Security & trust

Built to be trusted with your voice

Voice is identity, and audio is often confidential. Here's a concrete, honest look at how Voice Production AI protects both — no vague promises.

At a glance

Four things we take seriously

The fundamentals that everything else builds on.

Encryption everywhere

All traffic is encrypted with TLS 1.2+ in transit. Stored audio, voice profiles, and account data are encrypted at rest with AES-256.

Consent-gated cloning

Every cloned voice requires explicit, recorded consent at creation time. We block obvious impersonation attempts and act on abuse reports.

Scoped access

Workspace roles, per-key API access, and signed webhooks keep the blast radius small. Revoke any key or membership instantly.

You control retention

Delete generated audio, voices, or your entire account at any time. Deletions propagate to backups within 30 days.

Data protection

Encrypted in transit and at rest

Your scripts, generated audio, and voice profiles never travel or sit on disk in the clear. We use industry-standard encryption end to end and limit who can access production data.

  • TLS 1.2+ for all API and dashboard traffic, with HSTS enforced.
  • AES-256 encryption at rest for audio files, voice models, and database records.
  • Secrets and API keys stored in a managed secrets vault, never in source control.
  • Production access is least-privilege and logged; no shared admin credentials.
  • Explicit consent is captured and stored alongside every cloned voice.
  • We screen clone requests for likely impersonation of public figures.
  • Generated audio can carry provenance metadata to aid downstream detection.
  • Clear abuse reporting, with takedown and account action for violations.
  • You can delete a cloned voice and its underlying model at any time.

Voice cloning

Consent first, misuse prevented

Cloning a voice without permission is not a feature — it's abuse. We require consent for every clone, build guardrails against impersonation, and respond to reports quickly. We would rather decline a request than enable harm.

Operations

Retention, infrastructure & subprocessors

What we keep, where it runs, and who helps us run it.

Data retention & deletion

You can delete audio, voices, or your account on demand. We hold data only as long as your account is active or as required by law, and remove it from backups within 30 days of deletion.

Infrastructure

Voice Production AI runs on reputable cloud providers operating from SOC 2-audited data centers, with network isolation, automated patching, and continuous backups of critical data.

Subprocessors

We use a small set of vetted subprocessors for hosting, storage, payments, and email. The current list and our data terms are available in our Data Processing Addendum.

Our responsible-AI stance

Synthetic voice is powerful, and power invites misuse. We are committed to consent-based cloning, transparency about synthetic audio, and refusing use cases designed to deceive or impersonate. We don't train shared models on your private audio without permission, and we publish how we handle your data so you can make an informed choice.

Read more in our Privacy Policy, Terms, and DPA.

Questions about security?

Need a security review, our subprocessor list, or a signed DPA? We're glad to help.

Talk to usRead the DPA