Voxta Security
How Voxta Cloud handles your data, what's encrypted, who has access, and the subprocessors we use.
Hosting
Voxta Cloud is hosted on Microsoft Azure in United States and Germany datacenters. We use Azure's built-in security features and follow modern software development and hosting practices.
Authentication
User authentication runs through Patreon's OAuth2. We don't store your email or other identifying information — only your Patreon user ID, which is itself salted and hashed before storage.
API keys are hashed using SHA256 with a unique per-user salt. We never store API keys in plaintext. When you generate a new key in the portal, the old one is invalidated immediately.
Storage
- Patreon webhooks are temporarily enqueued in an Azure Storage account. They contain identifying data only long enough to renew your credits — the message is disposed immediately after processing.
- Transactions (hashed API key, credits consumed, model used) are stored in a CosmosDB instance in the United States.
- Prompts and responses are NOT stored at any layer of our stack.
Encryption
- In transit — HTTPS everywhere.
- At rest — Azure's built-in encryption (Azure Cosmos DB uses AES-256).
Because the Patreon user ID itself is salted and hashed in our database, even Voxta staff cannot trivially link a Patreon account to its usage records without the original Patreon ID.
Access
Backend access is strictly need-to-know and limited to a small number of individuals (currently two per system). All access is logged.
Subprocessors
We engage these third parties to deliver the service. Each link points to that provider's privacy and security documentation.
Infrastructure
| Provider | Used for | Access to identifying data |
|---|---|---|
| Microsoft Azure | Hosting (Container Apps, CosmosDB, Storage, KeyVault, Log Analytics, CDN, Traffic Manager) | Yes — runs our infra |
| Patreon | Subscription management, OAuth2 auth | Yes — Patreon ID source of truth |
AI logic & audio
| Provider | Used for | Access to identifying data |
|---|---|---|
| Deepgram | Speech-to-text | No |
| ElevenLabs | Text-to-speech | No (see note below) |
| Cartesia | Text-to-speech (low-latency) | No |
| UnrealSpeech | Text-to-speech | No |
| OpenRouter | Large language model hosting | No (logging disabled) |
| RunPod | Optional LLM hosting backend | No (our images don't log prompts) |
ElevenLabs: their API temporarily stores generated audio in their history. We've implemented immediate, continuous history deletion to counteract this. There is no way to link an audio generation back to a specific Patreon user from ElevenLabs's side.
Privacy
For a full description of what data we collect, why, and your rights, see the Privacy Policy.