What Whispur does with your data

Short version: nothing we don't need to, and nothing that leaves your Mac without your say-so.

Audio

When you hold your shortcut and talk, Whispur captures audio locally and normalizes it (16kHz mono PCM) for transcription. Audio is written to a temporary file in the system sandbox, transcribed, and deleted.

If you picked the Apple speech engine — audio never leaves your Mac.
If you picked a cloud provider (OpenAI, Deepgram, ElevenLabs) — audio goes directly to that provider using your API key. Whispur has no intermediary server.

Transcripts

Transcripts are pasted into the app you have focus on, and (if enabled) logged in a local Run Log you can clear at any time. Whispur never sends transcripts anywhere other than, optionally, the LLM cleanup provider you configured — again, directly to that provider, not to us.

API keys

API keys are stored in macOS Keychain and used only to authenticate requests to the provider you picked. We never see them.

Analytics & telemetry

The Whispur app does not phone home. The only network traffic it initiates is to the provider(s) you configure and to Sparkle's update feed.

The Whispur website (whispur.app) uses Vercel Web Analytics and Speed Insights — cookie-free, privacy-friendly, no personal data. They count page views and measure performance to help us improve the site. No tracking across sites, no selling data.

Update checks

The app checks whispur.app/appcast.xml for new releases. The request includes a standard User-Agent and your app version — nothing identifying. Updates are cryptographically signed (EdDSA) before install.

Source code

Whispur is MIT-licensed. Read it, audit it, fork it — github.com/sophiie-ai/whispur.

Contact

Questions? Open an issue on GitHub or reach out via the Sophiie AI website.

Last updated: 2026-04-12