Privacy & Security

Audio never leaves your device.
Verifiable, not promised.

We avoid privacy-theatre adjectives like “100% private” and “military-grade.” Below is the architecture, the short list of data Vox can see, and how to confirm it yourself.

Mic

RAM only

Whisper / Parakeet

on-device transcription

Apple Intelligence / Gemma 4

on-device cleanup

Clipboard

⌘V to paste

No outbound arrows. Audio is captured to RAM, freed after transcription, never written to disk.

What we can see

The full list.

Counter-intuitively, we publish exactly what we know rather than say nothing — it's the only honest version of a privacy page.

  • Billing email

    Only if you buy a commercial license. Stripe stores it; we read it from Stripe to send your license PDF.

  • Aggregate page-views

    Vercel Analytics & Speed Insights — cookieless, no persistent identifiers, IPs anonymized via a daily-rotating salted hash. We see counts and country: how many people opened /teams this week from Germany. We do not see who.

  • Model download requests

    On first run, the desktop app downloads the transcription model (Whisper or Parakeet) and the cleanup model (Gemma 4) once. After that, no further Vox→server traffic. If you choose Apple Intelligence as the cleanup engine, Vox calls Apple's on-device framework — Apple may run that work on-device or on its Private Cloud Compute infrastructure under Apple's own privacy commitments. Vox itself transmits nothing.

  • What we cannot see

    Audio. Transcripts. The contents of your dictionary. Which apps you dictate into. Crash reports. None of it touches a server we control.

Verify it yourself

Don't take our word for it.

  1. Install a network monitor — Little Snitch or LuLu on macOS, GlassWire on Windows.
  2. Block all outbound traffic from Vox except localhost (127.0.0.1).
  3. Dictate normally. Vox keeps working. Models talk to a local model server (llama.cpp for Gemma; the bundled NeMo runtime for Parakeet) on 127.0.0.1; there is no other network call to intercept.
  4. Pull the network plug. Vox keeps working. That's the test no cloud tool passes.

Phrasing we avoid

Why we don't say what other privacy pages say.

“100% private” is an absolute claim — one bug invalidates it. “Military-grade encryption” is meaningless. “We never collect anything” is almost certainly false on any commercial site, and the FTC has prosecuted vendors for that exact phrasing.

We replace adjectives with architectural facts. “Audio is processed on your device's GPU or Neural Engine and never transmitted” is testable; “ultra-private” isn't.

Read the full policy at /legal/privacy.