Your complete guide to configuring Hedy for your privacy comfort level. Learn how each setting affects your data, and find the right configuration for attorneys, healthcare providers, coaches, and other privacy-conscious professionals.
Most AI meeting tools ask you to trust them with your conversations. Hedy takes a different approach: you decide exactly how much data leaves your device.
This guide walks through every privacy-relevant setting in Hedy, explains what each one does, and helps you choose the right configuration for your situation—whether you're handling sensitive client conversations or just want the full AI coaching experience.
Unlike cloud-first transcription tools, Hedy starts with local speech recognition and lets you control which additional features you enable. While most AI meeting assistants require your audio to leave your device for transcription, Hedy's on-device speech recognition means your conversation audio stays private by default.
When you do use AI features like summaries and coaching, your data is processed transiently—used to generate your insights, then discarded. No storage, no training, no retention.
Hedy is built on a foundation of local-first processing. Here's what that means:
Some AI features are enabled by default to give new users the full Hedy experience:
If you want maximum privacy, you'll need to adjust a few settings. This guide shows you exactly what to change and why.
Important note for web users: The web version at web.hedy.ai always requires cloud sync since there's no local storage available in browsers. If you need fully local operation, use the native iOS, Android, macOS, or Windows apps.
Default: Off
This setting saves the actual audio from your conversations.
What it does: Stores a complete audio file of your session on your device. You can enable this per-session or set it as your default.
Privacy considerations: Audio recordings contain voice biometrics—unique identifiers that can identify individuals. Under GDPR, this qualifies as sensitive personal data (Article 9). These recordings are stored locally on your device and never uploaded to the cloud unless you explicitly share them.
When to enable: When you need to verify transcripts against original audio, or when regulations require you to retain recordings.
When to keep off: Client conversations involving confidential information, healthcare discussions, any situation where participants haven't explicitly consented to recording.
Default: Off on native apps, Always On for web
This setting syncs your sessions across devices.
What it does: Uploads your transcripts, summaries, and session data to secure cloud servers. This allows you to start a session on your phone and review it on your desktop.
Privacy considerations: Your data is stored on servers protected by AES-256 encryption at rest and TLS 1.3 for data in transit. Our cloud infrastructure is certified under the EU-US Data Privacy Framework, providing legal protections for EU residents.
Platform note: On the web version (web.hedy.ai), cloud sync is always enabled because browsers don't provide persistent local storage. If you require fully local operation, use the native mobile or desktop apps.
When to enable: When you regularly switch between devices, work with a team, or want backup protection for your session data.
When to keep off: If you're a professional bound by strict confidentiality requirements (attorneys, healthcare providers), or if your organization prohibits US-based cloud storage.
Default: On (Selective mode)
This setting enables real-time AI insights during your conversations.
What it does: Sends portions of your conversation to AI services for analysis, which then return suggestions, questions, and insights. In Selective mode, suggestions appear periodically when Hedy identifies high-value moments.
Privacy considerations: Data is sent anonymously to our AI processing partners and is not stored or used for training. Cloud analysis happens in memory and is not retained after processing.
Frequency options:
When to enable: When you want Hedy's coaching capabilities—smart follow-up questions, strategic suggestions, real-time guidance.
When to disable: Conversations involving highly classified information, trade secrets, or situations where any external data transmission is prohibited.
To disable: Go to Meeting Settings and set Suggestion Frequency to "Off."
Always On (Core Feature)
Hedy automatically generates intelligent summaries after your sessions.
What it does: Processes your transcript through AI to generate summaries, key points, action items, and detailed notes. This is a core part of how Hedy works and cannot be disabled.
Privacy considerations: Transcript data is processed transiently—used to generate your summary, then discarded. The generated summary is stored according to your cloud sync settings (locally or in the cloud).
Why it's always on: AI-generated summaries are fundamental to Hedy's value—turning your conversations into actionable insights. The transient processing model ensures your data isn't retained by AI providers while still delivering the intelligence you need.
Default: Off
This setting emails your meeting summary automatically.
What it does: Sends your AI-generated summary to your email address (and optionally to other recipients) when a session ends.
Privacy considerations: Email travels through multiple servers and may be stored by email providers according to their retention policies. Consider whether the summary contents are appropriate for email delivery.
When to enable: For routine meetings where you want immediate access to summaries, or when you need to share summaries with team members quickly.
When to keep off: Sessions involving personal data, health information, financial details, or any content you'd prefer to keep out of email archives.
Tip: You can generate summaries in-app without enabling email delivery, then share them manually when appropriate.
Default: Off (local transcription via on-device model)
This setting uses cloud services for transcription instead of on-device processing.
What it does: Sends your audio to cloud services for transcription. This can provide higher accuracy, especially for non-English languages or specialized terminology.
Privacy considerations: Your audio is processed by the selected provider according to their data handling practices. You can bring your own API keys to route through your existing enterprise agreements.
When to enable: When you need maximum transcription accuracy, or work primarily in languages where on-device recognition struggles.
When to keep off: When local processing meets your accuracy needs, or when audio transmission is prohibited by your organization or professional obligations.
Note: The web version cannot perform local transcription, so cloud transcription is required for web users.
Requires: Pro subscription + Cloud Sync enabled
This setting lets you share sessions with others.
What it does: Generates shareable links or email invitations that give others access to specific sessions or topics.
Privacy considerations: You're extending access to your conversation data to the people you invite. They'll be able to view the shared content from their own devices.
When to enable: Collaboration with colleagues, sharing meeting notes with clients, team knowledge management.
When to keep off: Sessions containing information that should remain strictly confidential to you.
