PSA: Anyone with a link can view your Granola notes by default
If you use the AI-powered note-taking app Granola, you might want to double-check your privacy settings. Though Granola says your notes are “private by default,” it makes them viewable to anyone with a link, and also uses them for internal AI training unless you opt out.
Granola describes itself as an “AI notepad for people in back-to-back meetings.” It integrates with your calendar to capture audio from your meetings, and then uses AI to generate a bulleted list of what you’ve heard, which it calls a “note.” You can edit the AI-generated notes, invite other collaborators to view them, and use Granola’s AI assistant to ask questions about your notes and review the meeting transcript they’re based on.
But in the app’s settings menu, Granola says, “By default, your notes are viewable to anyone with the link.” That means anyone on the web can see your notes if you accidentally share a link — potentially a major issue if you’re recording sensitive meetings. After testing this out for myself, I found that I could access my own note from a private window in my browser, all without signing into my Granola account. The site even tells you who the note belongs to and when it was created.
While I couldn’t view the entire transcript linked to the note, I could still view parts of it. Selecting one of the bullet points generated by Granola pulls up a quote from the transcript that the note is referring to, along with an AI-generated summary with additional context about the conversation.
On its website, Granola says “full transcript access is available to collaborators who open the same folder or note inside the Granola desktop app.” It’s not clear whether anyone with a Granola account can access your transcript, or if it’s just people you’ve shared your workspace with. Granola didn’t respond to a request for more information by the time of publication.
You can change who can view your links by opening Granola, selecting your profile in the bottom-left corner of the screen, and then choosing “Settings.” From there, navigate to the “Default link sharing” option, and change “Anyone with the link” to either “Only my company” or “Private.” If you delete your note, people with the link will no longer be able to access it.
One user on LinkedIn called attention to the public notes setting last year, saying, “these links aren’t indexed, but if you share or leak one – even accidentally – it’s public to whoever finds it.” And at least one major company has denied use of the tool to a senior executive due to security concerns, a source tells The Verge.
Additionally, Granola “may use anonymized data” to improve its AI models, according to the app’s support page. Enterprise customers are opted out of AI training by default, but people on all other plans aren’t. You can disable AI training by going to the settings menu and toggling off the “Use my data to improve models for everyone” option. The company says it doesn’t allow third-party companies, like OpenAI or Anthropic, to use your data for AI training if the setting is enabled.
Granola’s security page says the company stores your notes in a US-hosted Amazon Web Services private cloud, and says they are “encrypted at rest and in transit.” The company doesn’t store audio from meetings, either. It only saves meeting notes and transcripts, both of which it processes in the cloud.
