Security

Voxta Cloud Security

Voxta Cloud is hosted on Microsoft Azure in United States and Germany datacenters. Azure is a highly secure, reliable, and compliant cloud platform. We use Azure’s built-in security features to protect your data and follow software development and hosting best practices.

Authentication

We authenticate users using Patreon’s secure login (OAuth2). We don’t store your email or any other identifying information except your Patreon user ID. This authentication allows you to create and rotate your API keys, and to view your usage data.

Your API keys are hashed using SHA256 and salted using a unique salt for each user. We don’t store your API keys in plaintext.

Storage

We use an Azure Storage account to enqueue Patreon webhooks, which do contain identifying data. This is used to renew your credits, after which the incoming message is disposed.

We store your transaction data in a CosmosDB instance in the United States. This includes your hashed API keys, credits, and the model you used to generate text. We don’t store prompts or responses.

Encryption

We encrypt all data in transit using HTTPS. We encrypt all data at rest using Azure’s built-in encryption (at this time, Azure Cosmos DB uses AES-256 encryption).

Also, to protect your identity, we salt and hash your patreon user ID. So even though do do not have any information on your activity nor we share identifying information with our subprocessors, we can’t associate your activity with your Patreon user ID.

Access

Access to the backends is extremely limited. Systems are accessible only on a need-to-know basis, and only by a small number of individuals (currently, two per system).

Subprocessors

We use the following subprocessors:

  • Microsoft Azure: We use Azure to host our services. See Microsoft’s Privacy Statement and Microsoft’s Trust Center. We use those services: Container App, CosmosDB, Storage, KeyVault, Log Analytics, CDN and Traffic Manager.
  • Patreon: Your Patreon ID is stored in our database. See Patreon’s Privacy Policy and Patreon’s Security Statement. Patreon have access to Voxta systems.
  • Deepgram: We use Deepgram for speech-to-text. See Deepgram’s Privacy Policy and Deepgram’s Security Statement. Deepgram have no user identifying data.
  • ElevenLabs: We use ElevenLabs for text-to-speech. See ElevenLabs’ Privacy Policy. NOTE: ElevenLabs API temporarily stores the generated audio in their history. so we have implemented an immediate and continuous history deletion to counteract this. There is strictly no way to link audio generations back to a Patreon user. ElevenLabs have no user identifying data.
  • UnrealSpeech: We use UnrealSpeech for text-to-speech. See UnrealSpeech’s Privacy Policy. UnrealSpeech have no user identifying data.
  • OpenRouter: We use OpenRouter for hosting large language models. See OpenRouter’s Privacy Policy. OpenRouter have no user identifying data. We also disabled OpenRouter logging for prompt classification.
  • RunPod: We don’t currently use RunPod, however it is connected and available as a potential backend for LLMS. See RunPod’s Privacy Policy. RunPod have no user identifying data. Our docker images are customize to not log any prompt or response data.

Privacy

Check out the Privacy page for more information on how we handle your data.