Security & trust

Your callers' voices, handled with care.

Encrypted in transit and at rest. Stored in Australia or the EU. AI disclosure and recording controls built in, recording off by default, and we never train models on your calls. Here's exactly how it works — no overstatement.

Controls

How we protect your data.

Less a poster, more a checklist of what's actually in place today.

Encryption

Data is encrypted on the wire and on disk.

  • TLS 1.2+ in transit (audio, API, admin)
  • AES-256 at rest
  • Credentials and integration tokens encrypted at the application layer

Data residency & transfers

Stored in your region; honest about where processing happens.

  • Storage in AWS Australia (Sydney) or the EU, by region
  • A US region is on our roadmap
  • Voice processing uses sub-processors, some in the US
  • Transfers under EU SCCs, the UK IDTA and the DPF where applicable

Isolation & access

Your data is kept apart from other customers', with controlled access.

  • Separate database schema per customer (tenant isolation)
  • Role-based access for your team
  • Least-privilege internal access
  • Administrative actions are audit-logged

Data handling

Sensible defaults, configurable where it matters.

  • Recording off by default; enabled per AI agent
  • Recording notification and AI self-identification built in
  • Configurable recording retention (default 90 days)
  • No model training on your conversations

Sub-processor transparency

A focused set of providers, published in full.

  • Every sub-processor listed at voxapp.com/subprocessors
  • Role and location shown for each
  • At least 30 days' notice before changes
  • Right to object on data-protection grounds

Incident response

If something happens, you hear from us quickly.

  • Breach notification within 24 hours of confirmation
  • Centralised logging across the platform
  • Support with your own notification obligations
  • NDB scheme (AU Privacy Act) handled in parallel where it applies
Data flow

Every call, and who touches your data.

01 · Ingress

Carrier → VoxApp

Phone calls arrive via our telephony provider; web and video sessions via our real-time transport provider.

02 · Processing

Speech, language, voice

Audio is transcribed, reasoned over and voiced by the named sub-processors on our sub-processors page — some in the US, under SCCs.

03 · Tool calls

Signed

Outbound webhooks to your systems are HMAC-signed with a per-integration secret.

04 · Storage

Your region

Transcripts and any recordings are encrypted and stored in your region — Australia or the EU. Retention set by your policy.

Storage stays in your region (AU or EU). Real-time voice processing uses sub-processors, some in the US, under the EU SCCs, UK IDTA and the DPF where applicable. Full list and locations: voxapp.com/subprocessors.
Data handling

What we keep, for how long.

Defaults below; see the Terms and Privacy Policy for the full position.

Data type
Default retention
Configurable
Used for training
Call recordings
Where enabled (off by default)
90 days
Shorter, where supported
Never
Transcripts
Conversation text
12 months
Shorter, where supported
Never
Conversation metadata
Date, duration, channel, identifier
24 months
For billing & audit
Aggregated only
Payment data
Card details
Not stored by VoxApp
Handled by Stripe
Never
Security FAQ

The questions your security team will ask.

Do you train models on our calls?
No. We do not use the content of your conversations to train general-purpose AI models. The model and speech providers we use are engaged under terms that do not permit training on your data. We may use de-identified, aggregated data to improve the Service.
Where is data stored?
Customer data at rest is stored in AWS Australia (Sydney) or the EU, depending on your region; a US region is on our roadmap. Operating an AI conversation also involves real-time processing by the sub-processors on our sub-processors page, some located in the US, governed by the EU Standard Contractual Clauses, the UK IDTA and the EU-US Data Privacy Framework where applicable.
How do you handle sub-processor changes?
Our full sub-processor list is published at voxapp.com/subprocessors, with each provider's role and location. We give at least 30 days' notice before adding or replacing a sub-processor, during which you may object on reasonable data-protection grounds.
What's your incident notification policy?
We notify affected customers within 24 hours of confirming a personal data breach, with the information available at the time, and assist with your own notification obligations — including the Notifiable Data Breach scheme under the Australian Privacy Act where it applies. This commitment is in our DPA.
How long is data kept, and when is it deleted?
Default retention is 90 days for recordings (where enabled), 12 months for transcripts, and 24 months for conversation metadata. Recordings are removed after the retention period, and on termination your data is deleted within 30 days, except where the law requires longer retention. See clause 10 of the Terms.

Built for the people who sign the DPA.

Honest documents, a published sub-processor list, and a team that will answer your security questionnaire.