Privacy

Last updated May 27, 2026

The short version

Stroki runs entirely on your Mac. Your audio and transcriptions never leave your device — we have no servers that can see them.

We do send anonymous, aggregate usage signals (e.g. "someone opened the app today, on macOS 14, using Parakeet 110M") to our own Cloudflare-hosted server, so we know whether anyone is using Stroki and which features matter. You can turn this off in Settings → Privacy. The toggle is the whole story; there is no hidden second tier.

We do not use any third-party analytics SDK. No PostHog, no Google Analytics, no Mixpanel, no Segment. The only third party that ever sees a request from Stroki is Cloudflare (the company that hosts stroki.ai and our analytics endpoint).

What we send when analytics are on

Each event includes:

  • The event name (e.g. "app_launched", "engine_selected", "dictation_completed").
  • Your Stroki app version and macOS version (e.g. "0.1.0" + "macOS 14.5").
  • Country (2-letter code, derived at our edge from your network connection and then discarded — we never store your IP address).
  • A daily-rotating anonymous hash. The hash is built from a per-install random number plus a salt that changes every UTC day on our server. The same Mac produces a different hash every day. We cannot link your activity across days, and neither can anyone with access to our database.
  • A small payload of structured properties (e.g. which engine variant you selected, how long a session lasted, a coarse word-count bucket like "50–200"). Every property name is on a server-side allowlist; anything else is rejected before it touches the database.

What we never collect

We never send, store, or transmit:

  • Your audio, in any form.
  • Your transcriptions or any text you produce in Stroki.
  • The contents of any files.
  • Specific file or app names or bundle identifiers. We do record a coarse category (e.g. "code editor", "browser", "chat", "other") for the dictation context so we know whether dictation gets more use in IDEs vs browsers vs chat apps.
  • Your name, email address, or any other personally identifying information.
  • Your IP address or any precise location.
  • Free-form strings of any kind — the analytics event schema only accepts known property names and known value types.

How we identify devices (anonymously)

Stroki generates a random number the first time it runs and stores it in your local user defaults. It also reads your Mac's hardware UUID (the same identifier Apple recommends for device identity). It hashes the two together once and discards the originals.

When you opt in to analytics, the app sends this device hash to our server. The server then mixes it with a fresh salt that rotates every UTC day and writes only the salted, hashed result into the database. The original device hash is never written to disk on our side.

Net effect: the same Mac that sent an event yesterday and an event today appears as two unrelated identifiers in the data. We genuinely cannot connect them.

How to turn analytics off

Open Stroki → Settings → Privacy → toggle "Share anonymous usage data" off. Events stop firing immediately on your next dictation, launch, or feature interaction.

We will still receive a count of installed app versions when Stroki checks for updates (the update-check is a normal HTTPS request to our update feed; it carries no identifier beyond the version string). This is necessary for us to ship security updates.

How long we keep events

We delete events older than 18 months automatically. Daily salts older than 18 months are dropped at the same time, so even the salted hashes can never be re-derived after that window.

Who has access

Our analytics dashboard lives at stroki.ai/admin and is protected by a team password. Only Stroki operators can sign in. The data never leaves our Cloudflare account.

When this changes

If we ever start collecting something not listed on this page, we will update this page first and call it out in release notes. We will not change the default to a different opt-in/opt-out posture without a fresh in-app disclosure.

Contact

Questions, corrections, or a data deletion request? Email [email protected]. We respond to all privacy emails personally.