HearThen turns meeting recordings into calendar events and action items — without your audio ever leaving your own infrastructure. Transcription and AI extraction run entirely on your server, so legal, healthcare, and finance teams finally get meeting automation their compliance officers can approve.
Self-hosted by default
A single Docker Compose deployment that makes zero outbound calls. The only external connection is your own calendar — and only after a person approves it.
Compliance-friendly by design
Data lives on your server. GDPR delete workflows, a DPA template, and a BAA option give your compliance team what they ask for first.
99+ languages
Local speech-to-text handles meetings in 99+ languages, with speaker attribution so each action item lands on the right owner.
You approve every write
Extracted events wait in a review queue with confidence scores. Nothing reaches your calendar until you approve it. HearThen suggests; you decide.
Multi-user with a full audit trail
Roles, invite-only sign-up, and 2FA, plus an append-only audit log that records every action for 365 days.
Connects to your workflow
Signed webhooks push approved events into the automation tools you already run, with verifiable payloads.
Tech stack
- Self-hosted
- Local speech-to-text
- Private LLM
- Docker Compose
- OAuth calendar
- Signed webhooks
How it works
Three steps on your server, one on your approval.
Your audio never crosses your network boundary — the only outbound call is to your own calendar, and only when you say so.
- 01
Upload
Drop in a meeting recording — audio or video, up to 1 GB.
- 02
Transcribe locally
Speech-to-text runs on your own hardware, never in someone else's cloud.
- 03
Extract on-prem
A private model pulls out dates, events, and action items, each with an owner.
- 04
Approve & sync
You review each item and approve; only then is anything written to your calendar.
Security & compliance
Why compliance teams approve HearThen.
The architecture has the controls — and we're explicit about what's certified and what isn't.
Air-gapped by default
Zero outbound network calls out of the box. Verify it yourself with a packet capture on a fresh install.
Encrypted at rest
Archived audio, calendar tokens, and 2FA secrets are encrypted; passwords are hashed with per-password salts.
Strong access control
Password, SSO, and 2FA, with session revocation, refresh-token reuse detection, and lockout after repeated failures.
Append-only audit log
Every login, approval, and export is recorded with user, IP, and timestamp, and kept for 365 days.
GDPR delete workflow
Right-to-erasure with a 30-day grace period and a cascade across all stored data.
Honest about certification
"Supports" means the technical control exists; we never claim certifications we don't hold. Buyers verify — we respect that.
Built for
For the teams the cloud locked out.
If your compliance officer has already said no to cloud meeting AI, HearThen is built for you.
Legal
Keep privileged client conversations inside your own walls.
Healthcare
Process recordings with PHI without shipping them to a vendor — BAA available.
Finance
No material non-public information passing through undisclosed sub-processors.
Public sector
Data residency you control, with an audit trail behind every action.
FAQ
Frequently asked questions
Could the AI invent a meeting that was never agreed?
It never writes to your calendar on its own. It suggests each event with a confidence badge, you approve it, and every decision is recorded in the audit log.
Which regulations does it actually cover?
The architecture supports GDPR, HIPAA, SOC 2 and GLBA controls, with a DPA and BAA available. We do not claim certifications we don't hold — SOC 2 Type I is on the roadmap, not yet certified.
How can we trust the security from a small team?
You don't have to take our word for it: the network behaviour is verifiable yourself with tcpdump, the source is available, and the security documentation is public.
Have a project in mind?
Tell us what you want to build. We respond within one business day.