Product updates
How Weeve stays private by default
Stefan Weiss
Most software uses the word private in a very specific way.
It usually means your data is encrypted while it travels to a server, and sometimes while it sits there.
That is useful. But it still means your conversation left your laptop.
Weeve means something more literal.
The recording runs locally. The transcript runs locally. Speaker detection runs locally. The summary runs locally. Your meeting content is not sent to Weeve, and it is not sent to a cloud AI provider.
That has been true since we shipped.
What changed in April is simpler: we removed the last optional path that could send meeting content to the cloud.
What we removed
For a while, Weeve had an escape hatch.
If you wanted, you could connect your own Anthropic, Google or OpenAI account and have one of those services summarise your meeting in the cloud.
It was off by default.
Almost no one turned it on.
That told us something useful. People were choosing Weeve because they did not want a cloud model in the loop in the first place.
So in April, we removed the option entirely.
Before, the accurate answer to "does Weeve send my meeting to the cloud?" was: not unless you turn that on.
Now the answer is just: no.
Once Weeve has downloaded the models it needs, it can write your summary without an internet connection. On a plane. On a train. In a client office with strict network rules. In a country house with bad signal.
Offline is not a side benefit.
It is part of the privacy model.
What our servers do see
We still run a software business. Some data has to leave the device for accounts, billing and product operations.
Here is the list.
Your account: your email address and the six-digit sign-in code flow, so we can know it is you.
Your subscription: whether you are on trial, which plan you are on, and whether your card is active.
Your usage counter: how many recordings you have started, stored as a monthly number per user. This is how we enforce the public-beta usage cap.
Update checks: anonymous lookups for the latest version of the app.
Product analytics: a separate analytics service can tell us that you started a recording, refined a summary, or ran a certain model variant.
That analytics service does not receive the audio. It does not receive the transcript. It does not receive the summary. It does not know what the meeting was about, who was in it, what you named it, or what tasks came out of it.
That is the whole list.
What our servers never see
Your audio. Your transcript. Your summary. Your meeting title. Your speaker labels. Your templates. Your to-do items. Your decisions. Not encrypted and uploaded. Not redacted and uploaded. Not anonymised and uploaded. Not uploaded.
Why this matters
Privacy problems often start with collection.
Once sensitive data has been sent to a third party, you inherit a new set of questions. Where is it stored? Which processors touch it? Which metadata is generated from it? Can it be used for service improvement? Can it be shared by link? What happens if settings change? Is your data used for training?
Security guidance makes the same point in more formal language. The UK's National Cyber Security Centre says cloud customers should understand which data and derived metadata are shared with third-party suppliers and their supply chains. The European Commission explains the GDPR data minimisation principle as collecting personal data only when it is adequate, relevant and limited to what is necessary.
That is the frame we use for Weeve.
The strongest privacy choice is not to collect the meeting content at all.
Meeting notes are not normal data
A meeting transcript is not just a document.
It can contain client context, legal strategy, internal politics, financial details, hiring decisions, health information, unfinished thoughts and things people said because they trusted the room.
That is why AI note-takers create a different kind of risk.
The American Bar Association has warned that transcription and note-taking tools can create confidentiality and privilege issues when audio is processed in the cloud or made accessible to third parties.
The risk is not only theoretical. The Verge reported in April 2026 that Granola notes could be viewable by anyone with a link by default, while AI training was enabled by default for non-enterprise users.
That does not mean every cloud meeting tool is careless.
It means privacy language is not enough.
Architecture matters.
Why this is possible now
A few years ago, a fully local meeting tool would have felt like a compromise.
It would have been slower, weaker or awkward enough that most people would eventually reach for the cloud version.
That has changed.
Modern Macs are good local AI machines, and newer open models are built with edge and laptop use in mind. Google's Gemma 4 model card, for example, describes Gemma 4 E4B as a model designed for edge devices including laptops, with long context and an Apache 2.0 license.
That matters because private-by-default software only works if the private path is the normal path.
If the local version is too slow, people will bypass it.
If it is too weak, teams will not trust it.
If it only works online, it is not really local.
Weeve's job is to make the private path good enough that you do not need the other one.
What this means for you
If you advise clients, the conversation you are protecting is not sitting in another company's AI pipeline.
If you work with legal, medical, HR or financial topics, you are not adding a new meeting-content vendor just to get a summary.
If you are the person responsible for security, the question is simpler: Weeve does not receive the meeting content.
That does not remove every responsibility. You still need consent where recording rules require it. You still need to handle your own device and files carefully.
But the core privacy promise is straightforward.
Your meeting content stays on your laptop.
That is not a slogan.
It is the product decision we keep making.
Sources
National Cyber Security Centre: Cloud Security Principle 8, Supply chain security
European Commission: How much data can be collected?
The Verge: Anyone with a link can view your Granola notes by default
