[tgalal]

> The server does see the audio during processing (that's how GPU transcription works), but the final stored transcript is encrypted with a key derived from your password that never leaves your browser.

You conveniently omit mentioning that the server also sees the transcript before returning it to the client side browser. Whether it is "immediately" erased, is something the client must trust the server to do. You might as well save yourself the roundtrip by encrypting server side, returning the key, then deleting it, same outcome.

[nadermx]

Thanks for pushing us on this, you're right. We've updated all our terminology and documentation to be fully transparent: - Security page now explicitly states the server sees audio + transcript during processing - Privacy policy and terms updated with a bit clearer language about what's protected vs what's not For users who need true end-to-end privacy where audio never touches shared servers, we're launching Private Cloud and Self-Hosted options: https://stt.ai/private-cloud/ Your feedback directly shaped these changes. Appreciate it.