Privacy Policy
Last updated: 8 July 2026
Blurt is a macOS menu-bar dictation app. You hold a push-to-talk key (Right Option by default), speak, and Blurt transcribes your voice, lightly formats the text, and types it into your active app. Where your audio is processed depends on which mode you use. This policy explains each one, what is stored, and who we share data with. It is written to match what the software actually does — please read the mode that applies to you.
1. Who we are
"Blurt", "we", and "us" refers to the maker of the Blurt app. For dictation done entirely on your Mac (the default on Apple Silicon) and for the bring-your-own-key mode, Blurt does not receive your audio or text, and you control the data on your device. For the managed Cloud plan, where audio passes through our server, Blurt is the data controller for that processing. You can reach us at support-blurt@chbnk.one.
2. The three modes — and where your voice goes
Blurt can transcribe your speech in three different ways. The mode in effect depends on your Mac and your settings.
2a. On-device (default on Apple Silicon)
On Apple Silicon Macs, Blurt transcribes and cleans up your dictation entirely on your Mac by default, using an on-device speech-to-text model (WhisperKit) and a local language model for formatting. In this mode your audio and text never leave your Mac and no Blurt server or third party is involved in transcription. The models are downloaded once, on demand, to your Application Support folder.
2b. Your own OpenAI key (Free / bring-your-own-key)
If you choose to use your own OpenAI API key, your audio is sent over an encrypted HTTPS/TLS connection directly from your Mac to OpenAI to be transcribed and formatted. The request is made under your OpenAI account and key. Your key is stored only in your macOS Keychain on your device and is sent only to OpenAI; Blurt does not receive it, and no Blurt server is involved. Your use of OpenAI is governed by OpenAI's terms (see Sub-processors).
2c. Managed Cloud (Blurt Pro, and the cloud option on Intel Macs)
With the paid Cloud plan — and on Intel Macs, which cannot run the on-device models, this is the only cloud option — Blurt handles transcription for you using our own keys. In this mode your audio is uploaded over TLS to Blurt's backend at api.blurt.me, which relays it to a third-party speech-to-text provider using Blurt's server-held keys: for real-time/streaming transcription, Soniox (model stt-rt-v5); for batch transcription, by default Groq (model whisper-large-v3-turbo, at api.groq.com), or OpenAI. The provider returns a transcript, which our backend returns to your Mac.
Our backend relays the audio and does not store the audio file after the request completes. However, on this plan your audio and the resulting transcript do pass through Blurt's server and the third-party provider named above. We do not use your audio or transcripts to train any model, and we do not sell them. This plan requires an account (see Accounts & stored data).
On the Cloud plan, the resulting transcript text is then sent over TLS to DeepInfra to clean up filler words and punctuation, apply your chosen writing style, carry out spoken edit commands, and — if you use the Translate feature — translate it, using a large language model (google/gemma-3-12b-it). DeepInfra receives the transcript text only, not your audio, does not use it to train models, and returns the polished text to your Mac. In on-device and bring-your-own-key modes this formatting is done locally or via OpenAI, and DeepInfra is not involved.
3. Sub-processors
Depending on the mode and features you use, we rely on the following providers to deliver the service. We share only what each one needs for its function. We do not authorise any of them to use your content to train their models, and we do not sell your data.
- OpenAI — speech-to-text and text clean-up. Receives your voice audio and text when you use your own OpenAI key (2b), or when the managed Cloud plan (2c) is configured to use OpenAI. Privacy policy · API terms & data usage.
- Groq — the default speech-to-text provider on the managed Cloud plan (2c). On that plan, Groq receives your voice audio (relayed by our backend) and returns a transcript. It is not used for on-device or bring-your-own-key dictation. Privacy policy.
- Soniox — the real-time streaming speech-to-text provider on the managed Cloud plan (2c). When live/streaming transcription is used, Soniox receives your voice audio (streamed by our backend) and returns an incremental transcript. It is not used for on-device or bring-your-own-key dictation. Privacy policy.
- DeepInfra — the language-model provider that cleans up, formats, voice-edits, and (when enabled) translates your transcript on the managed Cloud plan (2c). It receives your transcript text (not audio) and returns the polished text. It is not used for on-device or bring-your-own-key dictation. Privacy policy.
- Stripe — processes payments and manages billing for the paid plan. Receives your email address, payment card details, and billing address; it does not receive your audio or transcripts. Privacy policy.
- Resend — sends transactional email (such as email verification and password-reset messages). Receives your email address and the contents of those messages; it does not receive your audio or transcripts. Privacy policy.
- Apple and Google — only if you choose to sign in with "Sign in with Apple" or Google. The provider you pick handles the sign-in and returns a basic identifier and email to us. Apple privacy · Google privacy.
