The database lives on your machine.

Seriesly is a local-first Mac app. Your meetings are recorded on the Mac you're already using, transcribed on the Mac you're already using, and stored in a file on the Mac you're already using. The default state of your data is on your disk.

Last updated · 27 May 2026 Jurisdiction · New York, USA Contact · support@series-ly.com

What gets captured, and where it lands.

A meeting starts. Seriesly's menu-bar daemon detects the Zoom or Google Meet window and asks you, the first time, whether to listen. If you say yes — and only if you say yes, with a one-click skip for any meeting you'd rather it sit out — the audio is captured through macOS's standard audio frameworks and written to a temporary file on your disk.

You are responsible for complying with any applicable recording-consent laws and for notifying the other participants in your meetings where required. Several US states (including California, Florida, Illinois, Maryland, Massachusetts, Pennsylvania, and Washington) require all parties on a call to consent before it can be recorded. Seriesly does not announce itself to other participants; that's your call to make.

A local speech model transcribes that file. The transcript and the recording are written to a SQLite database in your Application Support folder, where your disk encryption is the layer protecting it at rest. Everything after that — the briefs, the open loops, the topic pages — is computed on your machine from that database, sometimes ahead of time so it's ready when you need it.

Your meeting database lives on your disk, not ours; there is no Seriesly server holding transcripts at rest. When the app needs a model to draft a brief or answer a question, the relevant slice — excerpts, names, action items — passes through our proxy to Anthropic, OpenAI, or Google. The proxy logs request traffic on our side for debugging and abuse prevention, and the providers handle the call under their own logging and retention policies (each publishes its own). If that's tighter than you can tolerate, the bring-your-own-key option in settings sends the call directly from your machine to the provider on your account — we do not see it, and nothing about that request lives on Seriesly infrastructure.

Seriesly is for adults: you must be at least 18 to use the app. If you are buying it for a team, the same applies to every seat.

i.Audio captured from the active callYOUR DISK
ii.Transcribed locally via on-device speech modelYOUR CPU
iii.Written to a SQLite database on your diskYOUR DISK
iv.Briefs & deltas generated on demand from that databaseLOCAL
v.Long-form synthesis · routed via our proxy to Anthropic / OpenAI / Google under their policiesIN TRANSIT
vi.Or bring your own key · model calls go direct from your machineYOUR KEY

What we ask Google for, and what we do with it.

Two purposes bring Seriesly and your Google account together. The first is identity: if you sign in to Seriesly with Google, we receive the name and email address attached to that Google account so we can hang your subscription on a stable handle that survives a fresh install on a new Mac. The second is the calendar integration itself — a separate, opt-in step inside the app — which grants read-only access to your Google Calendar's event titles, times, and attendee lists so the app can see a meeting is about to start and have a brief ready before you click join. That is the entire grant: name, email, and the events on your calendar. Nothing else: not Drive, not Docs, not Gmail, not contacts.

Calendar data flows into the same SQLite file on your Mac that holds everything else. It is read by the app to detect upcoming meetings, threaded into pre-meeting briefs displayed in-app, and otherwise left alone. There is no Seriesly server retaining your calendar; the OAuth token is stored in your macOS Keychain, the events are stored on your disk, and the briefs are computed from those two places on your machine.

Seriesly does not transfer Google user data to anyone else. We do not sell it, we do not share it with third parties, we do not feed it into advertising of any kind, and we do not let humans on our side read it. The only egress is the same proxy hop described above: when a model needs to draft a brief, the relevant excerpt passes through to Anthropic, OpenAI, or Google under their published policies, and bring-your-own-key keeps even that hop off our infrastructure entirely. You can revoke the connection at myaccount.google.com/permissions at any time; the events already on your disk stay on your disk until you delete the database.

Seriesly's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

How your data is kept secure.

Seriesly protects your data — including sensitive Google user data such as your calendar events, name, and email — with industry-standard security measures, both in transit and at rest. Every network connection the app makes, from sign-in to the calendar sync to each model call, travels over an encrypted HTTPS/TLS channel. Nothing sensitive is ever sent in plaintext.

At rest, your meeting database and the calendar events inside it live in a SQLite file on your own Mac, protected by the operating system's full-disk encryption — we recommend you keep macOS FileVault enabled, and the app's at-rest protection is built on it. OAuth tokens, including the token that grants calendar access, are never written to that database and never stored in plaintext: they are held in the macOS Keychain, encrypted by the operating system and bound to your device so they cannot sync off it or be read by another application.

