Privacy by Architecture,
Not by Promise
Every privacy guarantee VibeVox makes is enforced by OS-level constraints and infrastructure boundaries β not by policy. This page documents every mechanism, so you can verify it yourself.
What's Verified Today β and What's Planned
Flatpak OS Sandbox
App cannot access your home directory β only microphone input. Independently verifiable by anyone.
Hold-to-Talk Hardware Constraint
Microphone is physically inactive unless the hotkey is held. Not an ambient listener β by design.
EU Data Routing
All transcription via Groq (Frankfurt, DE). Account sync via Supabase (ZΓΌrich, CH). SCC-documented transfers.
Zero Retention Policy
No audio or transcript is stored server-side. The API is stateless β no context between requests.
GDPR Compliance Package
Privacy Policy, DPA, ROPA, Zero Retention Policy, Sub-processor List β all published.
Independent Third-Party Security Audit
EU-accredited firm Β· Full penetration test + GDPR compliance review. Audit summary will be published on this page upon completion β before our first B2B pilot.
How Your Audio Travels (and Disappears)
When you use VibeVox with the default managed cloud, this is the exact path your audio takes. At no point is it stored anywhere.
Mic activates only while hotkey held. Flatpak sandbox enforced at OS level.
Audio captured in memory. Never written to disk at any point.
Binary audio payload sent via TLS to VibeVox EU stateless relay (Frankfurt).
Transcription only. Zero retention policy. No context stored between requests.
Transcript injected to active window via OS API. Never sent back to cloud.
Bring Your Own API Key
In BYOK mode, the VibeVox proxy is bypassed entirely. Your audio goes directly from your device to your own API provider β VibeVox has zero data processing role.
In BYOK mode, VibeVox acts as a local client only. Your API key is stored encrypted locally and never transmitted to VibeVox servers. You negotiate your own DPA directly with your API provider (Groq, OpenAI, etc.).
Every Claim is Independently Verifiable
We don't ask you to trust our word. Every core privacy constraint can be verified without reading the source code.
Flatpak Permissions
Check exactly what system resources VibeVox can access:
Result: microphone access only. No home directory, no network sockets beyond declared endpoints.
Network Traffic
Monitor outbound connections with any packet inspector:
Result: connections only to api.groq.com (Frankfurt) and supabase endpoints (ZΓΌrich) β no other destinations.
Disk Write Audit
Confirm no audio files are ever written to disk:
Result: zero audio file creation events during any dictation session.
RAM Footprint
Verify the sub-100MB memory claim:
Result: <100MB RSS in steady state. Audio buffer cleared immediately after transcription.
What We Can Prove Without Open-Sourcing
A common question: "Can you prove end-to-end encryption without releasing the source code?" Here's our honest answer:
- β TLS in transit β All API calls use TLS 1.3. Verifiable via packet capture or SSL inspection proxy.
- β Local encryption at rest β Supabase user data encrypted with AES-256-GCM KEK+DEK architecture. Verifiable via Supabase's published security documentation.
- β No server-side plaintext β The stateless proxy architecture means the server never accumulates data to encrypt. Verifiable via network monitoring.
- β Full cryptographic audit β This requires the Q4 2026 third-party audit. We will not claim what we haven't had independently verified.
No metadata, no user ID, no session token
Found a Vulnerability?
We take security reports seriously. Contact us via responsible disclosure and we will respond within 48 hours.
π security@vibevox.appWe do not currently operate a formal bug bounty program. This is planned alongside the Q4 2026 audit.