Three models.
One sequence.
Generic voice AI sees all data. Privacy-compliant voice AI sees only what is necessary. The structural difference does not begin with the functions, but with the sequence of processing.
Dictation devices waste time. Generic AI risks licensing.
Privacy-compliant voice AI is a voice processing architecture that pseudonymizes personal data locally before it is transmitted to external cloud language models. It combines specialized AI components in a defined sequence and follows the principle of data minimization according to Article 5 GDPR.
It is 4:30 PM. A professional has just finished a consultation. Keywords lie on the desk, further details are in mind but not yet written down. The next appointment is in twenty minutes. However, the note for the file must be completed today.
Two paths are available. Both have obvious weaknesses.
Option A · Classic dictation device
Start recording, have it transcribed later, format manually, check personal names, transfer to the file. Privacy-compliant, but time-consuming. It has worked for years but is no longer up to date.
Option B · Generic AI app
Open ChatGPT, start voice recording, have the text structured. Fast, modern, seemingly elegant. But: personal names migrate to a cloud service that is not certified for medical, legal, or tax data. In the case of professional confidentiality obligations, this is a compliance violation.
In regulated industries, neither path is acceptable. This is not a convenience problem, but a structural one. Generic voice AI is built for general tasks, not for domains with special data protection requirements. Anyone who takes GDPR obligations seriously needs a different architecture.
AI models
modes
personal data
Each model sees only the data it truly needs.
Privacy-compliant voice AI does not use one generic language model for everything. Instead, three specialized AI components work together in a defined sequence in auraVoice. Each component does exactly what it is best suited for.
OpenAI Whisper · Transcription
Converts audio to text. Domain-specific vocabulary is imported via a Personal Dictionary mechanism. Technical terms such as bisphosphonate, VAT return, or investment deduction amount are correctly recognized. Standard tools often mutilate such proper names into unusable text. Details on the API in the OpenAI Whisper API documentation.
spaCy · Local pseudonymization
Named Entity Recognition model on our own infrastructure in Germany. Recognizes personal names and replaces them with consistent pseudonyms. Ms. Schmidt becomes Person 1, Mr. Müller becomes Person 2. Names mentioned multiple times retain their pseudonym throughout the text. We use the German language model de_core_news_lg.
Anthropic Claude · Structuring
Only now does the language model come into play. Claude receives the anonymized text and structures it into one of six predefined Markdown formats. Personal names have already been replaced at this point. The model sees only pseudonyms. Overview of the Anthropic Claude models.
The sequence is the architecture.
Pseudonymization could also be applied retrospectively to the finished transcript. That would be the easier way. But it would have a decisive disadvantage: the language model would have already seen and processed the real names, potentially using them for internal statistics or model improvements. With auraVoice, pseudonymization therefore runs BEFORE the cloud LLM call.
The mapping is not in the system.
The central architectural decision of privacy-compliant voice AI is not the pseudonymization itself. It is the question of what happens to the mapping between the pseudonym and the real name. With auraVoice, this mapping is not stored. It remains in the user's head or calendar.
Personal names never leave the infrastructure in plain text
The cloud LLM provider sees only pseudonyms. Audio does go to OpenAI Whisper, but it is only transcribed there, not analyzed or stored. A Zero Data Retention agreement with both providers ensures that no data is used for model training. The legal basis can be found in the GDPR, particularly regarding pseudonymization as a measure according to Article 32. The BfDI confirmed pseudonymization in January 2025 as a privacy-friendly measure.
Logs only count, they do not record
Only the number of replaced personal names is logged on the server, never the names themselves. This is documented in the code and secured by tests.
Re-identification is the user's responsibility
Anyone who has logged a patient case, a client, or a customer contact can clearly assign who Person 1 was based on the recording timestamp and their own calendar. No one else can do that. This is the simplest and at the same time most secure form of pseudonymization. No technical system in between, no additional compliance risk. This approach complements our GDPR-compliant AI platform auraHub.
Privacy-compliant voice AI in comparison.
Anyone who wants to use voice AI for regulated industries today has three realistic options. The table shows the structural differences:
| Criterion | Dictation device | ChatGPT Voice | auraVoice |
|---|---|---|---|
| Effort per recording | 25-40 minutes | 2 minutes | 2 minutes |
| Pseudonymization before cloud LLM | manual | no | automatic |
| Domain vocabulary | no | no | individual |
| Structured output formats | no | generic | 6 modes |
| GDPR Art. 9 suitable | yes | no | yes |
| Server location | local | USA | Germany |
| Suitable for professional secrecy holders | yes | no | yes |
Dictation devices are compliance-ready but not efficient. ChatGPT Voice is efficient but not compliance-ready for regulated professions. Privacy-compliant voice AI like auraVoice closes the gap.
Six output formats. Choice per recording.
Not every conversation needs the same structure. auraVoice currently supports six output formats optimized for different use cases. The choice is made per recording.
The problem is similar everywhere. The requirements differ.
