Onit runs entirely on your device. No cloud. No remote servers. Here's exactly what that means for your data.
TL;DR
Audio & transcripts never leave your device
Export or permanently delete anytime
Optional analytics - default Off for Enterprise
Your data trains no one else's model
Security
Safety beyond badges
Certifications like SOC 2 exists to audit how a company protects data flowing through its servers. Onit doesn't have that server. Your audio is processed entirely on your computer/phone and never transmitted anywhere. This means:
No database to breach
No API handling your transcripts
No infrastructure in the threat model these certifications are built to check.
Where processing happens
100% Local
Speech-to-text runs locally on your device using on-device models (e.g. Parakeet v3). Post-transcription processing (e.g. Smart Cleanup) uses a custom-built local model. Nothing is sent to a server to be transcribed or processed. Your computer/phone does the work. If you're offline, Onit still works.
Encryption at rest
Transcripts and recordings stored on your device are protected by any built-in encryption (e.g. Mac's FileVault). Onit doesn't add a separate remote backup layer, because nothing leaves the device to back up in the first place.
Authentication
Opt in
SSO Planned
Onit doesn't currently require an account to use. SSO support for enterprise deployments is on our roadmap.
Updates & patching
Onit ships updates directly through the app. We recommend keeping automatic updates on so you're always running the latest security and model improvements.
Privacy
Analytics
Individuals: opt in
Enterprise: off
We collect basic usage analytics (which features you use, not what you say) through PostHog, linked to your email address if you use Onit with an account. This helps us prioritize what to build next and detect any issues. You can opt out anytime on the free individual plan. Analytics is disabled for Enterprise.
Requesting transcript fix
Individuals: opt in
Enterprise: off
You can manually request a fix for transcript mistakes from the correction flow. When requesting a fix, your selected recording and transcript is sent to us so we can fix the issue and improve future transcription. This only happens when you choose share a correction. Recordings or transcripts are never sent to us automatically.
Export your transcripts
Export your transcripts from Settings at any time. Your data, your choice!
Delete forever
Deleting a transcript in Onit removes it permanently from your device. There's no remote copy to fall back on so once it's gone, it's gone.
Read the full Privacy Policy ->
GDPR
Onit Inc. is based in the US, California. Because transcription happens entirely on your device, little to no personal data is transmitted to or processed on our servers during normal use, which significantly limits our footprint as a data processor.
For analytics and correction-flow submissions (both features disabled for Enterprise), we act as the data controller. You can request access to, export of, or deletion of your data, in line with your rights as a data subject (most of which you can already do yourself from within the app).
Frequent questions
Do my recordings and transcripts ever leave my device?
No — by default, everything stays on the device it was created on. The one exception is if you manually submit a correction request, which sends just that specific clip to us so we can fix it.
What security certifications do you have?
None yet, by design rather than by gap — certifications like SOC 2 exist to audit how a company protects data flowing through its servers, and Onit doesn't have a server in that loop. As we build out enterprise infrastructure (accounts, admin controls), we'll pursue the certifications relevant to that infrastructure specifically.
Are you HIPAA compliant?
Not yet, and we won't claim it until it's formally in place. Local processing removes a lot of the risk HIPAA is designed to manage (no PHI transmitted or stored on our servers), but compliance is a checklist your organization should walk through with us directly — reach out if this is a requirement for your evaluation.
Do you collect analytics?
Yes for individuals but not for Enterprise users. This includes basic usage analytics (which features you use, not what you say) via PostHog, linked to your email. You can opt out anytime in Settings
Do you sell any data?
No. We don't sell, rent, or share your data with third parties for advertising or any other purpose.
Do you train any models with my data?
Only your local model, and only if you choose to use the correction flow — that data improves the model running on your device, never a model anyone else uses. We don't train shared or remote models on user data.