Security
Private by default
Your meetings stay yours. Nothing joins your call, no audio is ever stored, everything Nod keeps is encrypted in the EU, and none of it trains a model. This page follows a conversation from your microphone to your notes, including the parts that are less flattering to us.
We never read your transcripts
Your notes are private to your account. We don't pool them with anyone else's, we don't read them, and they're not used to improve Nod or train a model.
The rest of this page is how that's enforced rather than just promised. The security page documents all of it in more detail if you want the specifics.
What happens to your audio
Nod captures the audio your Mac is already playing, through native macOS APIs. No bot dials into the call, so nobody sees a new participant. An on-device model then cuts that stream into complete utterances of roughly five seconds.
Each chunk is sent over an encrypted connection to a transcription service, and the bytes are released the instant the text comes back. No audio file is ever written to disk, uploaded, or stored, not on your Mac and not at the provider. There is no recording of your meeting anywhere, which means there is nothing to leak.
Your audio does leave your Mac. Capture and voice detection happen on-device, but transcription and summarization don't. They run on hosted inference providers, and Whisper transcription in particular runs on infrastructure outside the EU, under EU-U.S. Data Privacy Framework adequacy and standard contractual clauses. Nod is local capture with cloud inference, not a fully offline note taker. If your requirement is that nothing may ever leave the machine, you want a different architecture, and the honest options are covered in on-device Mac note takers.
What we can promise is that nothing is kept. Every call runs under Zero Data Retention, no provider trains on it, and no audio is stored at either end.
Where your notes live
What gets saved is the transcript and the notes built from it, and those stay in the EU.
- Supabase Postgres in Ireland (AWS
eu-west-1), with auth and server-side functions in the EU too - TLS 1.2+ on every connection (TLS 1.3 by default; TLS 1.1 and below are rejected), AES-256 at rest
- Row-Level Security on every table, so the app can only serve you your own rows
- No training on your data, by us or by the providers we route through, and "may train on request data" routes disabled
- No provider API key on your Mac; calls go through our own EU proxy, authenticated as you
Nothing is shared unless you share it
Your meetings are visible to you and nobody else by default. Nod has no shared inbox and no team mode today, so there's no colleague, manager, or admin quietly holding a copy.
The exception is the one you trigger yourself. When you turn a summary into a share link, anyone holding that link can read it, which is what a share link is for. It's worth saying out loud, though, because "private by default" is a claim about the default and not about what you're allowed to do next. The link covers one meeting's summary, it never exposes the transcript or your other meetings, and you can revoke it whenever you want.
Your data is yours to take back
All of this is self-serve from inside the app. You don't have to email us or wait on a support ticket.
- Export everything as one machine-readable JSON file, from Settings → Privacy → Export my data (GDPR Articles 15 and 20)
- Export any meeting as a plain Markdown file that Obsidian or any editor reads
- Delete a meeting and it goes to a trash that's permanently purged 30 days later
- Delete your account and it cascades across every table holding your data: meetings, transcripts, summaries, chats, embeddings
- Any live subscription is cancelled when you delete, so you're never billed after leaving
What we don't have yet
No SOC 2. It's planned, but the audit hasn't started, so there is no report to send you today. We'd rather say that than put an "in progress" badge in the footer and hope nobody asks who the auditor is. SOC 2 also isn't the thing that keeps your audio from being stored; the controls above are, and you can check those today. A GDPR DPA is available on request.
No SSO or SAML. Sign-in is Google OAuth, with OpenID, email, and profile scopes only, so Nod never gets read access to your Gmail, Calendar, Drive, or contacts.
No bring-your-own-key in the app today. If you need it, say so: dmytro@hellonod.app.
Nod is built and run by one founder, not a company with a security department. That's a real limit, and it's why the claims on this page are written so you can check them. Start with the security page and the privacy policy.
Frequently asked questions
Can anyone at Nod read my transcripts?
No. Your notes aren't shared, pooled, or reviewed, and every table is protected by per-user Row-Level Security, so the app can only serve you your own rows. Your meetings are not used to improve Nod or train any model.Does Nod store my meeting audio?
No. Audio is held in memory only long enough to chunk it (about five seconds) and transcribe it, and the bytes are released the moment the transcript returns. Nothing is written to disk and nothing is stored in the cloud. Only the transcript and your summary are saved. See Security § Audio recordings.Is transcription on-device?
No, and we won't pretend otherwise. Capture and voice detection run on your Mac, but transcription and summarization run on hosted inference providers, so audio chunks do leave your machine (encrypted) to be processed. They're routed under Zero Data Retention with no model training, and no audio is stored at either end. For a fully offline model, see on-device Mac note takers.Is my data stored in the EU?
Your stored data is: transcripts, summaries, and everything else live in Supabase Postgres in Ireland (AWS eu-west-1), encrypted at rest with AES-256. Inference is the exception. Transcription runs on providers hosted outside the EU under Data Privacy Framework adequacy and standard contractual clauses, with Zero Data Retention and no training. Audio is never stored anywhere.Do you have SOC 2?
No. It's planned, but the audit hasn't started, so there's no report to send, and we'd rather say that than imply otherwise. We'll update the security page when it changes. In the meantime we're happy to walk through the actual controls: dmytro@hellonod.app. A GDPR DPA is available on request.Will the other people on the call know I'm recording?
Not from Nod. No bot joins and nothing is announced, because Nod listens through your Mac's own audio. That means telling them is on you, and depending on where you are it may be a legal requirement. Nod shows a one-time consent reminder before your first recording. See recording consent.


