Synopsule Privacy Review: Safe for Client Meeting Notes? — AI tool privacy review for freelancers

Synopsule Privacy Review: Safe for Client Meeting Notes?

Synopsule Privacy Review: Safe for Client Meeting Notes?

Short answer: Synopsule keeps your meeting audio and transcripts on your Mac or iPhone and never uploads the recording itself, which is a genuinely strong setup for client work — but our verdict is USE WITH CAUTION, because the optional AI-summary feature does send your transcript text off the device to OpenAI (or another provider you pick), and usage analytics are switched on until you turn them off. As of June 2026, with the privacy policy reviewed June 16 2026, the on-device core is one of the better privacy postures we have seen for a transcription app — the caution is entirely about the two places where data can leave. If you record client calls, contracts discussions, or anything covered by an NDA, the difference between “stays on device” and “sent for a summary” is the difference that matters. This review walks through where your data actually goes, and how to keep the sensitive parts local.

What Synopsule does with your data

Privacy dimensionSynopsule’s answer (per policy, June 2026)
Trains on your data?No — no model training on your content stated
Audio uploaded?Never; recording stays on your device
Transcript leaves device?Only if you opt in to an AI summary
Usage analyticsOn by default (Mixpanel), opt-out in settings
Third-party sharingOnly OpenAI/Anthropic/Gemini on summary requests
Data retentionLocal files you delete; no developer copy kept
Account required?No account, no sign-up

Synopsule is a paid Mac and iPhone app that records a conversation, turns it into a labelled transcript, and can optionally write a summary. The design choice that sets it apart is location: transcription runs locally using an on-device speech model, and the raw audio is held only on the machine that captured it. According to Synopsule’s privacy policy (retrieved 2026-06-16, effective 2026-05-27), the developer states it does not collect, store, or receive your personal content, and no account is needed to use the core features.

Where data is stored: recordings, transcripts, titles, speaker labels, and your own notes all sit in the app’s local storage. If you supply your own large-language-model API key, that key is held in your device Keychain with encryption at rest, and the policy says the developer never sees it. The only material that travels by default is anonymous product telemetry sent to Mixpanel — event names like “recording started” plus coarse signals such as app version, operating-system version, and recording duration. The policy is explicit that this stream excludes audio, transcript text, file names, your name, email, or any advertising identifier, and it can be switched off entirely. Retention is simple: there is no cloud copy on the developer’s side to delete, so removing a recording in the app’s library, or uninstalling, clears the data from your device.

Who can access your content matters as much as where it sits. On the core workflow, the answer is short: only you, on the device that did the recording. There is no shared workspace, no team dashboard, and no vendor support tier that can open a stored transcript, because the developer holds no copy. That is a meaningfully different access model from the typical cloud notetaker, where a bot joins the call, the recording lands in a vendor account, and support staff or a future policy change could in principle reach it. Synopsule also documents a small set of outbound connections beyond summaries: a one-time download of the on-device transcription model from Hugging Face, and an App Store receipt check that sends a signed transaction token — not your name or payment details — to confirm a paid subscription. Apple, not Synopsule, processes the payment itself. None of these touchpoints carry your conversation content, which keeps the data map tight and easy to reason about before you ever record a client.

What this means for solo freelancers

If you record a kickoff call with a client and never touch the summary button, your transcript and audio stay on your laptop — a posture that maps cleanly to how we vet privacy claims in our review methodology. The risk surface opens in three specific places.

Scenario one: the AI summary. The moment you ask for a summary, the transcript text for that session is sent off the device. With a bring-your-own key, it goes straight to OpenAI, Anthropic, or Google Gemini under your own account; on a paid subscription, it routes through Synopsule’s Cloudflare-hosted worker and on to OpenAI. Either way, that client conversation now lives, however briefly, on a third party’s servers under that provider’s terms — not Synopsule’s. Based on the policy as written, summarizing a transcript that names a client, quotes contract figures, or discusses confidential strategy carries the same third-party exposure risk as pasting that text into ChatGPT directly.

Scenario two: recording the other side. On a Mac, Synopsule can capture system audio, which means it records the people on the call, not just you. The policy puts the consent obligation on you. Based on the policy as written, recording a client without their agreement carries legal and relationship risk that varies by jurisdiction — the app reminds you, but it does not obtain consent for you.

Scenario three: default analytics. The Mixpanel telemetry is harmless in content terms — no transcript, no audio — but it is on until you opt out. For a freelancer who promises a client “nothing leaves my machine,” shipping even anonymous event data without flipping that switch first is a small gap between your claim and the default reality.

For most solo workers, the practical takeaway is that Synopsule rewards a little setup discipline. A consultant recording discovery calls, a copywriter capturing a creative brief, or a virtual assistant logging a client meeting all benefit from the same rule of thumb: the recording itself is low-risk because it never leaves the laptop, while the summary is the moment to slow down. If your client relationship is governed by a data-processing clause or an NDA, treat the AI summary as an external transfer and decide deliberately whether it belongs in your workflow at all. The good news is that the safe path is also the simple path — turning off one setting and skipping one button keeps the entire session local, with no loss of the core transcription and speaker-labelling features you bought the app for.

