Draft — not yet in effect. This is a working draft, published early because we would rather show you the draft than show you nothing. It is pending review by our attorney, has no effective date, and is not yet a binding document. A few details are still to be settled and appear below as “to be specified” — the dispute forum and our registered address. One thing is not provisional: the factual descriptions of how the app handles your data are accurate today. When the reviewed version is published, it will appear here with an effective date and a summary of what changed.

Privacy Policy

Privacy Policy (draft)

Effective date: none yet — this draft is not in effect.

Last updated: July 18, 2026 (draft)

This Privacy Policy explains how NoteGenerator — a Mac application published by Modi Labs LLC(“Modi Labs”, “we”, “us”) — and the NoteGenerator.com website handle information. It is written to be read, not skimmed: because of how the app is built, the most important facts fit in a paragraph, and the rest of this policy is us being precise about the details.

One principle runs through this policy and our Terms of Service alike, and we state it plainly rather than bury it: NoteGenerator is a tool that runs on your computer, under your control. That design is why your content is private from us — and it is also why the security of your Mac, the backup of your notes, the legality of your recordings, and the review of what the AI writes are your responsibility, not ours. We keep your content out of our hands; what happens in yours is up to you.

The short version

This box summarizes the policy; the full text below governs, but both say the same thing.

  • Your words never leave your Mac. Recordings, transcripts, and notes are created, processed, and stored on your own device, encrypted at rest. We never receive them and cannot read them — we hold no copy to lose, sell, or hand over to anyone.
  • No account. No analytics. No trackers. There is nothing to sign up for, and the app contains no analytics, advertising, tracking, or crash-reporting code.
  • The app touches the network in only four narrow ways, and none of them carries your content: downloads of the on-device AI model files (from a third-party host, Hugging Face — software coming to your Mac, at first setup and again only if you choose to add, replace, or update a model); license activation, when licensing launches (not live today); software-update checks (switched off in the current version); and help links that open your own browser.
  • What we actually hold about you: license records once licensing is live (including a device fingerprint we treat as personal information — see Section 8), whatever you write to us in a support email, standard website server logs, and — if you ask to be notified when the app or a Windows version ships — the email address you give us for that purpose alone. That is the complete list.
  • The flip side of privacy is responsibility — and a privacy policy is not a warranty. Because only you hold your data, only you can back it up; we cannot recover it. And while this policy truthfully describes how the app handles data, the software itself is provided “as is,” with no promises that it will work or that its notes will be accurate. You use it at your own risk (Section 11 and the Terms of Service).
  • If this policy materially changes — for example, when licensing goes live — we will update it and tell you before the new behavior ships (Section 12).

1. What stays on your Mac — all of your content

The following is created and processed on your device and is never transmitted to Modi Labs or to any third party by the app:

  • Audio you record (microphone or the call/system audio playing on your Mac) or import as a file. Recorded audio is held in memory while it is being transcribed and is discarded when recording ends; the app does not retain your audio, and it is never uploaded. Where the app briefly uses a temporary working file on your own disk for performance, that file stays on your Mac and is deleted after use.
  • Transcripts produced by the speech-recognition model running on your Mac.
  • Notes written from those transcripts by an AI model running on your Mac.
  • Titles, edits, context, and template choices you add.

Your notes are stored encrypted at rest on your Mac using AES-256-GCM, one encrypted file per note with a fresh random nonce on every write, authenticated so that a tampered file fails to decrypt rather than displaying corrupted content. A transcript queued for background note-writing is held the same way — as an encrypted file on your Mac — until the note is written. The encryption key is generated on your Mac on first use and stored only in your macOS Keychain. Copied off your Mac without that key, these files are unreadable noise. We never possess the key or the files.

Because there is no account and no upload, the only copy of your content in existence is the one on your Mac (plus any backups you make). You can read, export, and delete it at any time directly in the app — and you are the only one who can.

2. Every time the app uses the network — the complete list

NoteGenerator is designed to run offline. It uses the network only in the four situations below, and none of them transmits your audio, transcripts, notes, or edits. If a future version adds any network use beyond this list, we will update this policy before shipping it (Section 12).

2a. Downloads of the on-device AI models

To transcribe and write notes locally, the app needs its model files. A base speech-recognition model ships inside the app; the note-writing model files are downloaded when you first set up the app, and further model downloads happen only if you choose to add, replace, or update a model (for example, selecting a larger speech-recognition model). These files are fetched over an encrypted connection from a third-party model host, Hugging Face. Every such download moves software onto your Mac; nothing of yours is sent. Like any server you download a file from, the model host can see standard request information — your IP address, the file requested, and the time. That information goes to Hugging Face under its own privacy policy (see Section 5), not to us; we do not receive information identifying you or your individual download. Once the models you use are on your Mac, transcription and note-writing work fully offline.

