Privacy·Last updated 2026-05-16

The privacy architecture.

Olinra was built around a single bet: that a generation of European professionals will choose a dictation tool that does not route their voice through Silicon Valley.

European law firms, hospitals, research institutes, public agencies, and an awful lot of indie founders cannot legally send client audio to US-controlled AI providers. The promises below are not marketing language. They are invariants enforced in the code.

Why we built it this way

The architecture

The seven non-negotiables.

Each card below is a promise the codebase keeps. Break any one of them and the brand is over.

Raw audio is never persisted server-side.

Your microphone bytes stream straight into the Voxtral request body and are discarded the moment the response arrives. No buffering to disk, no copy in S3, no warm cache.

Raw transcripts are never persisted server-side.

The transcript exists for a few hundred milliseconds in memory while we run the cleanup pass, then it is dropped. We never write it to a database.

Final polished text is never persisted server-side by default.

Your client receives the polished text and pastes it where the cursor is. The server keeps no copy.

Logs contain metadata only.

We log user ID, organization ID, latency, word count, model name, success or failure. Pino redaction strips any field that could leak content.

All inference traffic stays in the EU.

We call Mistral on EU endpoints. If Mistral ever exposes a US-only model, we will not use it. Period.

No US AI subprocessors.

No OpenAI, no Anthropic, no Google AI. The wedge is structural, not aspirational.

Local history is opt-in and encrypted at rest.

When you enable the dictation history, it lives on your machine only, encrypted with AES-256-GCM, key stored in your OS keychain. Lose the keychain entry and the history becomes unreadable.

The routing

Where your voice goes.

The complete path your dictation takes, from microphone to clipboard. Every hop, every region.

Your voice

microphone
Olinra API

Frankfurt
Voxtral + Mistral

EU endpoints
Your clipboard

on-device

What never touches your data

OpenAIAnthropicGoogle AI

The receipts

Subprocessors.

The complete list of third parties that touch any byte of your data. We update this page in lockstep with any change.

Mistral (Voxtral + chat)

EU endpoints

Purpose: Audio transcription and text polishing
Data touched: Audio bytes (in-flight only), raw transcript (in-memory only)

Supabase

eu-central-1 (Frankfurt)

Purpose: Authentication and user metadata
Data touched: Email, hashed password, OAuth tokens, user ID

Hetzner

nbg1 (Nuremberg)

Purpose: API server hosting
Data touched: API server processes, metadata-only logs (no audio, no transcript, no final text)

Stripe

EU + US (Data Processing Addendum in place)

Purpose: Subscription billing
Data touched: Billing identity, payment method (card data never touches our servers)

Cloudflare Pages

Edge CDN

Purpose: Static website hosting (this site)
Data touched: Static HTML, CSS, JS only. No user data.

Opt-in

Local history.

Olinra can keep a local history of your dictations so you can copy or retry a past take. This is opt-in, off by default, and stored only on your machine. We encrypt the contents with AES-256-GCM using a key in your operating system keychain. The server side has no access and no copy.

Data controls

What you control.

The levers we hand you, in the app and in writing.

·

Local history

Off by default. Toggle in Settings, Privacy. Turn it back off any time and the encrypted history is wiped from your machine.
·

Account

Change name and email in Settings, Account. Cancel your subscription in the customer portal we link from Settings, Plans. Delete the account by emailing [email protected] .
·

GDPR rights

Request access, deletion, rectification, or portability of your account data at [email protected] .

Contact

Questions about how we handle your data.

Reach legal at [email protected] .