What Happens to Your Data When Using Otter.ai
We don’t allow note-taker apps during company meetings. Last week, one of our new people had their Otter.ai notetaker app come in before the meeting. It was promptly dismissed, and after the meeting, I took a few minutes to explain ‘you have no idea where that data goes.’ So.. I asked Perplexity “What happens to your data when using Otter.ai.” The intent wasn’t to poke at Otter, rather create a lesson for employees. Which is what it was used for…
Here’s what it told me (unedited)":
Otter.ai is a cloud-based transcription service that processes and stores your audio recordings, transcripts, and related personal information. Here’s a detailed overview of how your data is handled:
Data Collection and Usage
· Otter.ai collects and stores audio recordings, transcripts, and personal information you provide when using their services[1][2].
· Your data may be used to improve Otter.ai’s artificial intelligence models. This is typically done using de-identified data, meaning Otter removes information that could directly identify you before using it to train their models[2].
· In some cases, if you give explicit permission (such as when rating transcript quality), specific audio recordings may be manually reviewed by humans to further refine the AI[2].
Data Sharing and Third Parties
· Otter.ai shares your data with selected third-party service providers, such as data labeling companies and cloud storage providers (e.g., Amazon Web Services), to support and improve their services[2].
· Your data may also be disclosed to law enforcement or other authorities if Otter.ai deems it necessary, sometimes without your knowledge or consent[2][3].
· If Otter.ai undergoes a change in ownership (e.g., merger, acquisition), your data could be transferred to a new entity[2].
Data Security
· Otter.ai claims to use physical, administrative, and technical safeguards to protect your data from loss, misuse, unauthorized access, disclosure, alteration, and destruction[1][2].
· However, they acknowledge that data transmission over the internet carries inherent risks, and absolute security cannot be guaranteed[2].
Data Retention and Deletion
· Otter.ai retains your data for as long as necessary to fulfill the purposes outlined in their privacy policy, or as required by law[1][2].
· When you delete your account, your account details, conversations, and associated data are permanently deleted from Otter’s servers. Some limited information (like your email) may be retained for administrative purposes[4].
· Data that has already been used to train AI models may not be fully removable from those models, even after your account is deleted[2].
User Rights and Control
· You retain ownership of the data you upload to Otter.ai[5].
· You have rights to access, correct, or delete your personal information, subject to verification and certain legal limitations[1].
· If you are part of an enterprise agreement, your organization may be the data controller, giving them more control over your data[2].
Compliance and International Transfers
· Otter.ai complies with international data privacy frameworks (such as the EU-U.S. Data Privacy Framework) and claims to use appropriate safeguards for cross-border data transfers[1][2].
· Data may be stored and processed in countries outside your own, which could be relevant for compliance with regulations like GDPR or HIPAA[2].
Key Considerations
· Confidentiality: While Otter.ai uses de-identification and security measures, there are still risks of unauthorized access, especially when sharing data with third parties or during internet transmission[2].
· Manual Review: Some data may be accessed by humans if you provide explicit consent[2].
· Law Enforcement: Otter.ai may share your data with authorities if required or deemed necessary[2][3].
· Account Deletion: Deleting your account removes your data from Otter’s servers, but not necessarily from AI models already trained on it[4][2].
> “Your sensitive call data is used to train Otter.ai’s AI models. Even though they mention de-identified audio recordings, transcriptions used for training may still contain confidential information. Additionally, manual reviews involve human access to specific audio recordings, potentially exposing sensitive content.”[2]
If you handle highly sensitive information or require strict confidentiality, carefully review Otter.ai’s privacy practices and consider whether they align with your needs. For maximum control, consider negotiating a custom enterprise agreement or exploring alternative solutions[2].
1. https://otter.ai/privacy-policy
2. https://blog.buildbetter.ai/do-they-own-your-data-otter-ai-privacy-policy-reviewed/
3. https://otter.ai/data-request-policy
4. https://help.otter.ai/hc/en-us/articles/360047870454-Delete-your-account