If you are a user of the AI-driven note-taking app, Granola, it might be a good idea to reassess your privacy settings. Despite Granola’s claim that your notes are “private by default,” they are accessible to anyone with a link, and the app uses them for its internal AI training unless you choose to opt out.

Granola brands itself as an “AI notepad designed for individuals in back-to-back meetings.” The app syncs with your calendar to record audio from your meetings and employs AI to create a bulleted summary of what was discussed, labeling it as a “note.” Users can modify these AI-generated notes, invite collaborators to view them, and leverage Granola’s AI assistant to query their notes and review the underlying meeting transcript.

However, according to Granola’s settings menu, “By default, your notes are viewable to anyone with the link.” This implies that if a link is accidentally shared, anyone online can access your notes—a significant concern if you’re documenting sensitive meetings. Through a personal test, I discovered I could access my own note from a private browser window without logging into my Granola account. The site even displays who owns the note and when it was created.

Despite not being able to view the entire transcript linked to a note, I could still access portions of it. Clicking on one of the bullet points generated by Granola reveals a quote from the transcript it references, along with an AI-generated summary providing additional context to the conversation.

Granola’s website notes that “full transcript access is available to collaborators who open the same folder or note within the Granola desktop app.” However, it remains unclear whether this access is limited to people you’ve shared your workspace with or if any Granola account holder can view it. Granola did not provide further clarification before the publication of this article.

To adjust who can view your links, open Granola, click on your profile in the bottom-left corner of the screen, and select “Settings.” Navigate to the “Default link sharing” option and change “Anyone with the link” to either “Only my company” or “Private.” Deleting your note will also restrict access for those with the link.

One user on LinkedIn called attention to the public notes setting last year, saying, “these links aren’t indexed, but if you share or leak one – even accidentally – it’s public to whoever finds it.” And at least one major company has denied use of the tool to a senior executive due to security concerns, a source tells The Verge.

Additionally, Granola “may use anonymized data” to improve its AI models, according to the app’s support page. Enterprise customers are opted out of AI training by default, but people on all other plans aren’t. You can disable AI training by going to the settings menu and toggling off the “Use my data to improve models for everyone” option. The company says it doesn’t allow third-party companies, like OpenAI or Anthropic, to use your data for AI training if the setting is enabled.

Granola’s security page says the company stores your notes in a US-hosted Amazon Web Services private cloud, and says they are “encrypted at rest and in transit.” The company doesn’t store audio from meetings, either. It only saves meeting notes and transcripts, both of which it processes in the cloud.