Your AI Notetaker Is Not the Problem. The Folder Is.

Key Takeaway: Are AI meeting notetakers private? The popular ones (Fathom, Otter, Fireflies) upload your calls to the vendor's servers for the transcription and summaries; with video tools like Fathom, that upload includes the video itself. That is the architecture, not a scandal. Local tools like MacWhisper record audio only and transcribe it on your own machine, so the call itself never has to touch a vendor's servers. But this week I learned the part almost nobody talks about: even a fully local recording leaks if the transcript file lands in a folder your AI assistant reads. A recording is only as private as the folder its transcript lands in. Two rules fix it, and neither is technical.
I Switched to a Private Recorder and Still Found a Leak
This week I replaced my cloud notetaker with a local one, specifically so my customer calls would stop leaving my computer. I felt pretty good about it for about an hour.
Then I ran my own setup through a simple thought exercise: suppose a customer says something sensitive on a call. Where does that sentence actually end up? And I caught my new, very private recorder quietly delivering transcripts into the one folder every AI tool I use reads every day. The recording never left my Mac. The words were about to anyway.
Nobody had breached anything. I had built the leak myself, with good intentions, in settings I chose. That is what this post is about, because if it happened to me, on a setup I designed on purpose, it is almost certainly happening in other businesses that have no reason to think to check.
What Your Notetaker Actually Captures
Start with literacy, not panic: know what each tool captures and where it puts it.
The cloud notetakers (Fathom, Otter, Fireflies, and most of the well-known names) work by joining or watching your meeting and sending it to the vendor's servers, where the transcription and the AI summaries happen. With the video-based ones, that is your whole call, faces and voices and screen shares, stored on infrastructure you do not control, under terms you probably have not read since you clicked them. That is not malice; it is just how they are built, and it is why they are so convenient. But if you record customer calls, understand what you are actually doing: handing a third company a copy of your customer's conversation.
Local tools do the work on your own machine. The one I moved to, MacWhisper, records the call's audio (no video exists at all) and transcribes it right on my laptop; the way I have mine set up, nothing goes to any vendor. If my internet died mid-call, the transcription would still happen. For a business owner whose calls include customer details, pricing conversations, and the occasional sensitive moment, that architecture is simply a better fit. I have written before about why I keep my business data close; this is that principle applied to conversations.
So: local recorder, problem solved? Almost. And "almost" is the whole lesson.
The Part Almost Nobody Checks: Where the Transcript Lands
Here is the chain I almost missed. My whole operation runs on a folder of plain text notes that my AI tools read. That is the point of it: when I ask my AI assistant a question, it finds and reads the relevant notes so its answers know my business. The assistants I use include cloud tools like Claude, so anything I let them read travels to their servers under my account.
My new recorder was configured to auto-save transcripts into that folder. Follow the chain with me: a customer speaks a sentence on a call, the local recorder faithfully turns it into text on my machine, the text lands in the folder my AI reads, and the next time I ask a question that touches that file, the sentence rides along to a cloud AI. If someone had read a password out loud on that call, the password would ride along too.
Every link in that chain worked exactly as designed. Local recording, private transcription, my own folder, my own AI account. And the sum was still a leak, because a recording is only as private as the folder its transcript lands in.
The Two Rules That Fix It
Neither one requires a technical bone in your body.
Rule one: give transcripts a waiting room. My transcripts now land in a quarantine folder that no AI tool reads, ever. It is not synced, not indexed, not part of my notes. Transcripts sit there until I review them; the clean ones get promoted into my working notes, and anything sensitive gets handled by a human (me) first. One folder, one habit, and now nothing a customer says can reach any cloud service through my setup without my eyes on it first.
Rule two: never speak secrets on a recorded call, and that means never on any call. A spoken password becomes text the moment anything transcribes it, whether that is your notetaker or the other side's. If credential work has to happen live on a call, the other person types it into their own password manager and nobody says it out loud. Nothing spoken, nothing transcribed, nothing to clean up. This is the same reason I tell every caller up front that my notetaker is running; recording people is a trust decision before it is a technical one.
Three Questions to Ask About Any Tool You Use
You do not need to become an engineer. You need answers to three questions about any tool that touches your customer conversations:
- What does it capture? Video, audio, or text only. Less is safer.
- Where does the captured thing live? A vendor's servers, or your machine.
- What else reads that place? This is the one everyone skips, and it is where my own setup leaked. If you use a cloud notetaker, "that place" is your vendor account: the integrations connected to it, the teammates with access, and any AI tool you paste transcripts into. Exported transcripts deserve the same waiting room mine get.
If you can answer those three, you know more about your own privacy than most businesses ever will. And notice what the answers cost you: nothing. Both of my fixes were free. The expensive part was only the noticing.
If you would rather do that noticing with company, that is what The Vibe Circle is for. It is my community for owners learning AI at their own pace: $99 a month, a live 90-minute call with me every two weeks (Sundays at 6 PM ET), and a feed where questions get answered in between. Bring your own setup, we will walk your three questions together on the call. Cancel anytime.
Joseph Philip Savino is the founder of Savino Marketing, based in Hazlet, NJ. He teaches startups and small businesses to adopt AI safely, with 9% of all proceeds going to charity. Questions like these get worked through live, every two weeks, inside The Vibe Circle.
Want More Insights?
Want to go deeper than the blog? Own Your AI (my 9-week 1:1 program) and The Vibe Circle are where I teach this hands-on. No jargon, just results.