A GDPR-compliant AI notetaker is one that never creates the data.
By Fazit
Most vendors answer the GDPR question with a DPA and a subprocessor list. The stronger answer is architectural: a GDPR-compliant AI notetaker minimizes its compliance surface by never persisting audio and never transmitting it — because data that is never created cannot be breached, transferred, or demanded back.
The moment you press record, you become a controller
GDPR’s roles are unforgiving. When you run a cloud notetaker on a client call, you are the data controller for that call’s audio — a recording of identifiable voices discussing, often, health, finances, or legal matters. The vendor is your processor, and behind it sits a chain of subprocessors: the transcription API, the LLM provider, the storage layer.
That single decision instantiates a stack of obligations:
- An Article 28 data processing agreement with the vendor — and visibility into every subprocessor change.
- A lawful basis under Article 6, and for calls touching health or legal matters, potentially an Article 9 special-category basis. “Legitimate interest” gets thin here.
- An international transfer mechanism if audio crosses to US infrastructure — the EU–US Data Privacy Framework today, whatever survives the next Schrems challenge tomorrow.
- An entry in your Article 30 records of processing, and a plausible Article 35 DPIA if you are systematically recording client conversations at scale.
- DSAR exposure: any participant on any recorded call can demand access to — or erasure of — the recording. Erasure across a vendor’s storage, backups, and model-training pipelines is a promise, not a guarantee. We covered how far deletion actually reaches in How to Delete Everything an AI Notetaker Knows About You.
None of this is hypothetical paperwork. It is the standard due-diligence checklist any DPO will run the first time they discover the sales team has been running a cloud notetaker on customer calls.
Data minimization is an architecture, not a policy
Article 5(1)(c) requires that personal data be “adequate, relevant and limited to what is necessary.” Article 25 requires data protection by design and by default. Most vendors satisfy these on paper — retention settings, deletion windows, regional hosting.
Fazit satisfies them in the execution path:
- Audio is captured into a fixed-size ring buffer in RAM. There is no file. There is no upload.
- Transcription runs on-device on Apple Silicon. The audio’s entire lifecycle is volatile memory.
AudioRingBuffer.reset()runs unconditionally on every exit path, and the buffer type has no serialization method. Persisting audio would require a deliberate, reviewable code change — the full mechanics are in Why “Never Records” Is Not Marketing.- What survives the call is a Markdown note in your own Obsidian vault, stamped
audio_retained: false.
This is what data protection by design actually means: not a shorter retention window, but a shorter list of things that exist.
August 2, 2026: the AI Act makes the vendor chain everyone’s problem
In two weeks, the EU AI Act’s main wave of obligations becomes applicable — governance rules, transparency duties, and penalties, layered on top of the general-purpose AI provider obligations already in force since 2025.
AI notetakers are not “high-risk” systems under Annex III. But if you deploy one, you inherit the transparency posture of everything in its chain: which foundation model transcribes, which LLM summarizes, where each runs, what each retains. Every subprocessor becomes a line in someone’s AI governance register — yours, or your enterprise client’s procurement team’s.
The on-device answer collapses that register to one line: inference runs locally, on hardware you own, and no conversational data reaches any AI provider. There is no model-training clause to negotiate because no vendor ever holds the data to train on.
The German case is the sharpest version
Germany illustrates why “never created” beats “created, then governed.” Under § 201 StGB, recording a non-public conversation without consent is a criminal offense — not a civil compliance gap. German counsel has noted that a pipeline that transcribes in volatile memory and never writes audio to a sound carrier generally does not meet the elements of the statute. The legal distinction between never fixed and fixed then deleted is the same distinction the architecture enforces.
For consultants and advisors working with German or EU clients — or under EU-headquartered procurement — this is increasingly the difference between a vendor-risk questionnaire that takes an afternoon and one that takes a quarter.
What to ask any vendor claiming GDPR compliance
Five questions separate compliance-by-architecture from compliance-by-DPA:
FIVE QUESTIONS FOR ANY VENDOR CLAIMING GDPR COMPLIANCE 1. Does audio ever leave the device? (If yes: to whom, under which transfer mechanism?) 2. Is audio ever written to disk, even transiently, even client-side? 3. Which subprocessors touch conversation content, and can they change without notice? 4. Is any conversational data used for model training or "service improvement"? 5. If a participant files an erasure request tomorrow, what exists to erase? Fazit's answers: no, no, none, no, and a Markdown file you already control.
The full security posture is documented at getfazit.com/security.
FAQ
Is it GDPR-compliant to use an AI notetaker on client calls?
It can be, but with a cloud notetaker you carry the controller obligations: a lawful basis, an Article 28 DPA, transfer mechanisms, and DSAR handling for every recorded participant. An on-device notetaker that never persists audio removes most of that surface — though consent and professional-conduct duties for the conversation itself still apply.
Does GDPR require consent to record a call?
GDPR requires a lawful basis for processing, which is not always consent — but national recording laws (like Germany’s § 201 StGB, and all-party consent rules elsewhere) sit on top of GDPR and are often stricter. Transcribing without persisting audio changes the analysis in some jurisdictions; it does not remove the courtesy or duty of telling participants. The US side of that map is in Is It Legal to Record Client Calls?
Are meeting transcripts personal data under GDPR?
Yes. A transcript of identifiable speakers is personal data even without audio. The difference is footprint: a local Markdown note you control versus audio plus transcript plus embeddings replicated across a vendor’s infrastructure.
Does the EU AI Act ban AI meeting assistants?
No. Notetakers are not high-risk systems. But the Act’s transparency and governance obligations — most applicable from August 2, 2026 — make every AI vendor in your stack something you must be able to document. On-device inference keeps that documentation trivial.