Capturall

Privacy & security

Your conversations are the product. Ours is keeping them yours.

Capturall was designed around a simple default: transcribe on the device that recorded the audio, so the audio does not have to go anywhere. When cloud processing is genuinely needed, it happens in the EU only — and every transcript tells you which path was used.

processed on-deviceprocessed in EU cloud

Six commitments, stated plainly

No bot joins your calls

Capturall records on your own device. It never enters a meeting as a participant, so there is no third party sitting in your conversation.

On-device transcription by default

On iPhone and Mac (Apple silicon), speech-to-text runs locally. Audio never leaves the device by default — there is no server to trust because none is involved.

EU-only cloud, when cloud is needed

In the browser, or when you choose high-accuracy mode, processing happens on EU servers only. We use Mistral's Voxtral models under a zero-data-retention posture.

Consent before any capture

Recording starts only after an explicit consent flow. We built the product assuming you will tell people they are being recorded — because you should.

Audio is not stored unless you opt in

By default, audio is used for transcription and not kept. Keeping recordings is an explicit opt-in choice, not a hidden default.

Every transcript is labelled

Each transcript shows a badge — processed on-device or processed in EU cloud — so you can verify the processing path per conversation, not take our word for it.

The two processing paths, compared honestly

There is a real trade-off here and we would rather you understand it than discover it. On-device is the most private path. EU cloud exists because the browser cannot run local models well, and because a larger model is sometimes more accurate.

processed on-device

On-device (default)

  • Available on iPhone and Mac with Apple silicon.
  • Audio never leaves your device. No upload happens at all.
  • Works offline — on a train, in a client's basement meeting room.
  • Honest limitation: the local model is very good, but a larger cloud model can be more accurate on difficult audio.
processed in EU cloud

EU cloud (browser, or high-accuracy mode)

  • Used when you work in the browser, or explicitly choose high-accuracy mode.
  • Processing on EU servers only, with Mistral's Voxtral models under a zero-data-retention posture.
  • Audio is processed for transcription and not stored unless you opt in.
  • Honest limitation: audio does leave your device for this path. That is exactly why the badge exists.

What data goes where

DataWhere it goesNotes
Meeting audio (iPhone / Mac)Stays on your deviceTranscribed locally on Apple silicon. Not uploaded. Not stored unless you opt in.
Meeting audio (browser or high-accuracy mode)EU servers onlyProcessed by Mistral Voxtral with a zero-data-retention posture, then discarded. Not stored unless you opt in.
Transcripts and insightsYour accountStored so you can search and reuse them. Each one is labelled with the processing path used.
Consent recordsYour accountThe consent step is part of the capture flow, so there is a record that it happened.
Account details (email, name)EU infrastructureUsed to run your account and contact you. Not sold, not shared for advertising.

Don't take our word for it

On-device means testable. Three checks anyone can run — no compliance badge wall required.

Test 1

Pull the plug

Turn off Wi-Fi mid-meeting. On-device transcription keeps writing, live, while the network is gone. A cloud tool stops.

Test 2

Watch the wire

Run Activity Monitor or a firewall like Little Snitch while capturing on-device. Your audio never appears on the network, because it never leaves the machine.

Test 3

Read the badge

Every transcript carries a processing badge: on-device, or EU cloud with the reason why. There is no unlabelled path.

Built to make GDPR conversations easier

We will not claim Capturall makes you “GDPR compliant” — no tool can promise that, because compliance depends on how your organization works. What we can say is that the architecture is designed to make your data-protection story simpler: processing on your own device by default, EU-only processing otherwise, explicit consent as part of the capture flow, no audio retention without opt-in, and a per-transcript record of which path was used.

If your DPO or security team has questions we have not answered here, email us at hello@capturall.com — we would rather answer them before you sign up than after.

Privacy questions welcome

Download the app and ask us the hard questions — a straight answer about architecture beats a compliance badge wall.