4. On-device dictation history
By default, Blurt keeps a history of your dictations on your Mac so you can review and re-copy past results. This history is stored locally on your device (using SwiftData, under ~/Library/Application Support). It holds up to the most recent 1,000 entries, and each entry includes the raw transcript, the cleaned-up text, the name of the app you dictated into, and a timestamp.
This history is stored unencrypted on your Mac and persists after you quit Blurt until it is cleared or rolls over past 1,000 entries. It stays on your device — Blurt does not upload your history. Because dictation can include sensitive content, you can control it:
- Turn it off: enable Privacy Mode in Blurt to stop new dictations from being saved to history.
- Clear it: clear the stored history from within the app at any time.
5. Accounts & stored data
You only need an account if you sign in or subscribe to the paid Cloud plan. On-device and bring-your-own-key dictation do not require an account. When you do create one, our backend (a PostgreSQL database) stores the following, depending on how you sign up and use the service:
- Account details: your email address and name.
- Authentication: if you use email/password, a scrypt hash of your password (never the password itself); if you use Google or Apple, the OAuth provider, the subject identifier they assign you, and the email they return.
- Sessions & devices: hashes of your refresh tokens together with the device User-Agent, so you can stay signed in across devices and we can detect token misuse.
- Usage: monthly usage counters, used to operate and meter the service.
- Email/security tokens: short-lived tokens for email verification and password reset.
We do not include any analytics, telemetry, or crash-reporting SDKs in the app or on this website.
5a. Connection metadata
When your app or browser connects to our backend, we process standard connection metadata — your IP address and User-Agent — server-side to operate the service securely and to prevent fraud and abuse (for example, rate-limiting). The website's static pages are served without request logging by our web server.
5b. Lawful basis (GDPR)
Where GDPR applies, we rely on: performance of a contract to provide your account and the paid Cloud service (Art. 6(1)(b)); your consent for microphone access and for each dictation you initiate; and our legitimate interests in keeping the service secure and preventing abuse, for the connection metadata described above (Art. 6(1)(f)).
Support requests. When you contact us through the in-app form or the support page, we store the email address you provide, your message, and basic technical details (app version, OS version) so we can answer you. We keep these only as long as needed to resolve and document the request.
5c. Retention
- Account data (email, name, authentication, usage counters) is kept while your account is active, and is deleted when you delete your account (see your rights below).
- Refresh-token records are retained for the life of the session and removed on logout, rotation, or expiry.
- Email/security tokens are short-lived and expire automatically.
- Audio on the managed Cloud plan is relayed in-flight and is not stored by our backend after the request completes.
- On-device history is controlled entirely by you on your Mac, as described in Section 4.
6. Your rights
Subject to applicable law (including GDPR and CCPA), you have the right to access, correct, export, and delete your personal data, and to object to or restrict certain processing. For data held in your account, you can:
- Export your data — request a copy of your account data from within the app, or by emailing us.
- Delete your account — delete your account and its associated data from within the app, or by emailing us; this removes your account record and the data linked to it, and cancels related subscription entitlements.
We do not sell or "share" personal information as those terms are defined under US state privacy laws. To exercise any right, use the in-app controls or email support-blurt@chbnk.one. Data processed by a sub-processor on your behalf (for example, OpenAI under your own key) is also governed by that provider's policy.
7. Permissions and why
- Microphone — to record your voice while you hold the key. There is no always-on listening and no wake word.
- Input Monitoring — to detect the push-to-talk key being held. Blurt uses a listen-only tap and does not capture or log your other keystrokes.
- Accessibility — to insert the transcribed text into other apps.
Blurt does not read your screen contents, does not log keystrokes, and does not monitor your typing.
8. A note on sensitive content
Because Blurt inserts whatever you dictate, transcribed text may briefly pass through the macOS clipboard during insertion, is saved to your on-device history unless you turn that off, and — outside on-device mode — is sent to a third-party API for processing. If you are using your own key or the managed Cloud plan, avoid dictating passwords or other secrets you do not want transmitted to a third party. For maximum privacy, use on-device mode (default on Apple Silicon) and enable Privacy Mode to skip history.
9. Children
Blurt is not directed to children under 13.
10. Security
All transmission to OpenAI, Groq, and our backend uses TLS. Passwords are stored only as scrypt hashes; refresh tokens are stored only as hashes. Your OpenAI key, if you provide one, is stored in the macOS Keychain.
11. Changes
The current version of this policy is always available at blurt.me/privacy.html. If we make material changes, we will update the date above.
12. Contact
Questions about privacy? Email support-blurt@chbnk.one.