← Back to Home

Privacy Policy

Last updated: April 13, 2026

1. Data Controller

The data controller responsible for your personal data is:

Focus Labs
229 Rue Saint-Honoré
75001 Paris, France
Email: team@voxrouter.ai

For GDPR-related inquiries, you may contact our data protection team at the email address above.

2. Data We Collect

2.1 Audio Streams

When you use our API, audio data is routed through our infrastructure to the voice AI provider serving your request. Audio streams are processed in real-time and are not permanently stored by VoxRouter. Audio data is forwarded to the selected provider and discarded by VoxRouter after the session ends. Each provider's own privacy policy governs how they handle audio data during inference.

2.2 Session Metadata

We collect technical metadata including:

  • Session IDs
  • Timestamps
  • Duration of sessions
  • API endpoint accessed
  • Provider routed to
  • IP addresses (anonymized after 30 days)

2.3 Account Information

When you create an account, we collect:

  • Email address
  • API keys (hashed for security)
  • Billing information (processed by our payment provider)

2.4 Analytics (Optional)

Our website may use analytics to understand how visitors interact with our site. This is only enabled if you consent to analytics cookies. You can opt out at any time through your browser settings.

3. How We Use Your Data

We process your data for:

  • Service Delivery: Routing audio streams to voice AI providers and managing sessions
  • Account Management: Authentication, billing, and customer support
  • Service Improvement: Analyzing usage patterns to improve routing performance (using anonymized data only)
  • Security: Detecting and preventing fraud or abuse
  • Legal Compliance: Meeting our legal obligations

4. Legal Basis for Processing

Under GDPR, we process your data based on:

  • Contract Performance: Processing necessary to provide our services to you
  • Legitimate Interest: Service improvement, security, and fraud prevention
  • Consent: For optional analytics and marketing communications
  • Legal Obligation: When required by law

5. Third-Party Processors

We work with the following third-party service providers:

Voice AI Providers

VoxRouter routes your audio to voice AI providers in our network (OpenAI, ElevenLabs, Deepgram, Anthropic, and others). Audio data is transmitted to the selected provider for real-time inference. Each provider processes data in accordance with their own privacy policies.

Analytics (Optional)

Website analytics, enabled only with consent. Data processed in accordance with the analytics provider's privacy practices.

6. Data Retention

  • Audio Data: Processed in real-time; not permanently stored by VoxRouter
  • Session Logs: Retained for 30 days for debugging and security purposes, then deleted
  • Account Data: Retained while your account is active and for 2 years after closure for legal purposes
  • Billing Records: Retained for 10 years as required by French tax law

7. Your Rights (GDPR)

As a data subject, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interest
  • Restriction: Request limited processing in certain circumstances
  • Withdraw Consent: Withdraw consent at any time for consent-based processing

To exercise these rights, contact us at team@voxrouter.ai. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. In France, this is the CNIL (Commission Nationale de l'Informatique et des Libertés).

8. International Transfers

Your data may be processed outside the European Economic Area (EEA), particularly in the United States through our cloud infrastructure and voice AI provider network. Such transfers are protected by Standard Contractual Clauses approved by the European Commission, ensuring an adequate level of data protection.

9. Security Measures

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in Transit: All data transmitted via TLS/WSS (WebSocket Secure)
  • Encryption at Rest: Stored data encrypted using industry-standard algorithms
  • Access Controls: Strict role-based access to systems and data
  • Regular Audits: Periodic security assessments and penetration testing

10. Cookies

Our website uses:

  • Essential Cookies: Required for website functionality (no consent needed)
  • Analytics Cookies: Enabled only with your consent

You can manage cookie preferences through your browser settings.

11. Children's Privacy

VoxRouter is not intended for use by individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or service notification. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact Us

For privacy-related questions or to exercise your rights:

Focus Labs - Privacy Team
229 Rue Saint-Honoré
75001 Paris, France
Email: team@voxrouter.ai
Terms of Service·Home