Lawyers
Confidentiality · §203 StGB
Client data is subject to the duty of confidentiality according to Section 203 of the German Criminal Code. Notes from client meetings must be processed in a GDPR-compliant manner. At the same time, clients expect timely file notes. Privacy-compliant voice AI solves both without compromise.
Therapists
Article 9 GDPR
Patient data are special categories of personal data according to Art. 9 GDPR. Dictation systems must fulfill compliance requirements, while at the same time medical technical vocabulary such as active ingredients, diagnostic acronyms, or diagnosis codes must be correctly recognized.
Sales
Confidentiality
Sales notes, strategy meetings, internal briefings, and HR meetings contain sensitive content. General SaaS solutions process these in US cloud infrastructures. This is a risk for business secrets, personnel situations, or acquisition plans. A comparable architecture can also be found in auraIR for Investor Relations.
Landscaping
Hands-free on site
At customer appointments, on the construction site, in the car to the next appointment. Handwritten notes are impractical, generic dictation apps process customer names unfiltered. auraVoice dictates on site and structures directly for further processing in the office.
Pseudonymization is protection. Not a guarantee.
-
01
Model Recall
The recognition of personal names is in the range of 85 to 95 percent. spaCy is the industry standard, but no model is perfect. Pseudonymization as a data protection layer, not as a legal guarantee for complete anonymization.
-
02
Indirect identifiers
Personal names are replaced. Other identifiers such as dates of birth, rare diagnoses, or address details remain in the text. With rare combinations, re-identification can theoretically be possible. The standard is GDPR Recital 26 on anonymization.
-
03
Cloud LLM dependency
Whisper and Claude are external components. A Zero Data Retention agreement with both providers ensures that no content is used for model training. But: the final GDPR compliance for a specific use case depends on the individual implementation.
-
04
No substitution
What content the system processes remains a decision of the user. The AI provides the structuring. The professional evaluation, file management, and professional responsibility remain with the human.
From dictation to file. In two clicks.
Available as a Progressive Web App on iPhone, iPad, and desktop, without installation from an app store. Browser extensions for Chrome and Safari enable dictation functionality directly in any input fields: email programs, CRM systems, file software, or browser forms. Complementary to our other AI applications such as auraPress for media intelligence.
Experience auraVoice live.
We show live what privacy-compliant voice AI looks like for your specific industry. From dictation to pseudonymization to the structured transcript. For tax consultants, doctors, lawyers, consultants, craftsmen, and everyone who works with personal data.
Send request →Frequently asked questions
What is privacy-compliant voice AI?
Privacy-compliant voice AI is a voice processing architecture that pseudonymizes personal data locally before it is transmitted to external cloud language models. It combines specialized AI components (transcription, pseudonymization, structuring) in a defined sequence and follows the principle of data minimization according to GDPR.
What data is transmitted to external cloud services?
Audio is transmitted to OpenAI Whisper, exclusively for transcription. Text is transmitted to Anthropic Claude, but after local pseudonymization. Personal names never leave the own infrastructure in plain text. A Zero Data Retention agreement with OpenAI ensures that no data is used for model training.
How reliable is the pseudonymization?
Pseudonymization is based on the German language model de_core_news_lg from spaCy, an industry standard for Named Entity Recognition. The recognition of personal names is in the range of 85 to 95 percent. We recommend the function as a data protection layer, not as a legal guarantee for complete anonymization.
How does auraVoice differ from ChatGPT Voice or other dictation apps?
Three structural differences: First, local pseudonymization runs BEFORE the cloud LLM call, not after. Second, several specialized models are used instead of one generalist. Third, auraVoice is individually adaptable to industry and workflow.
Can the Personal Dictionary be individually adapted?
Yes. A domain-specific vocabulary is stored for each customer, which massively improves the recognition of technical terms. Examples: medical active ingredients, legal technical terms, tax law terms, industry-specific proper names. The initial configuration takes place during onboarding.
What modes are there and can I create my own modes?
Currently, six predefined structuring modes are available: Team Meeting, Customer Meeting, Strategy, 1on1, Briefing, and Custom Prompt. Any other structures can be defined via the Custom Prompt mode. For recurring individual use cases, an additional standard mode can be implemented.
On which devices does auraVoice run?
As a Progressive Web App on iOS Safari, Android Chrome, and all modern desktop browsers. Plus dedicated browser extensions for Chrome and Safari that integrate dictation functionality directly into any input fields. A native iOS or Android app is not required.
Is auraVoice GDPR compliant?
The backend infrastructure runs on European servers. Personal names are pseudonymized locally. Cloud LLM providers see only pseudonymized data. The final GDPR compliance for a specific use case depends on the individual implementation and your own compliance architecture. Details at auranexus.ai/privacy.
Is auraVoice available as self-service?
Not at the moment. We implement the system individually for each customer, tailored to their industry, vocabulary, and workflows. This phase allows us to adapt the platform precisely to your requirements. A self-service version is in preparation.
Founder of several digital companies, including Die Medialysten (exit to Linkfluence). With over 20 years of experience in digital transformation, auraNexus.ai develops AI applications for the communications industry, healthcare, landscaping, and manufacturing.