Privacy Policy

Voxa processes all speech recognition on your device. Your voice data never leaves your computer or phone. We do not operate speech processing servers. We do not collect, store, or transmit your audio or transcriptions. We cannot access your data because our architecture makes it technically impossible for us to do so.

Voice audio: captured by your microphone, processed locally by whisper.cpp, and discarded immediately after transcription. Audio is never saved to disk, never transmitted over a network, and never sent to any server.

Transcriptions: generated on-device and inserted directly into the active application. Voxa does not maintain a log of your transcriptions unless you explicitly enable local history.

Personal dictionary: names, technical terms, and dialect preferences are stored locally on your device. If you enable multi-device sync, dictionary data is encrypted end-to-end before transmission.

Application usage: Voxa does not track which applications you use it with, how often you dictate, or what you say.

We do not collect voice recordings, transcription content, keystroke data, application usage patterns, browsing history, location data, device identifiers for tracking, or any form of telemetry. Our application contains zero analytics SDKs, zero tracking pixels, and zero network calls to our servers during normal operation.

If you create a Voxa account (required for Pro and Enterprise plans), we store your email address and subscription status. Payment processing is handled entirely by our payment provider — we never see or store your credit card details, bank information, or billing address.

If you enable sync, your personal dictionary and preferences are encrypted end-to-end on your device before being transmitted. The encryption keys are derived from your account credentials and never leave your device. We cannot decrypt your synced data on our servers.

Voxa checks for software updates by contacting our update server. This request contains only your current version number and operating system. No personal data is included. Crash reports are opt-in and contain only technical stack traces — never voice data, transcription content, or personal information.

Voxa is designed to comply with the General Data Protection Regulation (GDPR) and similar privacy legislation worldwide. Because we do not collect personal data during normal use, most GDPR provisions are satisfied by default. For account holders: you can export all account data, request deletion, or close your account at any time by contacting privacy@voxa.ai.

Voxa does not knowingly collect any data from children under 13. Since we do not collect personal data during normal product use, there is no children's data to protect. Account creation requires age verification.

If we make material changes to this privacy policy, we will notify users through the application and update this page. Our core commitment — all voice processing stays local — is a permanent architectural decision, not a policy that can be changed.

For privacy-related questions or requests, contact us at privacy@voxa.ai.