Where Does Your Transcript Actually Go? A Plain-English Guide to Data Residency
You record a meeting, upload the audio, and get a transcript back. Simple enough. But between upload and transcript, where did that file actually go? For most transcription services, the answer is a US data centre. Here's why that matters and what you can do about it.
What "data residency" actually means
Data residency is a straightforward concept that gets buried under jargon. It simply means: where is your data physically stored and processed? Not where the company is headquartered. Not where their website is hosted. Where do the actual servers sit that handle your files?
When you use a cloud service, your data has to live somewhere physical. It's on a hard drive in a rack in a building in a specific country. That country's laws govern what happens to your data while it's there, who can access it, and what protections apply. Data residency is about knowing which country that is and making a deliberate choice about it.
For something like a project management tool, this might not keep you up at night. But for audio recordings of meetings, interviews, medical consultations, or legal conversations, the physical location of your data has real consequences.
What happens when you upload audio to a transcription service
Here's the journey most people don't think about. You have a recording on your laptop in Sydney. You upload it to a transcription service. Within seconds, that file has been copied to a server, almost certainly overseas. The major transcription APIs, including AssemblyAI, Deepgram, and OpenAI's Whisper API, all process audio on US-based infrastructure. Your file lands in a data centre in Virginia or Oregon, gets processed by their models, and the transcript is sent back to you.
During that process, your audio file exists on foreign servers. Depending on the provider, it might be stored temporarily for processing, cached for reliability, or retained for some period after transcription completes. Some providers retain audio for quality improvement or model training unless you explicitly opt out.
None of this is hidden. It's in the terms of service if you read them. But most people don't, because they're focused on getting a transcript, not tracing the physical path of their data across the Pacific.
The short version
When you use most transcription services from Australia, your audio file travels to a US data centre, gets processed there, and may be stored there for some period. Your recording of an Australian conversation, potentially containing sensitive personal information, is sitting on a server governed by US law.
Why Australian businesses should care
There are three practical reasons this matters, and none of them require a law degree to understand.
Compliance exposure. Australia's Privacy Act includes specific rules about sending personal information overseas. If your audio recordings contain personal information (and meeting recordings almost always do: names, opinions, health discussions, financial details), sending them to a US server triggers obligations you may not be meeting. You don't need to memorise the legislation. You just need to know that sending recordings offshore creates paperwork and risk that keeping them onshore avoids entirely.
Customer and client trust. Australians are increasingly aware of where their data goes. If you're a law firm transcribing client consultations, a healthcare provider transcribing patient notes, or a research organisation handling interview recordings, your clients expect their conversations to be handled with care. "We send your recordings to a US server" is not a confidence-building statement, even if you've ticked every compliance box.
Procurement requirements. If you work with enterprise clients, government agencies, or organisations in regulated industries, you'll increasingly encounter data residency requirements in procurement questionnaires and vendor assessments. "Where is data processed and stored?" is now a standard question. "The United States" is often a disqualifying answer, particularly for state and federal government contracts.
The difference between "compliant" and "onshore"
This is where it's worth being precise, because a lot of transcription providers blur the line.
Saying "we comply with Australian privacy law" is a marketing claim. It means the provider believes they've met their obligations under the Privacy Act, possibly by having appropriate contracts in place, possibly by relying on exemptions, possibly by interpreting the rules in a way that suits their architecture. It doesn't tell you where your data goes. A US-based service can claim compliance with Australian law while processing every byte of your audio in Virginia.
Saying "your data never leaves Australia" is an architectural fact. It means the servers that receive, process, and store your data are physically located in Australia. There's no cross-border transfer to manage, no overseas privacy regime to navigate, no reliance on contractual protections with foreign entities. The data stays here because the infrastructure is here.
Both statements can be true at the same time, but they're not the same thing. If data residency matters to your business, look for the architectural fact, not just the compliance claim.
Questions to ask any transcription provider
Where are the servers that process my audio physically located? Is any data transferred outside Australia at any point during processing? How long is audio retained after transcription, and where? These three questions will tell you more than any compliance certification.
How Australian Transcription handles data residency
Australian Transcription was built from the ground up to keep data onshore. Every component of the transcription pipeline runs on AWS infrastructure in Sydney (the ap-southeast-2 region). When you upload audio, it goes to a Sydney server. It's processed by transcription models running in Sydney. The transcript is generated and returned from Sydney. At no point does your data leave Australia.
Audio files are permanently deleted immediately after processing. There's no retention period, no training on your data, no backups sitting in a US data centre. Once your transcript is delivered, the original audio is gone.
This isn't a bolt-on feature or a premium tier. It's how the service works for every customer, on every request. The infrastructure decision was made at the architecture level, not the contract level.
Want the legal detail?
This article has deliberately stayed at the practical level. If you want to understand the specific legal obligations, including what APP 8 of the Australian Privacy Principles says about cross-border disclosure and how it applies to transcription APIs, we've written a detailed companion article: Why Australian Businesses Can't Use US Transcription APIs Without Triggering APP 8. It covers the legislation, the consequences, and the exemptions in full.
For most decision-makers, the takeaway is simple: if you're transcribing audio that contains personal information about Australians, keeping that audio in Australia is the cleanest way to manage your obligations. It's less paperwork, less risk, and a better story to tell your clients.
Frequently asked questions
What does data residency mean for transcription?
Data residency means where your audio files are physically stored and processed. When you upload audio to a transcription service, the file travels to a server in a specific country. Most major transcription APIs process audio on US-based infrastructure, meaning your recordings leave Australia.
Why does data residency matter for Australian businesses?
Three reasons: compliance exposure under the Privacy Act (sending personal information overseas triggers APP 8 obligations), customer and client trust (particularly in legal, healthcare, and government contexts), and procurement requirements (enterprise and government contracts increasingly require onshore data processing).
What is the difference between a compliant transcription service and an onshore one?
Saying "we comply with Australian privacy law" is a marketing claim — a US-based service can claim this while processing your audio overseas. Saying "your data never leaves Australia" is an architectural fact. If data residency matters, look for the architectural fact, not just the compliance claim.
Does Australian Transcription keep audio files after processing?
No. Audio files are permanently deleted immediately after processing. There is no retention period, no training on your data, and no backups in any other data centre. Once your transcript is delivered, the original audio is gone.
Try Australian Transcription free
Australian-hosted transcription API. Your data never leaves Australia. Audio deleted after processing. 90 minutes free, no credit card required.