Security is not an afterthought at VoxScan — it is built into every layer of our product. Here's what we do to keep your data safe.
All data transmitted between your device and VoxScan servers is encrypted using TLS 1.3. This applies to documents, account data, and API calls.
Documents stored in VoxScan cloud sync are encrypted at rest using AES-256 — the same standard used by financial institutions worldwide. Encryption keys are managed using a hardware security module (HSM).
Access to production systems is restricted to authorised personnel, protected by multi-factor authentication, and audited continuously. No employee can access the content of your documents without an explicit, auditable support request from you.
VoxScan infrastructure is hosted on enterprise cloud providers with SOC 2 Type II certification. Data is replicated across multiple geographic regions for resilience.
We operate a responsible disclosure programme. If you discover a security vulnerability in VoxScan, please report it to security@voxscan.app. We aim to acknowledge reports within 24 hours and resolve critical issues within 72 hours.
VoxScan is designed to support GDPR compliance for European users, CCPA compliance for California residents, and follows industry best practices for mobile application security (OWASP MASVS).