버그 보고 / 기능 요청

Security & Privacy

Exactly what happens to your audio and transcripts at every step. No marketing fluff — just how it actually works.

Three Levels of Privacy

Standard

Every user, every plan — including free
  • HTTPS (TLS 1.3) for all data in transit
  • Audio deleted immediately after processing
  • Transcripts stored in our database
  • We can read stored transcripts
  • Data never sold or used for training
  • Delete your data anytime

Private Transcript

Pro+ Available on Pro and Business plans
  • Everything in Standard, plus:
  • Transcript encrypted in your browser (AES-256-GCM) before saving
  • We store only encrypted data — we cannot read it
  • Key derived from your password, never sent to us
  • ⚠ Audio is still processed on our servers during transcription

Private Cloud / Self-Hosted

Full isolation — from $99/mo
  • Audio never leaves your infrastructure
  • Transcription runs on your GPU
  • No data sent to STT.ai servers
  • Air-gapped support available
  • True end-to-end privacy

What Actually Happens to Your Data

A transparent, step-by-step breakdown of how your audio and transcript are handled.

Standard (all users)
1
You upload audio or record live
Your file is sent over HTTPS (TLS 1.3) to our GPU server for transcription.
2
Audio is processed in memory
Our AI models transcribe your audio on the GPU. The audio is held in memory during processing — never written to disk — and deleted from memory immediately after.
3
Transcript is stored in our database
The text transcript, timestamps, and speaker labels are saved so you can access them later. We can read this data (this is how search, AI summaries, and sharing work).
4
You can delete everything anytime
Delete individual transcripts or your entire account from Privacy Settings. Deletion is permanent and immediate.
With Private Transcript enabled

Steps 1-2 are the same — your audio must be processed on our servers to generate the transcript. The difference is what happens next:

3
Transcript is encrypted in your browser before saving
After transcription, the result is returned to your browser. Your browser encrypts it with AES-256-GCM using a key derived from your password (PBKDF2, 100K iterations). The encrypted blob is then sent to our servers for storage. We never see or store the encryption key.
4
We store only encrypted data
Our database contains only the encrypted blob. We cannot decrypt it. If our database were breached, your transcripts would be unreadable.
Important: Private transcript protects the stored transcript. During the transcription process itself, your audio is processed on our servers in order to generate the text. If your threat model requires that audio never touches third-party servers, consider Private Cloud or Self-Hosted.

What We Can and Can't See

We CANNOT see (with Private Transcript)
  • Your stored transcript text
  • Speaker names or labels (stored)
  • Timestamps or word-level data (stored)
  • Your encryption key or password
We CAN see (even with Private Transcript)
  • Your audio during processing (deleted after)
  • File name, size, duration (metadata)
  • Language detected, model used
  • Timestamp of transcription
  • Your account info and billing

Technical Details

Encryption algorithmAES-256-GCM (authenticated encryption)
Key derivationPBKDF2 with SHA-256, 100,000 iterations
IV (nonce)Random 12 bytes per encryption (never reused)
Key storageNever stored — derived from password on each session
Transport encryptionTLS 1.3 (HTTPS) + HSTS (1 year, preload)
Audio retentionProcessed in memory, never written to disk, deleted immediately
ImplementationWeb Crypto API (browser-native, no external libraries)
Source codegithub.com/sttaigit/stt-encryption (MIT license)

Private Transcript Trade-offs

Private transcript is opt-in because encrypting the stored transcript limits some features:

Works with encryption
  • Viewing your transcripts
  • Exporting (TXT, SRT, VTT, etc.)
  • Downloading
  • Editing (decrypted in browser)
Not available with encryption
  • Server-side search across transcripts
  • AI summaries and chat (server can't read data)
  • Public sharing via link
  • Team workspace collaboration

Need Audio to Never Leave Your Servers?

Private transcript protects the transcript at rest, but audio still passes through our GPU during processing. If your compliance or security requirements demand that audio never touches third-party infrastructure, these are your options:

Private Cloud

$499/mo

Dedicated GPU server managed by us. Your audio never leaves your isolated environment.

