Data Processing Addendum
Last updated: May 2026
This Data Processing Addendum (“DPA”) forms part of the agreement between Voice Production AI and the customer (“Customer”) governing the Customer’s use of the Voice Production AI service. It applies to the extent Voice Production AI processes personal data on behalf of the Customer in the course of providing the service.
1. Parties & roles
For personal data processed through the service, the Customer acts as the data controller (or processor on behalf of its own customers) and Voice Production AI acts as the data processor. Voice Production AI processes personal data only on documented instructions from the Customer, including those set out in the agreement and this DPA, and as required by applicable law.
2. Scope & nature of processing
Voice Production AI processes personal data to provide its AI voice platform: generating text-to-speech audio, creating and storing voice clones (with consent), enhancing and exporting audio, operating workspaces and teams, and supporting the API and webhooks. The categories of data subjects may include the Customer’s personnel and end users, and the personal data may include account details, scripts submitted for synthesis, and voice recordings used for cloning.
3. Subprocessors
The Customer authorizes Voice Production AI to engage subprocessors to support the service.Voice Production AI uses a limited set of vetted subprocessors for cloud hosting, object storage, payment processing, and transactional email. Voice Production AI imposes data protection obligations on each subprocessor that are no less protective than those in this DPA and remains responsible for their performance. We will give notice of new subprocessors and provide a reasonable opportunity to object.
4. Security measures
Voice Production AI maintains technical and organizational measures designed to protect personal data, including encryption in transit (TLS 1.2+) and at rest (AES-256), least-privilege production access, secrets management, logging and monitoring, and regular backups.Voice Production AI requires explicit consent for every cloned voice and applies safeguards against impersonation and misuse. A summary is available on our Security page.
5. Data subject rights
Taking into account the nature of the processing, Voice Production AI will assist the Customer by appropriate technical and organizational measures, insofar as possible, in responding to requests from data subjects exercising their rights (such as access, correction, deletion, and portability). The Customer can delete generated audio, voices, and account data directly within the product, and Voice Production AI will remove deleted data from backups within 30 days.
6. International transfers
Where Voice Production AI transfers personal data across borders, it does so in reliance on a valid transfer mechanism, such as the European Commission’s Standard Contractual Clauses or another lawful basis, together with supplementary measures where appropriate. The Standard Contractual Clauses are incorporated into this DPA by reference where they apply.
7. Breach notification & deletion
Voice Production AI will notify the Customer without undue delay after becoming aware of a personal data breach affecting the Customer’s data. Upon termination of the service,Voice Production AI will, at the Customer’s choice, delete or return the personal data, except where retention is required by law.
8. Contact
To request a signed copy of this DPA, our current subprocessor list, or to raise a data protection question, contact us at enterprise@voiceproductionai.com. Related documents: Privacy Policy and Terms of Service.