2b. License activation and validation — not live today

This section takes effect only when licensing ships, and this policy must be republished first (Section 12). The current version has no licensing service and makes no licensing requests. If and when trials and paid licenses launch, activating or validating a license will contact our licensing service (license.notegenerator.com) and transmit only: a license key, and a device fingerprint— a one-way code derived from your Mac’s characteristics. The fingerprint cannot reveal your content and cannot be reversed to reconstruct details about your Mac, but it is a persistent identifier of your device, and we treat it — together with your license records — as personal information under privacy laws (see Section 8). License activation will never transmit your content, your name, or your email. We would use these records solely to issue trials, validate purchases, and prevent abuse.

One point worth stating here because it is privacy-adjacent: the product is designed and built so that your existing notes are never locked or deleted if a trial ends or a license lapses — they remain readable and exportable on your device, and only the creation of new AI-written notes may require an active license. The Terms of Service describe this in full; because your notes live only on your Mac, we could not reach them in any event.

2c. Software-update checks — switched off in the current version

The current build ships with automatic update checking disabled and no update server configured; it makes no update-related network requests. If we enable updates in a future version, an update check would transmit standard request information (the app version being run and your IP address) to the update server and nothing else — never your content — and we will update this section before that happens.

2d. Links you choose to open

Help and support links open your own web browser to NoteGenerator.com. The app sends nothing when you click a link; from that point you are visiting a website, governed by Section 4.

That is the complete list. The app contains no analytics, telemetry, advertising, tracking, or crash-reporting SDKs (most recently verified by a code scan of the current build on July 16, 2026; re-verified for each release), builds no profile of you, and Modi Labs does not sell or share personal information — there is essentially none to sell.

3. What Modi Labs actually holds about you

Because of the design above, the personal information we hold is close to nothing. In full:

  • Licensing records — only once licensing launches (it is not live today): a license key, trial/purchase status, and the device fingerprint(s) bound to the license — which we treat as personal information (Section 8). Not your name, email, or content.
  • Support correspondence: if you email us, we receive your email address and whatever you choose to write. Please do not email us your notes or transcripts; we do not need them, and once you send something to anyone by email it has left the protection this app was built to give it.
  • Email addresses you give us on the website: joining a waitlist, downloading the app, or buying a license each involves giving us an email address. We use it to deliver what you asked for (the download link, your license key, the ship announcement) and to send occasional product updates and announcements from us — never from anyone else, and never sold or shared. Every such email has an unsubscribe link that works, and if you ask, we delete your address entirely. Your email address tells us who uses NoteGenerator; it never touches what you record or write in it.
  • Website server logs: standard logs from NoteGenerator.com (Section 4).

We hold none of your recordings, transcripts, or notes — ever — because the app never sends them to us. Any future feature that moved content off your device would require a new version of the app — which you choose to install — and we commit that it would be explicit, opt-in, and disclosed in an updated version of this policy before it ships (Section 12).

4. The NoteGenerator.com website

When you visit NoteGenerator.com, our web host may record standard server-log information — IP address, browser type, pages requested, and timestamps — used to operate and secure the site and retained only as long as needed for those purposes. The website requires no account and no sign-in. If you type an email address on this site — for the waitlist or to download the app — it is sent to our server only when you press the button, and used as Section 3 describes: to deliver what you asked for and for occasional product updates from us, with a working unsubscribe on every message.

This site uses no third-party analytics, cookies, or embedded content. If that ever changes, this section will be updated — with a cookie disclosure and consent mechanism where required — before the change goes live.

5. Third parties

Only three third parties ever appear in the picture, each in a narrow role:

  • Hugging Face (model host):serves the model downloads described in Section 2a. Your download request is subject to Hugging Face’s own privacy policy; we recommend reviewing it. We do not send Hugging Face your content, and we do not receive information identifying you or your individual download from Hugging Face.
  • Payment processor — only once purchasing launches (it is not live today): payments will be handled by a dedicated payment processor (to be named before purchasing launches). Your payment-card details will go directly to the processor, never to Modi Labs — we must never receive your full card number, and the processor’s own privacy policy governs its handling of your payment data.
  • Apple: the app is distributed as a direct download (notarization by Apple lands with the public release) and uses macOS features such as the Keychain. Independently of anything the app does, macOS itselfmay contact Apple when you run any application (for example, Gatekeeper’s signature and notarization checks); that exchange is between your Mac and Apple under Apple’s policies and is not initiated by the app. If the app is later offered through the Mac App Store, Apple’s own terms and privacy practices will additionally apply to that purchase relationship.

