Trust

Security and privacy explained by data flow.

See what can stay local, what may use managed providers, and how plan, provider, region, and platform status affect each workflow.

This page is maintained by the AIspeaky team. It describes app-visible controls — it is not an independent certification.
Data flow

Three lanes. Pick one to inspect.

Each lane is independent. Switching from local to managed is per-session and never silent.

Local lane — dictation & insertion

Verified

Default path. Audio is captured, recognized, and inserted on-device.

  1. Step 1MicrophonePush-to-talk or wake phrase, captured locally.
  2. Step 2Local modelSpeech-to-text runs on your CPU/GPU.
  3. Step 3InsertionText inserted into the focused app.
Privacy: Audio and recognized text do not leave the device. No account required to use this lane.
Default posture

What can stay local.

Without an account, without internet, with no audio leaving your machine.

Dictation & insertion

The whole baseline workflow runs on-device.

Permissions & app rules

Stored locally, never synced unless you sign in.

Command-mode audit log

Every fired command is logged on-device for your review.

When the boundary is crossed

Managed accuracy and command mode have explicit rules.

Both are opt-in. Neither activates without your action.

Managed recognition / translation

  • Per-session toggle, off by default after each restart.
  • Audio in transit is TLS-encrypted; provider is named in app settings.
  • Provider and region surface in the in-app status pill while active.

Command-mode boundary

  • Permission granted per app, never globally.
  • Action catalog is published; no hidden commands.
  • Revocable from a single screen, with on-device audit log.
Entitlements & usage

A plan grants entitlement — not platform availability.

Two separate decisions. Always run the compatibility checker for your machine.

Entitlement

What your plan unlocks: managed accuracy, translation pairs, command mode, allowances. See pricing for the matrix.

Availability

What actually works on your OS, display server, and target apps. We publish status per capability.

What we don't promise

The honest disclaimers, not the small print.

Placed here on purpose — after the value and the data-flow explanation, before the legal links.

No SOC 2, ISO 27001, HIPAA, GDPR-compliance, or PCI badges on this page. When we earn one we'll publish the auditor and scope.
Open verification

What we know isn't fully verified yet.

Listed because we'd rather be transparent than imply parity.

  • Wayland command-mode coveragePending verification run.
    Needs test
  • Third-party translation provider auditInternal review complete; external pending.
    Limited
  • Per-region data residency controlsNot in v1. Roadmap item.
    Unsupported
  • Per-team usage audit exportCSV export, no API yet.
    Limited
Reporting & legal

How to reach us, and where the legal text lives.

Report a vulnerability

Send security reports to security@aispeaky.app. We acknowledge within two business days and publish a summary once the fix ships.

Legal

Terms of service, privacy policy, and the subprocessor list ship with the installer and are linked in the app's About panel. Customer-facing changes are versioned with the release notes.