Privacy Policy
Cue is built local-first. Audio is never uploaded. Transcripts are encrypted on your device. Here's exactly what Cue does — and doesn't do — with your data.
Cue runs on your machine. Audio is transcribed on-device and never sent to a cloud transcription service. Transcripts are stored locally in an encrypted database. The only data that leaves your machine is what you explicitly authorize — AI queries to your chosen provider, and read-only access to calendar and knowledge base sources you connect.
Effective May 7, 2026 · Version 1.0
Everything below is created and stored on your machine only. None of it is transmitted to WillowTree servers.
| Data | What it is | Where it's stored |
|---|---|---|
| Meeting audio | Microphone and system audio captured during a session | In memory only — never written to disk |
| Transcripts | Text generated from your meeting audio via on-device speech recognition (Apple SFSpeechRecognizer) | Encrypted SQLite database in ~/Library/Application Support/cue-notetaker/ |
| Chat history | Questions you asked and AI responses during a meeting | Same encrypted database, scoped to each meeting |
| Meeting summaries | Structured summaries generated at your request | SQLite database; optionally exported to ~/Documents/ as Markdown if you enable auto-export in Settings |
| Knowledge Base | Indexed chunks from directories you connect | SQLite database (vector index) |
| Settings & API keys | Your preferences, connected account tokens, and API keys | Settings file and macOS Keychain (encrypted via safeStorage) |
Cue makes network requests only for the following purposes, and only when you have configured and authorized the relevant integration.
| Purpose | Where it goes | What's sent |
|---|---|---|
| AI answers | Your chosen LLM provider — FuelIX (default), Anthropic, OpenAI, Gemini, or local Ollama | Your question, relevant transcript context, and relevant Knowledge Base excerpts. No audio is ever sent. |
| Google Calendar sync | Google Calendar API | OAuth token for read-only access to your calendar events and attendee metadata |
| Atlassian knowledge | Your organization's Atlassian instance | Search queries when you have connected Atlassian as a knowledge source |
| GitHub knowledge | GitHub API | Read-only repository content queries when you have connected GitHub as a knowledge source |
| Auto-updates | GitHub Releases | Version check request only — no user data transmitted |
| In-app feedback | WillowTree Slack (webhook) | The feedback text you write and voluntarily submit |
LLM providers receive meeting content. When you ask a question during a meeting, relevant transcript text is sent to your configured AI provider as part of the query. Review your AI provider's privacy policy to understand how they handle this data. Use Ollama (local) to keep all AI processing on-device with zero network traffic.
By default, transcription uses Apple's on-device SFSpeechRecognizer — no audio leaves your machine. An opt-in cloud transcription mode is available in Settings for users who prioritize accuracy. If you enable it, audio is sent to Apple's cloud transcription service and is subject to Apple's privacy policy. This mode is explicitly labeled in Settings and off by default.
Cue labels speakers within a single meeting ("Speaker A / Speaker B") using on-device processing. Labels are scoped to that meeting only. Cue does not build voice profiles, voiceprints, or cross-meeting speaker identity records. See the voice data policy for full technical detail.
Cue retains data for as long as you find it useful — there is no automatic expiry. The full retention schedule is in the Data Retention Policy.
Open the Meeting Library and delete the meeting record. This cascades to its transcript, chat history, and summary in the database.
~/Library/Application Support/cue-notetaker/ — removes the database, encryption key, and settings.cue-notetaker entries — removes stored OAuth tokens and API keys.~/Documents/ manually.Go to Settings and disconnect the integration. This revokes Cue's access token for that service going forward.
Cue records meeting audio on your device. You are responsible for informing all meeting participants that the meeting is being recorded. Recording laws vary by jurisdiction — some require the consent of all parties. Cue presents this requirement during onboarding and before each meeting. By using Cue to record a meeting, you represent that you have obtained any legally required consent from participants.
If we make material changes — particularly to what data is transmitted off-device or which third parties receive it — we will update the effective date above and notify active users via release notes or the in-app feedback channel.
Questions about this policy: [email protected]
To report a security issue, use the private GitHub Security Advisory channel — do not file a public issue.