Skip to main content

Enterprise

On-device dictation built for security teams

Voice Type runs locally on macOS. There is no ingestion API, no cloud store, and no analytics pipeline. That makes vendor review and ongoing compliance much simpler.

On-device onlyNo vendor data storeSimple review path

Enterprise pages should calm security teams down. The whole pitch is that Voice Type removes categories of risk by not being a cloud dictation service in the first place.

Contact salesTrust Center

Security model

Less infrastructure means less bullshit to review.

The enterprise case is straightforward: if dictation runs locally, there is no customer audio pipeline for you to audit, no vendor storage layer to reason about, and far fewer procurement surprises.

At a glance

  • No analytics, crash logs, or telemetry shipped with the app.
  • No backend servers. The marketing site is a static export and the app works offline.
  • Dictation stays on device. Audio is never uploaded.
  • Optional bring-your-own-key rewrite goes directly from the device to your provider.
  • Payments and licensing are handled by Apple via StoreKit.

HIPAA-compatible default

HIPAA becomes a vendor problem when PHI is transmitted to that vendor. Voice Type performs dictation entirely on-device and we never receive PHI, so a BAA is typically not required for the default offline workflow.

SOC 2 fit

SOC 2 evaluates controls for systems handling customer data. Voice Type does not operate a customer data processing service. For procurement we provide a short architecture note, security whitepaper, and a minimal vendor questionnaire.

Network and MDM

Required allowlist is Apple StoreKit licensing endpoints. Optional allowlist is whichever rewrite provider you choose. Distribution is through the Mac App Store and works with standard macOS MDM flows.

Comparison

Where the compliance story differs.

ProductWhere it runsPostureNotes
Voice TypeOn device (macOS)No analytics, no logging, HIPAA-compatible offline modeOptional BYO-key rewrite flows device → provider; nothing passes through us.
Wispr FlowCloudSOC 2 Type II; HIPAA-ready with additional controlsCross-platform with enterprise administrative controls.
OtterCloudSOC 2 Type II; HIPAA on Enterprise plan with BAAMeeting agent and collaboration feature set.

Competitor notes are directional and based on public disclosures, not a blood oath.

Procurement kit

The docs security teams actually ask for.

  • Security whitepaper and data-flow diagram on request.
  • Completed vendor questionnaire showing no customer data processed, stored, or transmitted.
  • Priority email support for volume purchases.
Request materials