We do not sell, rent, or share personal information with any third party for their marketing, and no third party is given access to your content — the app never creates that possibility, because the content never leaves your Mac.

6. Security — what we do, and what only you can do

What the app does:your notes are encrypted at rest with AES-256-GCM, a fresh random nonce per write, and authenticated encryption (a tampered file fails closed instead of displaying altered content). The encryption key exists only in your macOS Keychain. The app runs inside the macOS App Sandbox with Apple’s hardened-runtime protections and is code-signed (notarization by Apple lands with the public release), and its network reach is limited to the cases in Section 2. Recorded audio is processed in memory and not retained.

What this design achieves:the largest category of privacy breach — someone else’s server holding your data getting compromised — is eliminated for your content, because no such server exists. Your notes cannot leak from a cloud they were never in.

What only you can do — and what we do not promise: the same design concentrates everything on your Mac, which we do not control and cannot secure for you. The confidentiality of your notes depends on the security of your device: your login password, FileVault full-disk encryption, macOS updates, who has physical or administrative access to your Mac, and the safety of any copies youmake (exports, backups, and files you email or share leave the app’s encryption entirely and are yours to protect). No software can make an insecure computer secure, and we make no guarantee of absolute security and no promise that your device, your operating system, or your own copies of your content are safe (see Section 11). Securing the device your content lives on is your responsibility.

7. Retention and deletion — we cannot delete what we never had

  • Your content: stays on your Mac until youdelete it. Deleting a note in the app deletes its encrypted file. Note that uninstalling the app does not by itself guarantee removal of stored data — delete your notes in the app first, or remove the app’s data folder. If the encryption key is removed from your Keychain (for example, by wiping the Keychain or erasing the Mac), the note files become permanently unreadable. We cannot delete, recover, restore, or unlock your content in any circumstance, because we never possess it or its key. For the same reason, keeping a backup of anything you cannot afford to lose is your responsibility — there is no copy anywhere else.
  • Licensing records (once licensing launches): retained as long as needed to operate your license and to meet legal, tax, and accounting obligations, then deleted. A specific period will be stated before licensing launches.
  • Support emails: retained as long as needed to resolve your request and for a reasonable period afterwards, then deleted.
  • Website logs: retained briefly for operations and security, then deleted or aggregated.

8. Your privacy rights (GDPR, CCPA/CPRA, and similar laws)

Depending on where you live — for example the EU/UK under the GDPR, or California under the CCPA/CPRA — you may have the right to access, correct, delete, or receive a copy of the personal information a business holds about you, to restrict or object to certain processing, and to not be discriminated against for exercising those rights.

We will honor these rights honestly, and honesty requires saying this up front: for your recordings, transcripts, and notes, our answer to any such request will be that we hold none of it. The only copy is on your Mac. You do not need to ask us to access, export, correct, or delete your content — you already have more direct power over it than any request to us could grant, and you can exercise it in the app at any time. Correspondingly, we cannot comply with a request to hand over or erase content we never had.

For the little we do hold — licensing records including the device fingerprint(once licensing is live), support emails, waitlist email addresses, and website logs — contact us at the address in Section 13 and we will act on your request, verifying it using the same kind of information the record itself contains (for example, a license key or the email address you wrote from), since we have no account or identity data to verify you against. Authorized agents may submit requests where the law provides for them. We do not “sell” or “share” personal information as those terms are defined in the CCPA/CPRA, and we have no advertising or tracking to opt out of. EU/UK residents may also lodge a complaint with their supervisory authority.

One more point of honesty about roles: when you record other people, youare the one processing their words, on your device, under your control. Laws such as the GDPR and recording-consent statutes may make you responsible for having a lawful basis and any required consent. Modi Labs never receives or processes those people’s information and cannot obtain consent, respond to their requests, or carry that responsibility for you — it is yours, as the Terms of Service spell out.

Nothing in this policy or in the Terms of Service limits, or asks you to waive, any right you have under applicable privacy or consumer-protection law — including the GDPR and UK GDPR, the CCPA/CPRA, and similar statutes. Where this policy and such a law differ, the law prevails for you.

9. Children

NoteGenerator is not directed to children and is not intended for use by anyone under 13 (or the higher minimum age your jurisdiction sets, such as 16 in parts of the EU). We do not knowingly collect personal information from children — and because the app collects almost no personal information from anyone and requires no account, it has no mechanism that would gather a child’s data. If you believe a child has nonetheless provided us personal information (for example, by emailing support), contact us and we will delete it.