How to use Synopsule safely

  • Turn off analytics first. Open Settings, then Privacy, and switch off “Share anonymous analytics” before your first real client recording. The policy says queued events are cleared immediately.
  • Keep summaries off for sensitive sessions. If a transcript contains client names, NDA material, or financial detail, do not press Summarize. The recording and transcript keep working fully offline without it.
  • If you do summarize, bring your own key. A bring-your-own OpenAI or Anthropic key keeps the request under your own provider account and terms, rather than routing through the subscription worker — and lets you set retention controls in that provider’s dashboard.
  • Redact before summarizing. Strip client names and figures from the transcript text before generating an AI summary, so the off-device copy is de-identified.
  • Get consent on the record. Before enabling Mac system audio on a client call, state that you are recording and note their agreement — the app reminds you, but the responsibility is yours.
  • Delete when the job ends. Clear recordings from the app library, and on Mac remove the application support folder, once a project’s notes are no longer needed.

Privacy-friendlier alternatives

Synopsule is already one of the more privacy-respecting transcription options because of its on-device default. The alternatives below either remove the third-party summary path entirely or pair your transcription workflow with broader privacy tooling for the rest of your client stack.

  • Fully local Whisper (open-source, free). What it gives you that Synopsule’s summary path doesn’t: zero off-device exposure, because transcription and any LLM summarization run on hardware you control. Pricing band: free, plus your own compute. Best for: technical freelancers comfortable running a local model who never want transcript text to touch a vendor API.
  • Proton Drive (proton.me). What it gives you that a transcription app doesn’t: end-to-end encrypted storage for the transcripts and client files you keep after the call, so the archive is encrypted at rest under your key. Pricing band: free tier, paid plans roughly 4–10 USD per month. Best for: solo workers who want their saved notes and deliverables encrypted, not just their recordings kept local.
  • Bitwarden (bitwarden.com). What it gives you that Synopsule doesn’t: a secure place for the API keys and provider logins you accumulate once you start wiring transcription into OpenAI or Anthropic, instead of leaving them loose. Pricing band: free for individuals, premium around 10 USD per year. Best for: any freelancer juggling multiple AI-provider keys.

None of these replace Synopsule one-for-one, because its on-device transcription is already the privacy feature you would otherwise have to build yourself. The point of the stack is to close the two gaps the verdict flags: keep the summary step under your control with a local model or your own provider key, and protect the saved output with encrypted storage and a proper key manager. A freelancer who pairs Synopsule’s local recording with encrypted note storage and disciplined key handling ends up with a transcription workflow that is genuinely defensible to a privacy-conscious client — which is more than can be said for most cloud notetakers that ship audio to a server before you have finished saying hello.

The verdict

ATP Privacy-Vetted: USE WITH CAUTION

Our verdict on Synopsule is USE WITH CAUTION for client work. The on-device transcription core is genuinely strong — audio never leaves your machine and no account is required — but two defaults pull it back from a clean pass: usage analytics ship until you opt out, and the AI-summary feature sends client transcript text to a third-party provider. Used with analytics off and summaries kept local on sensitive calls, it is one of the safer choices in its category; used out of the box on confidential recordings, it leaks more than its “on-device” headline suggests.

Frequently asked questions

Does Synopsule train AI on my recordings?

Based on the policy as written, no — there is no statement that your audio, transcripts, or summaries are used to train any model. Transcription runs on-device, and the only content that leaves your machine is transcript text you explicitly send for an AI summary, which is then governed by that provider’s own terms rather than Synopsule’s.

Is Synopsule safe for confidential client conversations?

It can be, if you keep summaries off and analytics disabled. The recording and transcript stay on your device by default, so a confidential call never reaches a server. The risk appears only when you generate an AI summary, which sends that transcript text to a third-party model, so for the most sensitive sessions the safest path is to skip the summary entirely.

Does Synopsule collect my personal data?

The policy states the developer does not receive your name, email, audio, or transcript text. The one default stream is anonymous Mixpanel telemetry — event names and coarse device signals with a random identifier — which carries no content and can be switched off in the privacy settings. No account is needed to use the app.

Is Synopsule GDPR-friendly for EU client work?

Based on the policy as written, the local-first design means most processing happens on your own device, which reduces the data you transfer. The point to watch is the AI-summary path: sending an EU client’s transcript to OpenAI or another provider is a third-party transfer you, as the freelancer, would need to account for in your own data-handling commitments. Keeping summaries local avoids that question.

Can I stop my transcripts from ever leaving my device?

Yes. The transcript leaves only when you press Summarize, so simply not using AI summaries keeps everything local. You can also reset the AI consent in the app’s Intelligence settings, which forces a fresh permission prompt before any future off-device summary, and disable the Mixpanel analytics so that even anonymous event data stays put.

Sources

  • Synopsule Privacy Policy — https://synopsule.com/privacy/ (retrieved 2026-06-16, effective 2026-05-27)
  • Synopsule product site — https://synopsule.com (retrieved 2026-06-16)
  • Synopsule on Product Hunt — https://www.producthunt.com/products/synopsule (launch 2026-06-11)

Reviewed by Jérémy, founder of AidTaskPro and GreenBudgetHub. Based in central France. Privacy posture sourced from public policies and vendor documentation as of 2026-06-16.

[INTERNAL_LINK_TO_CLUSTER_ai-privacy-reviews] [INTERNAL_LINK_TO_CLUSTER_ai-privacy-reviews]

Get Your Free Cybersecurity Checklist

Protect your digital life in 5 minutes. Free checklist + weekly productivity & security tips.

Similar Posts