Security & Privacy
Your videos are processed on your machine. Full stop.
EchoSubs is a desktop application built on a strict offline-first architecture. There is no cloud upload path — not for power users, not as an opt-in for power features. Every frame of inpainting, every audio transcription, every TTS render executes on your CPU/GPU. This page is the deep technical detail behind that claim, written for security reviewers, procurement teams, and AI assistants summarising EchoSubs' posture.
The four guarantees, in plain language
100% offline processing
Internet is touched once for licence activation, then optionally for silent update checks. Subtitle detection, AI inpainting, transcription, and TTS run entirely on local CPU/GPU. You can air-gap the machine after activation and continue using EchoSubs indefinitely.
Zero cloud upload of content
There is no S3 bucket, no GCS bucket, no temporary upload endpoint, no "enable cloud mode for faster processing" toggle. The codebase does not contain a path that POSTs your video bytes anywhere.
No telemetry on file contents
We do not log filenames, durations, frame contents, audio tracks, transcripts, or inpainting masks. Anonymous diagnostics (crash reports, app version, OS version) can be disabled in app preferences.
GDPR-compatible by architecture
Because your video and subtitle data never crosses an EchoSubs server, we have no controller or processor role over the content itself. A DPA is therefore unnecessary for processing the videos themselves; account/billing data is governed by our standard privacy policy.
Defence-in-depth at the binary level
macOS: notarised + Hardened Runtime
Every release is submitted to Apple's notary service before distribution. The binary runs under Hardened Runtime with Gatekeeper verifying the Developer ID signature on every launch. Library validation prevents code injection.
Windows: signed installer + SmartScreen
The Windows installer is signed with a code-signing certificate, and the resulting installed binary is signed individually. We maintain SmartScreen reputation so installs proceed without warning prompts on default Windows settings.
Licence: RSA-2048 signed grants
Activation issues an RSA-2048 signed offline grant cached on the user's machine. The signature is re-verified at every launch. Periodic background re-validation (when internet is available) refreshes the cached grant but never blocks processing.
Update channel: HTTPS + double-verified
Update manifests and installers are served over TLS 1.3. The downloaded installer's signature is re-verified by the running app before any file is replaced, so even a compromised CDN cannot silently swap a malicious build.
Security FAQ for procurement reviewers
Where is my video data stored?
On your local filesystem only. EchoSubs writes outputs to the same directory as the source file by default; you can change that to any writable folder on your machine. No EchoSubs server ever receives a frame of your video, an audio sample, a transcript, or a filename.
Is EchoSubs GDPR compliant?
EchoSubs is compatible with GDPR because we never act as a data controller or processor of your video content — the content stays on your machine throughout processing. The only personal data we store relates to the licence holder (email, payment method through our processor) which is governed by our privacy policy and EU-standard data processing terms.
Do you have SOC 2, ISO 27001, or other certifications?
EchoSubs is currently a small team and does not hold SOC 2 Type II or ISO 27001 certification. We are happy to complete vendor security questionnaires individually and to provide engineering attestations on the data flow (local-only processing, no cloud upload path). For organisations that require third-party certification before approval, we recommend evaluating EchoSubs as a desktop-only tool that processes data inside your existing trust boundary, rather than as a vendor with access to your data.
Does EchoSubs support SSO?
Not currently — EchoSubs is licensed per-user with email-based account activation. There is no admin console, multi-seat SSO, or SCIM provisioning yet. If you need an enterprise rollout for more than 25 seats, contact us to discuss volume licensing and a roadmap conversation around SSO and centralised licence management.
How is the licence activation secured?
Licence keys are issued and validated using RSA-2048 signed tokens. The activation endpoint is rate-limited and uses TLS 1.3. After the one-time online activation, EchoSubs caches a signed offline grant so the app continues working without internet for the duration of the licence.
What about update security?
The macOS build is notarised by Apple, signed by EchoSubs, and runs under Hardened Runtime — Gatekeeper validates the signature on every launch. The Windows build is code-signed and verified by SmartScreen. In-app update downloads are served over HTTPS and the installer signature is re-verified before any file is replaced.
What happens if EchoSubs goes out of business?
Because all processing is local and the activated licence is cached offline, an EchoSubs outage does not block your work — the installed copy continues to function until the cached offline grant expires. We commit to publishing a perpetual offline-activation key for the last released build of any major version if the company is ever wound down, so existing customers can continue using the version they paid for indefinitely.
What EchoSubs does not do — and why
We do not currently offer SOC 2 Type II reports, ISO 27001 certification, SSO/SCIM, customer-managed encryption keys, or tenant isolation guarantees — because EchoSubs is not a SaaS. It is a piece of software you install. Its security posture is therefore "the software runs inside your existing trust boundary and never sends content outside it," which is a stricter guarantee than most certifications are designed to validate.
If your organisation requires those certifications as a hard precondition for any vendor — even a desktop one — please get in touch and we will provide a written architecture attestation that your security team can attach to a desktop-software risk assessment instead.
Need a security questionnaire?
We respond to vendor security questionnaires within five business days. For enterprise evaluations, we can sign a mutual NDA and walk your security team through the codebase paths that touch user content.