Eavesy

Privacy

Last updated: 2026.

What we promise

  • Local + cloud, both real. On desktop, every meeting lives as a real folder on your disk — Markdown summary, full transcript, audio, JSON metadata — in addition to the cloud copy. You can open these in Obsidian, drag them to Dropbox, edit them in VS Code. Changes round-trip.
  • TLS 1.3 in transit, AES-256 at rest. Audio is encrypted at rest in Cloudflare R2. Everything else is encrypted at rest in Cloudflare D1.
  • API keys in your OS keychain on desktop. Encrypted at rest in the cloud for web/mobile.
  • No third-party analytics ever see transcript content, audio, summary text, or notes. PostHog/Sentry get crash reports and anonymous usage events only.
  • No training on your data — our AI and transcription providers are configured with no-train flags.
  • One-click full export. Settings → Privacy → Export everything.
  • Account deletion that actually deletes. R2 audio purged within 7 days, database within 24h. Your local folder is preserved — it's yours.

Who sees your data

A clear, public list of every third party that ever touches user data:

  • Anthropic — AI summaries & action-item extraction (no-train)
  • Cloudflare — all infrastructure (Workers, R2, D1, Vectorize, Queues, KV), plus Workers AI for transcription (Whisper) and semantic-search embeddings
  • Clerk — authentication

BYO keys

Settings → Integrations lets you supply your own Anthropic and/or Deepgram keys. When set, AI calls bill to your accounts. Calls still flow through Eavesy so we can compose prompts.