Architecture
Security by construction.
Every guarantee is enforced in code and can be audited in the open source repository.
The five invariants
01
Audio exists only in RAM
The AudioRingBuffer type has no write-to-disk method. By design. This invariant is load-bearing.
02
Destruction is total and unconditional
destroyAudio() is called on every code path — success, error, early exit, crash recovery.
03
No network during operation
Only localhost (Ollama) and the initial one-time public model download. No Fazit servers exist.
04
No biometrics or voiceprints
We deliberately do not implement speaker recognition. No BIPA surface, no training data.
05
Output is text only
One Markdown file written to a location you control. Frontmatter always declares audio_retained: false.
Verifiable data flow
Four stages. One of them never exists on disk.
This diagram is implemented in the shipped code. Every arrow is enforced.
Compliance by design
Fazit was built with German and EU regulatory reality in mind from day one.
- §201 StGB (Germany) — RAM-only pipelines that never write audio generally do not meet the statutory definition of a “recording on a sound carrier.”
- GDPR / DSGVO — no cross-border transfers during normal operation. All processing is local.
- Works council & DPO friendly — the architecture and our shipped collateral make review straightforward.
- Auditability — the entire claim is open source. Anyone can verify the invariants.