As a provider of data protection–relevant software solutions, Voicery places particular emphasis on the security of personal data and on compliance with legal and regulatory requirements.
The data protection and information security design of the Voicery platform follows a structured and documented approach – from technical, organizational, and contractual perspectives.
The platform is designed for professional use in corporate environments and is operated accordingly in compliance with recognized international security and quality standards.
Voicery is operated on a technical infrastructure whose operation is certified in accordance with ISO/IEC 27001:2022 (information security management) and ISO 9001:2015 (quality management).
These certifications confirm that defined processes and controls are in place for the operation of the underlying technical infrastructure to ensure the confidentiality, integrity, and availability of sensitive data. At the same time, procedures for continuous improvement are implemented to regularly review and further develop technical and organizational measures.
Our company is GDPR-certified and subject to regular data protection audits by independent auditing bodies.
As part of these audits, the implementation of technical and organizational measures in accordance with Art. 32 GDPR is reviewed, as well as compliance with requirements for data protection management, transparency, and accountability (Art. 5(2) GDPR).
This includes, among others:
Access restrictions and role-based authorization concepts
Measures to ensure data integrity and availability
Documented procedures for the regular review of security measures
Measures to ensure data minimization and purpose limitation
The processing of personal data is carried out in full compliance with the General Data Protection Regulation (GDPR).
Data processing is carried out by default within the European Union.
From the Pro Plan onwards, all Speech-to-Text (STT) components used are processed in EU regions.
Processing by Large Language Models (LLMs) and Text-to-Speech (TTS) components is also performed within the EU by default; however, this may vary depending on the selected model or provider.
Our infrastructure includes, among others:
Amazon Web Services (AWS) (Germany, Frankfurt)
OpenAI - Microsoft Azure (LLM, EU - Sweden)
Google Gemini (LLM - EU endpoint region, e.g. Germany, Frankfurt)
Anthropic Claude (LLM - EU endpoint region, e.g. Germany, Frankfurt)
Gladia (STT, EU - France)
Deepgram (STT, EU endpoint)
ElevenLabs (STT / TTS, EU - Belgium, Brussels)
Llama (LLM): Llama is used via the inference provider Groq.
Groq currently does not offer a dedicated EU endpoint, so processing may take place outside the European Union.
Cartesia (TTS): Processing outside the European Union (provider-dependent).
The selection and integration of subprocessors is based on documented data protection agreements, transparent data flow analyses, and, where required, appropriate safeguards in accordance with Chapter V GDPR, in particular through the use of Standard Contractual Clauses.
Voicery stands for a responsible and transparent approach to data.
Technical foundation based on certified security and quality standards (ISO/IEC 27001:2022, ISO 9001:2015).
EU-based processing of core AI components in the standard configuration, including LLMs, STT, and TTS.
GDPR-compliant data processing with documented technical and organizational measures (TOMs).
Audited operational processes and GDPR-certified data protection management.
The combination of GDPR certification, internationally recognized security standards, and an optionally fully EU-based infrastructure (when selecting EU-capable models and providers) makes Voicery a suitable platform for data protection–compliant communication in enterprise environments.