10. International users

Wherever you are in the world, your content is processed locally on your own Mac and is not transferred anywhere by the app — which means the usual cross-border data-transfer concerns simply do not arise for your recordings, transcripts, and notes. The limited data we do hold (licensing records once live, support emails, waitlist email addresses, website logs) is processed in the United States, where Modi Labs LLC operates. Nothing in this policy limits any non-waivable rights you have under the consumer-protection or data-protection laws of your home jurisdiction.

11. No warranty; use at your own risk; limits on liability

Transparency cuts both ways, so we say this as plainly as the rest. This policy truthfully describes how the app handles information, and nothing in this section walks that back. But a privacy policy is not a performance warranty. The Terms of Service govern your use of NoteGenerator — including the full warranty disclaimer, the limitation of liability, and your responsibilities for lawful recording, backups, and reviewing AI output — and we restate the substance conspicuously here because we would rather you read it twice than miss it.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW — AND EXCEPT FOR THE FACTUAL DESCRIPTIONS OF DATA HANDLING IN THIS POLICY AND ANY EXPRESS STATEMENTS IN THE TERMS OF SERVICE — NOTE GENERATOR IS PROVIDED “AS IS” AND “AS AVAILABLE,” WITH ALL FAULTS AND WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE APP WILL BE UNINTERRUPTED, ERROR-FREE, OR SECURE; THAT ANY TRANSCRIPT OR AI-WRITTEN NOTE WILL BE ACCURATE, COMPLETE, OR RELIABLE; OR THAT YOUR CONTENT WILL NOT BE LOST OR CORRUPTED — YOU ARE RESPONSIBLE FOR YOUR OWN BACKUPS. YOUR USE OF THE APP IS AT YOUR OWN RISK AND UNDER YOUR OWN RESPONSIBILITY.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MODI LABS WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, AND ITS TOTAL AGGREGATE LIABILITY FOR ALL CLAIMS IS CAPPED AS STATED IN THE “LIMITATION OF LIABILITY” SECTION OF THE TERMS OF SERVICE — AT THIS DRAFT, THE GREATER OF (i) THE AMOUNTS YOU PAID MODI LABS FOR THE SERVICE IN THE TWELVE (12) MONTHS BEFORE THE EVENT GIVING RISE TO THE CLAIM OR (ii) FIFTY U.S. DOLLARS (USD $50).

The Terms of Service are the controlling statement of these limits.

What this section does not do. Nothing in this policy or in the Terms of Service excludes or limits liability for: (i) fraud or fraudulent misrepresentation; (ii) gross negligence or willful misconduct; (iii) death or personal injury caused by negligence, where the law so provides; or (iv) any other liability that cannot be excluded or limited under applicable law, including your non-waivable statutory rights.

SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO SOME OR ALL OF THE ABOVE MAY NOT APPLY TO YOU.

In those places, these provisions apply only to the extent permitted there, and if you are a consumer in the EU or UK you keep your statutory rights concerning the conformity of digital content, which cannot be excluded by contract.

Plain-language summary (which does not alter the paragraphs above): this policy truthfully describes how the app handles your data — but we do not promise the software will always work, and we do not promise the notes will always be right. You decide whether and how to rely on it, at your own risk. The rights your law says you keep, you keep.

12. Changes to this policy

We may update this policy as the product evolves — most foreseeably when licensing, purchasing, or software updates go live, each of which is described above in advance as not yet active. Our commitments when we do:

  • New data practices ship behind an updated policy, not ahead of it. If a change means the app or website will collect or transmit something this policy does not currently describe (for example, when licensing or the update channel goes live), we will publish the updated policy and provide prominent notice — in the app and in the release notes — before the new behavior is enabled.
  • Material changes get advance notice.We will post the updated policy at NoteGenerator.com/privacy with a new “Last updated” date, a summary of what changed, and at least 30 days’ notice for material changes.
  • No retroactive expansion. A policy change never retroactively broadens what we may do with information collected under an earlier version.
  • Prior versions remain available at NoteGenerator.com/privacy/archive.

One commitment does not change with the versions: any future change that would move your content off your device would require a new version of the app — which you choose to install — and would be explicit, opt-in, and disclosed in an updated version of this policy before it ships. Never a silent default.

13. Contact

Modi Labs LLC — NoteGenerator
Privacy questions and rights requests: support@notegenerator.com
Registered address and state of formation: to be listed in the published version.

Read this alongside the Terms of Service (draft).