Granola's AI Note-Taking App Shares Notes Publicly and Trains on Your Data by Default

Granola, the AI-powered meeting note-taking app that markets itself on privacy, quietly generates public-facing links to users' notes by default and uses meeting transcriptions to train its internal AI models unless users navigate their settings to opt out.

The app, which describes itself as an "AI notepad for people," allows users to transcribe meetings on their desktop or iPhone without adding a visible bot to video calls. Granola positions its approach as privacy-conscious, stating that notes are "private by default." But that framing obscures a key default behavior: the app generates a shareable link set to "Anyone with the link can view," meaning anyone, including non-Granola users, can access the summarized notes in a web browser the moment a link is created or distributed. Changing that setting does not apply retroactively to past notes, so notes created under the default remain publicly accessible even if a user later switches to a more restrictive setting.

On the AI training side, Granola uses meeting data to improve its own models by default across its free and standard paid tiers, with the company describing the data as anonymized but providing little public detail about how that anonymization works. Users can turn off training participation with a single click in Settings, but the option is not surfaced prominently during setup. The exception is Granola's Enterprise plan, where AI training is disabled by default and administrators can enforce workspace-wide sharing restrictions.

The app's recording disclosure feature compounds the concern: it is also turned off by default, meaning other meeting participants may have no knowledge they are being recorded and transcribed unless the Granola user manually enables the disclosure setting.

Granola does make several substantive privacy protections. It does not store raw audio or video files; transcription happens in real time and only summaries and notes are retained. Data is encrypted at rest and in transit on AWS, and the company holds SOC 2 certification. Granola also explicitly blocks its third-party AI providers, including OpenAI and Anthropic, from using customer data for their own training purposes.

Still, the combination of default-open link sharing, default AI training, and default-off disclosure notifications places the burden of privacy management entirely on individual users who, in most cases, will never know the toggles exist.