Privacy Policy
Effective July 6, 2026
Sessions records conversations that are often the most private thing a person has. So the app is built local-first: your audio never leaves your phone, transcription happens on the device, and we run no server and keep no accounts. This page says exactly what lives where, and the two narrow things that can leave your device.
What stays on your device — everything, by default
- Recordings.Audio is captured and stored only in the app’s private storage on your phone. The app has no upload path for audio. None. Recordings are also excluded from iCloud and computer backups unless you switch backups on in Settings.
- Transcripts.Transcription is done by your iPhone’s built-in on-device speech recognition. The audio is never sent to a server — not ours (we don’t have one), not Apple’s. If your device can’t transcribe on-device, Sessions fails rather than falling back to a cloud service.
- Notes, reflections, action items, and your profile name.Stored in a local database inside the app’s private storage.
- Your OpenAI API key.If you add one, it is kept in your device’s keychain. It is never bundled with the app, written to the database, or logged.
The two things that can leave your device
1. Transcript text to OpenAI — only if you opt in.Turning a transcript into structured notes uses OpenAI’s API. This happens only if you add your own OpenAI API key in Settings. What is sent is the transcript text — never the audio — directly from your phone to OpenAI using your key. We are not in the middle: we run no server, and we never see, store, or have access to your transcripts. That request is governed by OpenAI’s API data-usage policies under your own OpenAI account. If you never add a key, nothing is ever sent to OpenAI and your sessions remain as recordings and on-device transcripts.
2. Crash reports. If the app crashes, a technical report (stack trace, device model, OS version) is sent to Sentry, a crash-reporting service, so we can fix it. Crash reports are configured to carry no personal identifiers and no content — no recordings, no transcripts, no notes, and log messages are stripped before sending.
What we don’t do
- No accounts, no sign-up, no email collection.
- No analytics, tracking, or advertising SDKs in the app. This website uses Vercel’s cookieless, aggregate page analytics — no cookies, no cross-site tracking, nothing tied to you.
- No selling or sharing of data — we never possess it in the first place.
Backups and moving phones
On iOS, recordings are kept out of iCloud and computer backups by default; notes and transcripts are backed up with the rest of the app’s data. You can choose to include recordings in backups from Settings — and if you leave them out, know that they will not survive a phone migration or restore. On Android, recordings are never included in cloud backups, though they do move with a direct device-to-device transfer.
Deleting your data
Delete any single session — its recording, transcript, and notes — from the session page. Delete everything the app holds, including your API key, with “delete everything on this device” in Settings. Because all data lives inside the app’s private storage, uninstalling Sessions also removes everything.
Recording other people
Sessions records conversations, and laws about recording vary by region — many places require the other person’s consent. The app asks you to confirm, before your first recording, that your practitioner knows and agrees. That responsibility stays with you.
Children
Sessions is not directed at children under 13, and we do not knowingly collect information from them — or, for that matter, from anyone.
Changes to this policy
If the app’s privacy posture ever changes — for example, an optional service for people who don’t want to bring their own API key — this page will change first, with the effective date above updated. The promise that audio never leaves your device is not up for revision.
Contact
Questions about privacy: hello@keepsessions.com