FlowMoose Privacy & Security Whitepaper
Version 1.0
Last updated: 2026-05-09
Last fact-checked: 2026-05-09 (against FlowMoose v1.1.2)
1. Summary
FlowMoose is a macOS voice-dictation application. A user holds a keyboard shortcut, speaks, and releases. FlowMoose records the audio locally, transcribes it on-device with OpenAI’s Whisper model, and pastes the resulting text into the focused application. Audio, transcripts, and dictation history never leave the user’s Mac. The application contacts only four hosts on the network, all enumerated in §4.
2. Architecture
The user-facing pipeline is on-device end-to-end:
┌──────────┐ ┌─────────────────┐ ┌───────────────┐ ┌────────────┐
│ Audio │───▶│ Whisper (local) │───▶│ Transcribed │───▶│ Pasted into│
│ capture │ │ ggml-small.bin │ │ text (local) │ │ focused app│
└──────────┘ └─────────────────┘ └───────────────┘ └────────────┘
all four steps execute on the user's Mac. No server side.No audio bytes, no transcribed text, and no dictation history is transmitted from the Mac. There is no cloud transcription path, no “send for review” option, and no toggleable cloud mode. The processing pipeline is local-only by construction.
3. Data Handling
Each data type FlowMoose touches, where it lives, and whether it leaves the device:
| Data type | Location on disk | Leaves the device? | Retention | Encryption at rest |
|---|---|---|---|---|
| Audio recordings | In-memory only | No | Deleted immediately after transcription | N/A (never written to disk) |
| Transcribed text | Local app sandbox | No | Stored as dictation history (max 500 entries, auto-pruned) | macOS APFS volume encryption (FileVault, when enabled) |
| Dictation history | Local app sandbox | No | 500 most recent entries; older entries auto-pruned | macOS APFS volume encryption (FileVault, when enabled) |
| Settings & preferences | Local user defaults | No | Until user resets or uninstalls | macOS APFS volume encryption (FileVault, when enabled) |
| License key | Local user defaults | Sent to api.lemonsqueezy.com every ~14 days for validation (see §4) | Until user removes license | macOS APFS volume encryption (FileVault, when enabled) |
| Whisper model file | Local app support directory (~466 MB) | No (downloaded once on first launch from huggingface.co) | Until user uninstalls or clears cache | macOS APFS volume encryption (FileVault, when enabled) |
4. Network Activity
The following table enumerates every host the FlowMoose macOS app contacts. This list is exhaustive; if a future release adds, removes, or changes a host, this document is bumped to a new version (see §9).
| Host | Purpose | Trigger | Frequency | Payload | If blocked | Operator |
|---|---|---|---|---|---|---|
huggingface.coalso: cdn-lfs.huggingface.co | First-launch download of the Whisper model file (ggml-small.bin, ~466 MB). One-time per installation. | first-launch | Once, on first launch | Standard HTTPS GET for the model file. No request body, no FlowMoose-specific headers, no user identifier. | Model fails to download. FlowMoose cannot transcribe audio until the network is reachable. The rest of the app stays usable; no data loss. | Third-party: HuggingFace, Inc. |
flowmoose-releases.s3.eu-central-1.amazonaws.com | Update check and DMG download via the Sparkle framework. EU-region S3 bucket (Frankfurt) operated by LeanBytes UG. Pull-only mechanism. | startup, periodic | On startup, then every 1 day | HTTPS GET for the appcast XML. No request body, no user identifier, no telemetry payload. | FlowMoose continues running on the currently-installed version. No data loss; only future updates are missed. | LeanBytes UG |
api.lemonsqueezy.com | License validation for active subscriptions. Only fires after the user enters a license key (post-purchase). During the free trial there is no Lemon Squeezy network call. | periodic | Every 14 days | License key plus installation identifier. No audio, no transcripts, no dictation history. | Subscription state stays as-of-the-last-successful-check for the Lemon Squeezy dunning grace period (about 21 days from a failed renewal). After the grace period, FlowMoose enters its perpetual fallback or trial-expired state. | Third-party: Lemon Squeezy (merchant of record for FlowMoose subscriptions) |
push.pandalytics.io | In-app analytics endpoint. Operated by LeanBytes UG. This is NOT a third-party SDK or vendor — Pandalytics is a LeanBytes-built service receiving FlowMoose usage events directly. | user-action | On user action | Non-identifying usage data only: feature usage, timestamps, app version, OS version, device type, coarse country, installation identifier, session identifier, locale, and event signals (transcription success, delayed paste, history-entry copy). No audio, no transcripts, no personally identifiable information. | Events queue locally and retry on the next successful network call. App functionality is unaffected; events that exceed the retry window are dropped. | LeanBytes UG |
The website at flowmoose.app uses Vercel Web Analytics (cookieless, no cross-site tracking) for page-view and conversion measurement. The website analytics are unrelated to the macOS app and never receive any in-app event data.
