Security

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. API endpoints are HTTPS-only. Database backups are encrypted with separate keys.

Your account is accessible only by you and any team members you explicitly invite. Each team member has role-based permissions. We have no backdoor access to your voice model or conversation data.

We run on Vercel's infrastructure with data stored in US-east regions. All infrastructure is SOC 2-compliant. We maintain strict network isolation between customer data.

Your voice model is stored in a completely separate namespace from every other customer. Models are never shared, merged, or used for training outside your account. Deleting your account immediately deletes your model.

Found a security issue? Email security@community.io. We commit to acknowledging receipt within 24 hours and providing a fix timeline within 72 hours.

We are working toward SOC 2 Type II certification. If you need a signed DPA or security questionnaire for your procurement process, email hello@community.io.