On our side, the small amount of information we retain — your sign-in email and subscription record — is held with our infrastructure provider encrypted in transit and at rest. No Seriesly employee can read your Google user data; it never reaches a Seriesly server in a form we keep. We take reasonable and appropriate steps to protect every system that touches Google API data against unauthorized or unlawful access, use, destruction, loss, alteration, or disclosure. If a confirmed breach ever touches data we hold, we notify affected users within 72 hours.

i.In transit · every connection — sign-in, calendar sync, model callsHTTPS / TLS
ii.At rest, on your Mac · the SQLite database holding calendar events & transcriptsFILEVAULT
iii.OAuth tokens · OS-encrypted, device-bound, never written in plaintextKEYCHAIN
iv.On our servers · sign-in email & subscription record onlyENCRYPTED
v.Human access to Google user dataNONE

The file is yours to take.

The database is a single SQLite file. You can open it with the standard tooling — DB Browser, the sqlite3 CLI, anything that speaks the format. You can copy it to a backup disk. You can move it to a new Mac when you upgrade. Weekly digests and team pulses export to plain Markdown from inside the app; the rest you can pull straight from the database.

This matters because most software in this category treats your meetings as their data, not yours. We do not. The way you leave Seriesly is by quitting it; your years of meeting memory leave with you.

What Paddle sees, and we do not.

When you subscribe, you're paying Paddle — not Seriesly directly. Paddle is our merchant of record: they handle the card processing, the VAT and sales tax for your jurisdiction, and the receipt that lands in your inbox. We see the outcome of that transaction, not the transaction itself.

What Paddle sees is the usual checkout payload: your name, the email you bought under, your billing address, the payment method you chose, and the country code that decides your tax rate. They never see meeting content, transcripts, calendars, or anything that lives inside the app. Paddle stores this in their EU and US data centers; cross-border transfers between those jurisdictions are governed by Standard Contractual Clauses. Their own privacy policy at paddle.com/legal governs that side of the deal.

What Seriesly sees, on our side.

When you subscribe, you sign in with Apple or Google inside the app. Paddle handles the transaction; we store the email address that identity provider hands us and a record of your active subscription. We send you release notes when there's a release. That is the extent of the relationship.

The app periodically checks that your subscription is still active. The check uses your signed-in session and the version of the app you're running — no meeting content, never.

We don't run analytics on what you do inside the app, because the only place to run them would be your machine, and we'd rather respect the quiet. This site sets no cookies; Paddle's checkout overlay may set its own — see paddle.com/legal.

Sign-in email addresses and the subscription records tied to them are kept for the life of the subscription plus seven years for tax records, then deleted. Meeting databases are not retained by us — they live on your disk, never on ours. If a confirmed breach ever touches the small pile of information we do hold, we'll email affected users within 72 hours.

Your rights, same shape on both sides.

GDPR if you're in Europe, CCPA if you're in California. The shape is the same and we honor both. You can ask what we know about you and we will send back a copy — for us that is the email tied to your sign-in and a record of your subscription state, which is most of what there is.

You can ask us to delete your account. We erase the license record thirty days after the request, once the refund window has closed. Portability barely applies in our case: your meeting database already lives on your disk, in a file format anyone can open. There is nothing for us to export to you that you do not already have.

If you believe we've handled your data badly and we can't sort it out between us, you can complain to your local supervisory authority in the EU or to the California Attorney General's office. For anything in this essay — access, deletion, complaint, or a plain question — write to support@series-ly.com.

Two connectors. Each one optional.

Each connector reads what it needs to answer questions you ask — and writes only when you confirm an action. You grant each one separately; you can revoke any of them at any time without losing what's already in your database.

Google CalendarEvent titles, attendees, times. Reads your primary calendar only.SCOPE · CALENDAR.READONLY
Obsidian vaultLocal folder pointer. Reads notes from anywhere in the vault; writes Seriesly-generated meeting and series notes into a Seriesly/ subfolder you can delete any time.LOCAL · READ + SCOPED WRITE

For data-protection purposes the controller of record is HRH Labs LLC, a New York limited liability company, publisher of Seriesly, contactable at support@series-ly.com.