The BEFORE Band founding batch is forming.Reserve yours
Security architecture

Sensitive by design, not by accident.

Recordings can contain other people's voices. Transcripts reveal intent. Health data is intimate. The system treats each as a distinct high-sensitivity domain.

A person asleep wearing the BEFORE Band

What it hears stays yours.

01

Intentional recording

Release target: no wake word or continuous listening; only a physical action can begin recording, with an indicator verified on the delivered hardware.

02

Separated permissions

Extracted context, full transcripts and health use different agent scopes. Raw audio is never an agent scope.

03

Encrypted processing

Transport and stored data are encrypted. Raw audio uses short retention and per-user access boundaries.

04

Least privilege

Agents retrieve only the information required for a request, under user-granted scopes.

05

Auditable access

The user can see which agent accessed which data, revoke a connector, export history and request deletion.

06

Synthetic development

Tests, previews and demos use fabricated identities, recordings, transcripts and health samples.

An honest encryption promise

Cloud transcription requires a trusted processing component to access audio temporarily. That is not zero-knowledge end-to-end encryption during processing. The intended promise is encrypted private processing, strict access controls, no training on user content, and short raw-audio retention.

Before production

This page describes the intended baseline, not a certification. Production launch additionally requires threat modeling, dependency and infrastructure review, incident-response ownership, penetration testing, vendor contracts, backup/deletion verification and region-specific privacy review.

Privacy that holds up is the product.

Reserve your band