell personal data.

Have a security question?

We take security seriously. If you have concerns or want to report a vulnerability, reach out to our team.

Contact Security TeamPrivacy Policy