  • Dedicated A100 GPU
  • Isolated — no shared infrastructure
  • Audio processed on your hardware only
  • Full API access + SLA
Learn More

Self-Hosted

$99/mo

Docker image. Your servers. Your GPU. Nothing leaves your network.

  • Docker — runs on any NVIDIA GPU
  • Air-gapped support — no internet required
  • Model updates included
  • Full control, full privacy
Learn More

Our Commitments (All Users, All Plans)

  • Audio files are never stored permanently. Processed in GPU memory, deleted immediately after transcription.
  • Your data is never used for AI training unless you explicitly opt in via Voice Lab.
  • We don't sell your data. Ever. To anyone.
  • All traffic encrypted in transit via TLS 1.3 with HSTS.
  • Delete your data anytime from Privacy Settings or by deleting your account.
  • Encryption code is open-sourceaudit it yourself (MIT license).

Open-Source Encryption

Our encryption library is fully open-source under the MIT license. Don't trust us — verify the code. No trust required, just math.

View on GitHub | View Source

Ready to transcribe securely?

Upload your first file free. Private transcripts available on Pro and Business plans.

Start Transcribing

자주 묻는 질문

STT.ai에 오디오/비디오 파일을 업로드하고 AI 모델을 선택한 후 전사를 클릭하세요. TXT, SRT, VTT, DOCX, JSON, PDF로 내보내기 가능.

네! STT.ai는 모든 사용자에게 월 600분 무료 제공. 첫 전사는 가입 불요. 유료 플랜 월 $5부터.

정확도는 AI 모델과 오디오 품질에 따라 다릅니다. 최고 모델은 93-95%+ 정확도를 달성합니다.

STT.ai 는 Whisper Large V3, NVIDIA Canary 등 10개 이상의 모델을 제공하며, 동일한 파일에서 다른 모델의 결과를 비교할 수 있습니다.

네. 녹음한 후에는 SRT 또는 VTT 자막 파일로 내보내십시오. 이러한 자막 파일은 YouTube, Vimeo 및 모든 주요 비디오 플랫폼에서 사용할 수 있습니다.

예. STT.ai 는 AI 스피커 디아리제이션을 사용하여 다른 스피커를 자동으로 식별하고 라벨링합니다. 모든 모델과 언어에서 작동합니다.

대부분의 파일은 5분 이내에 녹음됩니다. 1시간짜리 오디오 파일은 일반적으로 가장 빠른 모델로 2-3분이 소요됩니다.

STT.ai 20+ 오디오 및 비디오 포맷을 포함하여 MP3, WAV, M4A, FLAC, OGG, MP4, MKV, MOV, WebM, AVI를 지원합니다. TXT, SRT, VTT, DOCX, JSON 또는 PDF로 내보내기.

네, 오디오 파일은 처리되고 녹음 후 삭제됩니다. 데이터는 절대 교육에 사용되지 않습니다. 클라이언트 측 암호화는 모든 플랜에서 무료로 제공되며, 저장된 녹음을 귀하만이 가지고 있는 키로 암호화합니다. 처리 중에 서버가 오디오를 일반 텍스트로 처리합니다. 보안에 대해 알아보기.

STT.ai 는 Python 및 Node.js SDK를 사용한 REST API를 제공합니다. 무료 계층에는 월 100분이 포함됩니다.

STT.ai 에는 오류를 수정하고, 스피커 이름을 변경하고, 타임스탬프를 조정할 수 있는 내장된 기록 편집기가 포함되어 있습니다.

모든 녹음은 고유한 공유 링크를 얻을. 이메일을위한 DOCX 또는 PDF로 내보내기. 프로 플랜은 암호로 보호되고 영구적인 링크를 제공합니다.

STT.ai은 YouTube, Vimeo, TikTok, SoundCloud 등 1,300개 이상의 플랫폼을 지원합니다. URL 변환은 공개적으로 사용 가능한 오디오 및 비디오에서만 작동합니다. DRM 보호 콘텐츠(예: Spotify 프리미엄 에피소드, Netflix, Disney+ 등)는 변환할 수 없습니다. DRM 콘텐츠의 경우 파일을 별도로 다운로드하고 직접 업로드하십시오.