Does Your AI Notetaker Train on Your Data? The 2026 Privacy Reckoning
Several popular AI notetakers train their models on your meetings by default. Here is who does it, how to opt out, and why on-device tools sidestep the problem entirely.
Yes, several of the most popular AI notetakers train their models on your meeting content by default, and the opt-out is often buried in settings or reserved for higher-priced tiers. Otter, Granola, and Notta all use customer conversations to improve their AI unless you actively turn that off. A handful of others — Fathom, Fellow, Zoom AI Companion — contractually commit not to. And on-device tools like Hedy and MacWhisper sidestep the question entirely, because audio that never leaves your machine is audio there’s nothing to retain. If you record sensitive meetings, the difference between these three groups matters more than any feature comparison.
Why this became a 2026 story
The training-on-your-data question stopped being theoretical when the litigation started. Otter.ai is now a defendant in a consolidated federal class action, In re Otter.AI Privacy Litigation, in the Northern District of California. The lead complaint, Brewer v. Otter.ai, was filed in August 2025 and alleges that Otter recorded conversations without all-party consent and used those recordings to train its models. The case has not established liability. But it put a precise claim in front of the public: that a popular meeting tool was building its product on conversations people didn’t know were being harvested.
A separate thread runs through Fireflies.ai, which faces biometric-privacy litigation under Illinois’s BIPA statute over how it captures voiceprints. That’s a different issue — a consent-and-biometrics problem, not a “trains-by-default” one — but it lands in the same place for a buyer: read the data terms before you connect a tool to your calendar, because the defaults are not built around your interests.
The regulatory clock adds context. The EU AI Act’s transparency obligations under Article 50 — disclosing when people are interacting with AI and labeling AI-generated content — start applying on August 2, 2026. The strictest rules for high-risk workplace-monitoring systems were pushed to late 2027 under the Act’s revised timeline, so they are not in force yet. But the direction of travel is clear: a meeting assistant that quietly trains on staff conversations is exactly the kind of system regulators have started to scrutinize.
Who trains on your data
Here is where the major tools stand, based on their published terms as of mid-2026.
| Tool | Trains on your data? | Opt-out available? |
|---|---|---|
| Otter.ai | Yes, by default | Yes, in settings |
| Granola | Yes, by default | Org-wide opt-out on $35/user Enterprise tier |
| Notta | Yes, for Japanese-speaker conversations | Enterprise tier |
| Fathom | No — contractual no-training | N/A |
| Fellow | No — “never trains AI on customer data,” HIPAA + BAAs | N/A |
| Zoom AI Companion | No — does not use customer content to train | N/A |
| Hedy | No — audio on-device, AI providers contractually barred | On-device by design |
| MacWhisper | No for local transcription (optional AI summaries/chat use cloud/API) | Local by default |
The pattern worth noticing: where opt-outs exist, they often cost something. Granola’s org-wide training opt-out is a feature of its $35/user Enterprise tier, not the default for individual users. Notta trains on Japanese-speaker conversations and gates the opt-out to Enterprise as well. So the people most likely to be training fuel — individuals and small teams on entry plans — are also the people with the least control. If you’re on a free or starter plan with one of these tools, assume your meetings are improving someone’s model.
How to check and change your settings
You don’t have to take a marketing page’s word for it. Three concrete steps:
Open the data-controls section of your account. Most tools that train by default put the toggle under a “Data,” “Privacy,” or “AI improvement” heading in account settings, not in the main preferences. With Otter, the control lives in the account-level privacy settings; turning it off stops your future content from feeding training. Do this for every account in your organization, not just your own — shadow accounts that associates set up are the real exposure.
Read the data-processing terms, not the homepage. “We take privacy seriously” is not a commitment. “We do not use customer content to train our models,” written into a DPA or BAA you can sign, is. Fathom, Fellow, and Zoom AI Companion make that commitment contractually; that’s a meaningfully stronger position than a settings toggle a vendor can change in a future update.
Match the tool to the sensitivity of the meeting. A weekly standup and a board session carrying material non-public information do not need the same posture. For the sensitive end, prefer tools where training is structurally impossible. After you’ve audited your accounts, you’ll usually find two or three tools in use that should be consolidated down to one with terms you’ve actually read.
Why on-device tools sidestep the problem
The cleanest answer to “does this tool train on my data” is to use a tool that never has your data to begin with. On-device processing changes the question from a policy promise to an architectural fact. If the audio is transcribed and analyzed on your own machine and never uploaded, there is no vendor-side store to retain, no transcript to subpoena, and nothing to feed a training run.
MacWhisper is the strictest version of this: a Mac app running local Whisper models with no cloud component for transcription. It’s transcription-first, so you trade away the live summaries and coaching that change how you work through a call, but for a record-only use case it carries almost no vendor risk.
Hedy takes the on-device approach further while keeping the AI features. Audio stays on the device, and the AI providers Hedy uses for analysis are contractually prohibited from training on your content. It also offers EU and US data residency, achieved SOC 2 Type I in April 2026, and signs HIPAA BAAs — the combination most teams under a compliance framework are actually looking for. It’s why Hedy sits at #1 in our privacy category guide and our overall rankings.
None of this means cloud tools are unusable. Fathom (which has a strong free tier), Fellow, and Zoom AI Companion all commit contractually not to train on your content, and for many teams that’s enough. The point is narrower: the default behavior of the category leans toward harvesting, the opt-outs are uneven and sometimes paywalled, and the only way to know where you stand is to check the data-controls settings yourself and read the terms you’re agreeing to. For the meetings that would genuinely hurt to leak, an on-device or contractual no-training tool isn’t a preference. It’s the baseline.
Related Articles
2026 AI Meeting Assistant Trends to Watch
From on-device AI to real-time coaching, here's what's shaping the meeting assistant market this year.
Do AI Meeting Bots Make Your Meetings Awkward?
That 'Fireflies.ai Notetaker has joined' notification changes the dynamic. Here's why it matters.
The Rise of On-Device Meeting AI
Why the future of meeting intelligence is moving from the cloud to your device.