Skip to content
Soufflia

Security and privacy

Privacy isn't an option, it's the starting point.

Soufflia is built for fields where your conversations are nobody's business but yours.

Local-first

The essentials happen on your machine. Soufflia sends nothing to the cloud without a clear reason and your consent.

Processed in Europe

When remote processing is needed, it happens in Europe, under GDPR. No opaque transfer outside the EU.

No resale

Your conversations feed no third-party model and are never resold. Your subscription funds the service, full stop.

Where your data goes

Your data's journey, in plain terms.

Diagram: your data stays on your machine, remote processing happens in Europe.
Step 1

Captured on your Mac

Both voices are captured locally, separately, for the duration of the meeting.

Step 2

Processed as close as possible

Transcription and suggestions run local-first; remote AI processing, in Europe, only happens with your consent.

Step 3

You stay in control

Nothing is resold. You can export or delete your data at any time.

Compliance

Compliant by design.

GDPR

Clear legal basis, participant information, limited retention, and rights of access, rectification and erasure respected.

EU AI Act (art. 50)

Applicable on 2 August 2026: transparency about AI-generated content. Soufflia is built for disclosure, not stealth.

Consent to recording

We help you inform your counterparts. No stealth mode: transparency is a design choice, and a trust argument.

Technical security

The details that matter.

  • Secrets stored in the macOS Keychain, never in plain text.
  • Encryption of data in transit and at rest.
  • Export and delete your data in one gesture.
  • No bot joins the call: your counterparts see nothing.

Security FAQ

Your questions about privacy.

Soufflia is local-first: the essentials happen on your machine. When remote processing is needed, it happens in Europe, and nothing is resold.

Processing happens as close to your machine as possible. Fully on-device transcription (on-device STT) is on our roadmap, to further reduce latency and strengthen privacy.

No. Soufflia is built for transparency and helps you gather consent. See our consent guide.

Yes, at any time, from the app. Deletion is permanent.

Yes, a data processing agreement (DPA) is available for teams. Contact us.

Live help, no compromise on your data.

Download free

Local-first. GDPR-compliant. 7-day trial, no card.