Yours. Provably.
Vozzle is local-first: your notes, tasks, and meetings live on your device and sync encrypted. AI runs only when you ask, the audio buffer never reaches our servers, and your content never trains anyone's models.
Your data.
Your phone.
Your keys.
Vozzle is built local-first. The phone is the source of truth — with encryption on by default, sync is encrypted before it leaves the device, and the key never leaves your iPhone's Keychain.
We can't read your transcripts. We can't recover your data if you delete the app and lose your phone. Both of those are the same promise.
Local-first by design
Your notes, tasks, meetings, and calendar all live on your phone first — in the iOS data store. Sync exists so your devices stay in step — and everything it carries is encrypted first.
The phone is the source of truth; our servers only hold encrypted copies for sync.
End-to-end encrypted
With encryption on — the default — sync uses AES-256-GCM, and the key lives in your iPhone's Keychain. The data is encrypted before it leaves your device, the key never leaves it, and every connection to our servers is certificate-pinned, so the app only ever talks to Vozzle. You can turn encryption off if you'd rather.
Industry-standard primitives. No proprietary cryptography.
We can't read it
Zero-knowledge sync, on by default: with encryption on, the blobs that hit our servers are opaque to us — and to everyone else. Without your device's key, the ciphertext is just noise. (Turn encryption off and sync is readable by us, like any normal cloud app.)
With encryption on, a subpoena for your data gets us ciphertext.
No playback. No archive.
Meeting audio sits in a protected buffer with no playback UI and no archive. It stays on your device — and in your own iCloud Drive if you have iCloud on — but never reaches our servers. It's kept for up to 30 days, so a crash or dropped call can't lose your meeting and you can re-run speaker detection, then it auto-deletes.
The buffer lives on your devices, not on ours.
What we're honest about
Live transcription & AI features need network
During a live meeting, audio passes through a transcription service and comes back as text. AI summaries and re-analysis requests go to a cloud model. We don't store either side; once it's text, the audio is gone.
The fine print, in plain English.
Data categories, retention windows, sub-processor categories, and your rights — all in the policy.
Questions about privacy
Where is my Vozzle data stored?
On your device first. Sync runs through Vozzle's encrypted sync service — and with end-to-end encryption on, only your devices hold the keys.
Is my content used to train AI models?
No. Our terms rule it out, and AI requests are routed with no-training enforced at the provider level. AI only ever sees the items you explicitly ask it to process.
What happens to the audio after a meeting?
The protected buffer exists so a crash or dropped call can't lose your meeting — and so you can re-run speaker detection afterward. It stays on your device (and in your own iCloud Drive if you have iCloud on), never on our servers, has no playback UI, and auto-deletes after up to 30 days.
Which third parties see my data, and when?
Only what a feature needs: live transcription streams audio to our speech provider, and AI features send the text you select to our AI providers — under no-training terms. The full list of sub-processor categories is in the privacy policy.