Requires: Pro subscription + Cloud Sync enabled
This setting enables programmatic access to your Hedy data.
What it does: Allows external tools (like Zapier or workflow automation platforms) to access your sessions, summaries, and to-dos. Webhooks can notify external systems when sessions complete or highlights are created.
Privacy considerations: Your Hedy data flows to whatever systems you connect. Webhooks are cryptographically signed so you can verify requests actually came from Hedy.
When to enable: Workflow automation—automatically creating tasks in your project management tool, logging meetings to your CRM, triggering follow-up sequences.
When to keep off: If you haven't evaluated the security of connected systems, or if your data governance policies restrict automated data flows.
Client confidentiality is non-negotiable. Hedy's on-device speech recognition means your conversation audio never leaves your device for transcription. While AI features like summaries do require transient cloud processing, this data is processed anonymously and discarded immediately—no storage, no retention, no discovery risk from stored data on external servers.
For maximum discretion, disable cloud sync to keep transcripts and summaries stored only on your device. Always verify compliance with your bar association's specific technology guidelines.
Medical conversations require extra protection. With HIPAA certification expected Q1 2026, Hedy is building toward healthcare-grade compliance. The on-device transcription keeps your audio local, and transient AI processing ensures conversation data isn't retained by our providers.
For patients recording their own appointments, Hedy helps you capture important medical information without your audio being stored in the cloud—just remember to get your provider's consent before recording.
Client trust depends on discretion. Hedy lets you capture detailed session notes and action items while keeping your audio local. AI-generated summaries help you follow up effectively, and you control whether transcripts stay on your device or sync across your devices.
For your most sensitive client engagements, disable cloud sync to ensure session records remain solely on your device.
Fiduciary conversations demand security. Hedy's local speech recognition keeps client audio off external servers, while transient AI processing means your conversation content isn't stored by third parties. Disable cloud sync for client meetings involving sensitive financial details, or enable it selectively for internal team discussions.
Source protection matters. Hedy's on-device transcription means interview audio stays on your device. Disable cloud sync for sensitive source conversations, or use it selectively when the content doesn't require confidentiality. AI-generated summaries can help you identify key quotes and themes without manual review of hours of recordings.
For attorneys, healthcare professionals, financial advisors, or anyone handling confidential information:
What you get: Local transcription with on-device speech recognition. Your audio never leaves your device, and transcripts are stored only locally. AI summaries are generated via transient cloud processing (data is not stored).
Important: This configuration is only available on native apps (iOS, Android, macOS, Windows). The web version cannot operate in this mode.
To configure: Disable cloud sync, then go to Meeting Settings and set Suggestion Frequency to "Off."
For typical business meetings, sales calls, and team collaboration:
What you get: Full AI coaching and cross-device access. Your data is protected by agreements preventing AI training, encrypted cloud storage, and the EU-US Data Privacy Framework.
For individual learning, personal note-taking, or situations without confidentiality constraints:
What you get: Everything Hedy offers—real-time coaching, automated workflows, maximum transcription accuracy, full cross-device experience.
Beyond the main settings, a few choices can strengthen your overall security:
Logging in with Google or Apple provides two-factor authentication by default. This is more secure than email/password login and protects your account if your password is compromised elsewhere.
Found in your account settings under Privacy, this option disables marketing attribution tracking and sets GDPR mode for API requests.
If you've connected Hedy to automation tools, periodically review what's connected. Remove integrations you no longer use.
Decide how long you need to keep sessions and delete older ones regularly. Hedy doesn't impose retention limits—that's your choice—but data minimization is a good privacy practice.
Regardless of which features you enable, certain protections are always active:
Yes. Hedy provides Data Processing Agreements, Standard Contractual Clauses, and technical measures to support GDPR compliance. Full documentation is available in our Trust Center.
Hedy's speech recognition runs on-device, so transcription works without an internet connection. However, AI features like summaries and live coaching require transient cloud processing. Your audio stays local; only transcript excerpts are sent for AI analysis when those features are enabled.
No. Your conversations are never used to train AI models unless you explicitly opt into a feature that requires such processing. We have strict agreements with all AI providers prohibiting training on user data.
Hedy's on-device transcription keeps your audio local, and AI processing is transient with no data retention. With cloud sync disabled, your transcripts remain only on your device. This configuration may be suitable for privileged communications—always verify with your bar association's specific technology guidelines.
Unlike cloud-first tools, Hedy's default speech recognition runs entirely on your device—your audio never leaves your phone or computer for transcription. You choose whether to enable cloud features like sync and sharing. Otter.ai processes audio in the cloud by default.
Yes, with appropriate configuration. Hedy's on-device transcription keeps session audio local, and AI processing is transient. With cloud sync disabled, session records remain only on your device. Always verify compliance with your licensing board's requirements and obtain proper client consent before recording.
Audio recordings: Only on your device (if you enable recording)
Transcripts and summaries: On your device by default. If you enable cloud sync, also stored in encrypted cloud storage.
Account data: Encrypted in cloud data centers certified under the EU-US Data Privacy Framework.
Go to Account Settings then Delete Account. All your session data on our servers will be permanently removed within 30 days. Local data on your devices can be removed by deleting the app.
The right configuration depends on your situation:
Hedy gives you the controls. You make the call.
If you're unsure which configuration fits your situation, our support team can help you think through the options. We'd rather you use Hedy confidently with fewer features than feel uncertain about your setup.
For organizations requiring formal compliance verification, our GDPR documentation is complete and available in the Trust Center. SOC2 Type II and HIPAA certifications are expected in Q1 2026.
Hedy is designed to make you brilliant in every conversation—and you get to decide exactly how it works for you.
