Defensible Mode

What we send. What we don't.

Most voice tools tell you what they promise not to do. This page tells you what they cannot do, given how the engine is built. Read it carefully. Verify it yourself.

The commitment

Audio doesn't leave your Mac for transcription. Whisper.cpp runs locally on Apple Silicon via Metal. The text transcript is what reaches the reasoning step when you invoke a cloud tool. Your voice profile (a LoRA adapter trained on your own usage) sits on your disk and never syncs. Defensible Mode (the user-facing toggle, on by default in v1.1+) gates the cloud reasoning and telemetry layers on top of that.

The data flow

  1. 01 · Push-to-talk
    Local

    Audio captured from microphone. Held in memory only.

  2. 02 · Transcription
    Local

    Whisper.cpp on Metal. Audio is processed and discarded. The transcript stays in memory.

  3. 03 · Personal voice profile
    Local

    Optional LoRA adapter improves accuracy on your voice over time. Trained in batches when your Mac is idle. Never synced.

  4. 04 · Reasoning
    Cloud (opt-in)

    Transcript plus selected screen context is sent to OpenAI Realtime. Audio is not sent. Per OpenAI's API data policy, content is not used for training and is retained 30 days for abuse monitoring.

  5. 05 · Synthesis
    Cloud

    Response text is sent to ElevenLabs. Audio is returned and played locally. No input audio is transmitted.

What stays on your Mac

  • All input audio. From microphone capture through transcription and disposal.
  • Your personal voice profile (LoRA adapter, manifest, training shards).
  • Memory layer recall (v1.1+) — "where we left off" session state.
  • The Whisper model weights themselves (~1.5GB, downloaded once from a signed CDN).
  • Defensible Mode preferences and Defensible Mode opt-in/out history.

What does egress (when you opt in)

  • The transcript text of what you said, plus the selected screen context you asked the assistant to use, to OpenAI Realtime.
  • The response text to be spoken, to ElevenLabs.
  • Tool-call inputs (a Perplexity query, a web fetch URL, a Claude Code prompt) to those tool providers, when you invoke a tool.
  • Anonymous usage counts (push-to-talk count, tool-call count, error count) to ORBWEVA Labs — transcript-free, audio-free, and toggleable in Defensible Mode.

Legal frame

Because audio doesn't egress for ASR, biometric-data regimes (Illinois BIPA, GDPR Art. 9, Japan APPI, Korea PIPA) don't fire in the listening step. The transcript is personal data and is handled accordingly: retained on the user's device, transmitted only on opt-in, with deletion and access requests honored. A formal privacy policy ships before the Day-14 gate.

How to verify

  1. 01

    Open Little Snitch and watch outbound connections during a push-to-talk session.

  2. 02

    Run Wireshark on the loopback and Wi-Fi interfaces. Filter by On αlpha's process ID.

  3. 03

    Pull up the Activity Monitor network tab and confirm the bytes-out count stays flat during the listen step.

  4. 04

    When you invoke a cloud tool, you will see traffic to api.openai.com and api.elevenlabs.io. That is the reasoning and synthesis layer, not the listening layer.

How to forget

Settings → Defensible Mode → Forget my voice. Resets the LoRA adapter, deletes training shards, and clears the manifest. The Whisper base model stays (it's not personalized). The reset is logged in the manifest with a timestamp — not for our records, for yours.

Privacy posture · On αlpha | Orbweva Solutions