Enterprise privacy & security overview

Wispr Flow is built to meet the expectations of enterprise security teams. This document explains how data moves through the system, what is and isn't stored, and how the design keeps risk low while delivering accurate, context-aware dictation.

Privacy-first by design

Privacy Mode is enabled by default for Enterprise accounts, and we recommend enforcing it across the organization. With Privacy Mode on, dictation data is ephemeral on Wispr Flow and third party servers: audio and transcripts are never written to long-term storage. They exist only in memory for the life of a request, then are discarded.

When dictation completes, the text returns to the user's device, is inserted into the active application, and is saved locally. Nothing is left server-side to be accessed, audited, or repurposed later.

How dictation data flows through the system

When a user dictates, audio streams securely from the desktop or mobile client to our servers, where audio and intermediate transcripts are processed entirely in memory. No disk writes or persistent logs are created.

Most processing runs on Wispr Flow–managed infrastructure. Some model requests are forwarded to vetted third-party providers, all of which operate under signed zero-data-retention agreements that prohibit storing, inspecting, or training on customer data. This is confirmed and in force with the leading AI providers in our stack.

When processing finishes, the transcript returns to the client and all in-memory data on our servers is discarded. With Privacy Mode on, nothing remains—within our systems or any subprocessor's.

This is Zero Data Retention (ZDR): dictation is never saved, can't be accessed later by Wispr Flow staff, and is never used for training. The one exception is when a user chooses to report a specific transcription for diagnostics.

A note on how we use AI: our models transcribe—they don't make automated decisions about users. We don't train on customer dictation, and input passes through validation and structured prompt handling before reaching a model. The result is a narrow, predictable AI risk profile.

Context awareness and accuracy

Optional context awareness is what makes Wispr Flow far more accurate than traditional dictation. When enabled, it sends a small amount of text from the active application with the request, so the system spells names correctly, recognizes technical identifiers, and understands domain-specific terms.

A support agent replying to a ticket gets "Bryan" spelled right without fixing it. Engineers get accurate variable names, file paths, and tooling references. The same holds for sales, customer success, and management work where precise wording matters.

Admins can disable context awareness globally, though doing so meaningfully reduces accuracy for many roles. Even when it's on, context data is never stored or used for training while Privacy Mode is active.

High-level architecture

This diagram shows how dictation data flows through Wispr Flow, and where no data persists.‍

%%{init: {'theme': 'base', 'themeVariables': {'primaryColor': '#ede9fe', 'primaryTextColor': '#3b0764', 'primaryBorderColor': '#a78bfa', 'lineColor': '#6b7280', 'edgeLabelBackground': '#ffffff'}}}%%
flowchart TB
    A[User Device\nDesktop / Mobile]:::device -->|Encrypted Audio Stream| B[Wispr Flow API]:::api
    B -->|Final Text| A
    B -->|In-Memory Processing| C[Wispr Flow Core Services]:::api
    C -->|Transcript| B
    A -->|Local Save| F[On-Device Storage\nLocal Only]:::device
    C -->|Limited Requests| D[Third-Party Models\nZDR Agreements]:::third
    C -.->|No Persistence| E[(No Storage)]:::none
    D -.->|No Retention| E

    classDef device fill:#ede9fe,stroke:#7c3aed,stroke-width:1.5px,color:#3b0764
    classDef api fill:#ccfbf1,stroke:#0d9488,stroke-width:1.5px,color:#134e4a
    classDef third fill:#fef3c7,stroke:#d97706,stroke-width:1.5px,color:#78350f
    classDef none fill:#f3f4f6,stroke:#9ca3af,stroke-width:1px,color:#374151

‍Local-only transcript and audio storage

After dictation, transcripts—and optionally audio—are stored locally on the user's device to support recovery cases: a failed text insertion, reusing an audio file, or reporting an issue.

These files never leave the device unless the user shares them. Wispr Flow staff cannot access them, and users can delete their local history anytime in settings.

Limited data that syncs across devices

To work seamlessly across desktop and mobile, Wispr Flow syncs a narrow set of non-dictation data: dictionaries, snippets, high-level usage statistics, and notes written in the Wispr Flow Notes tab. Dictation inserted into third-party applications is never synced.

Account metadata and diagnostics

Wispr Flow keeps limited non-content metadata for diagnostics and improvement: the application where dictation occurred, word counts, request latency, and basic device or OS information. It is encrypted at rest, and access is limited to a small, authorized group.

Security controls

Wispr Flow applies standard controls across endpoints, devices, and cloud. Endpoints run CrowdStrike managed detection and response (MDR). Mobile devices are managed through MDM with remote wipe. In the cloud, we run continuous vulnerability scanning, regular dependency audits, and least-privilege access.

Enterprise controls and access management

• SSO/SAML enforcement. Enforce single sign-on through your identity provider. When on, all non-SSO logins are blocked, so access is governed entirely by your IdP.
• SCIM provisioning. Automate user provisioning and deprovisioning so access matches your directory of record.
• Role-based access control. Permissions are scoped by role.
• Configurable session controls. Session duration and token expiry align to your policies.
• Phishing-resistant MFA, internally. We enforce FIDO2 / WebAuthn keys and passkeys across our own organization—the standard we'd expect of any vendor.

Independent testing and transparency

• Penetration testing. Annual third-party testing, expanding to an additional independent firm.
• Software Bill of Materials (SBOM). We can share a complete CycloneDX SBOM of our dependency tree under NDA for supply-chain review.
• Bug bounty. A public program with rewards for critical findings and legal safe harbor for researchers who follow our disclosure policy. We invite outside scrutiny.
• Documented policies. SDLC, change management, network security, and data-masking standards, available under NDA.

Migrating a team: Historical data purge

When an organization moves users from individual plans to an Enterprise deployment with Privacy Mode and ZDR enforced, we can perform a one-time purge of historical dictation across primary stores and backups for a specified list of user IDs, with a written attestation confirming completion. Security teams start from a clean, documented baseline.

Compliance and independent verification

Our compliance program runs on continuous control monitoring (Drata) and independent third-party audits (A-LIGN, one of the most widely used SOC 2 auditors).

• SOC 2 Type 1 — completed, clean unqualified opinion.
• SOC 2 Type II — re-audit in progress with A-LIGN.
• ISO 27001 — in progress with A-LIGN.
• HIPAA — available with a signed Business Associate Agreement (BAA).
• HECVAT Full (v4.1.5) — completed. The standard security assessment used in higher-education procurement, available to education customers to speed their reviews.

Our controls (MFA, SSO, MDM, endpoint detection, encryption, role-based access, audit logging) are independently verified and operational. Audit reports, the subprocessor list with regions and retention terms, our Data Processing Agreement (DPA), and the system Data Flow Diagram are available under NDA through our Trust Center.

What this means for CISOs

Wispr Flow is simple from a risk standpoint. Dictation is ephemeral, never stored, never reused. Local data stays local. Context awareness is powerful but admin-controlled. Metadata is limited, encrypted, and access-controlled.

For an organization-wide rollout, this minimizes exposure while delivering materially better dictation than the alternatives. Deeper documentation and technical reviews are available on request.