← Back to home Legal

Privacy Policy

Effective date: April 30, 2026

Murmur is a local-first desktop application. We have built it so that your audio, your transcripts, and your API keys never reach our servers — because we don't run any. This page explains, plainly, what is and is not collected.

1. The short version

• Murmur runs entirely on your computer.
• We, the makers of Murmur, do not operate any server that receives your audio, transcripts, or settings.
• Your API key is yours; it is stored on your machine and used only to talk to the provider you chose.
• When you dictate, your audio is streamed directly from your computer to the provider you selected (Groq or Google Gemini). Their privacy policies apply to that leg.
• A local file, history.json, stores your recent transcripts on your machine until you clear it.

2. Information we do not collect

Because Murmur has no backend service, we do not collect, receive, store, or process: audio recordings, transcripts, API keys, account information, telemetry, crash reports, analytics events, IP addresses, device identifiers, or usage statistics.

3. Information stored locally on your device

The Murmur application creates and reads the following files on your computer:

• API keys. Stored using Windows DPAPI in the application's user data folder. They never leave your machine except to make requests to the provider you configured.
• Settings. Hotkey choice, dictation mode, microphone selection, theme, etc. Stored as JSON in your user profile.
• Recents history (history.json). A scrolling log of recent transcripts. Stored locally. Cleared when you press "Clear" — there is no soft-delete and no recoverable trash.
• Logs. Diagnostic logs of the app's own behavior (button clicks, errors). They do not contain audio or transcripts. They live in the application data folder until you delete them.

None of these files are transmitted anywhere by Murmur.

4. Third-party providers

Murmur sends the audio you dictate directly to the transcription provider you select. Today these are:

• Groq, Inc. — when you choose the Groq provider, audio is streamed to api.groq.com using the API key you supplied. Their handling of that data is governed by Groq's privacy policy and terms of service.
• Google LLC (Gemini API). — when you choose the Gemini provider, audio is streamed to generativelanguage.googleapis.com using the API key you supplied. Google's API privacy terms apply.

We strongly encourage you to read those providers' policies. Murmur cannot make commitments on their behalf, and the contractual relationship for that data is between you and them — not us.

5. How your audio travels

When you press your dictation key, Murmur opens a streaming connection from your computer to your chosen provider over HTTPS, sends the captured audio frames, and writes the returned text into whichever application has keyboard focus. Murmur does not retain the audio on disk. The transcript, however, is written to history.json for your convenience — see section 3.

6. Cookies and tracking

The Murmur desktop application does not use cookies, advertising identifiers, fingerprinting, or any form of tracking. The marketing website (this page) is served as static files and does not set tracking cookies.

7. Children's privacy

Murmur is not directed at children under 13, and we do not knowingly process information about children. Because we operate no servers and collect no information, we have no records to delete; if you are a parent or guardian who needs help removing data from your child's local installation, simply uninstall Murmur or delete the application's data folder.

8. Security

API keys are stored using Windows' Data Protection API (DPAPI), which encrypts data with a key derived from your Windows user account. If your computer is compromised at the user level, that protection no longer helps — keep your machine secure and revoke API keys at the provider if you suspect exposure.

9. Your rights

Because Murmur stores nothing on our side, requests to access, correct, or delete personal data are handled by you directly: open the application data folder and remove the files you want gone. For data held by Groq or Google, contact those providers using the channels they publish.

10. Changes to this policy

If we materially change this policy, we will update the effective date at the top and post the change on this page. Because Murmur cannot reach you, please check back here from time to time if this matters to you.

11. Contact

Questions or concerns? Email privacy@murmur.app. We aim to reply within five business days.

← Back to home