5. GDPR Posture
Controller for any data LeanBytes UG processes (license metadata, analytics events, support correspondence):
LeanBytes UG (haftungsbeschränkt)
Goldmühlestraße 65
71065 Sindelfingen
Germany
Represented by: Stephan Arenswald
Contact: privacy@leanbytes.io
Audio & transcripts: processing happens entirely on the user’s device. LeanBytes UG never receives, stores, or has access to any audio, transcript, or dictation history. For GDPR purposes, LeanBytes is neither controller nor processor of this content.
Data Processing Addendum (AVV / DPA): available on request. Contact privacy@leanbytes.io with your DPA template and we will return a signed copy. We do not currently publish a generic template (deferred until legal review of role/module mapping is complete).
Lead supervisory authority (for GDPR complaints): Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI BW), Stuttgart, Germany.
The FlowMoose website privacy policy at /privacy describes the website’s legal basis (Art. 6(1)(f) GDPR Legitimate Interest) for analytics processing in detail.
6. Update & Model Integrity
Application updates are delivered via the Sparkle framework, an industry-standard macOS auto-update library. The appcast XML and the DMG package are served from a LeanBytes-operated AWS S3 bucket in the eu-central-1 (Frankfurt) region. Sparkle verifies update payload signatures against a public Ed25519 key embedded in the shipped application before installation; tampering with the appcast or DMG in transit would fail this signature check and the update would not install.
Code-signing identity: Developer ID Application: LeanBytes UG (3DJZR74CAM).
The application is notarized by Apple, runs with the hardened runtime enabled, and ships with a single entitlement:
com.apple.security.device.audio-input
FlowMoose is NOT sandboxed. Apple’s App Sandbox is incompatible with the Accessibility permission FlowMoose requires to paste into other applications, which is also why FlowMoose is distributed as a DMG rather than via the Mac App Store.
Whisper model integrity: the model file (ggml-small.bin, ~466 MB) is downloaded once on first launch from huggingface.co at the repository ggerganov/whisper.cpp. Subsequent launches reuse the cached model file from the local app support directory.
7. Downloads
A versioned PDF of this whitepaper, suitable for forwarding to legal or attaching to a procurement questionnaire, is available below.
Download whitepaper PDF (v1.0)
The web version of this page is the canonical source. If the PDF and the page disagree on a fact, the page is correct (and we owe you a re-export of the PDF; please email privacy@leanbytes.io).
8. Reverification
This document is re-verified against the running FlowMoose macOS application on each release that touches network behaviour, model selection, or code-signing configuration. The reverification ritual lives in _spec/RELEASE-CHECKLIST.md in the public flowmoose.app source repository.
9. Versioning & Changes
Each material change to the facts in this whitepaper bumps SECURITY_DOC_VERSION: minor version for added/removed domains or changed network behaviour, major version for changed models, changed cryptographic identity, or changed controller. The current version is always available at this URL. Older versions can be reconstructed from the public source-control history of flowmoose.app.
For RFC 9116 vulnerability-disclosure purposes, see /.well-known/security.txt.
10. Contact
Privacy and security questions: privacy@leanbytes.io