// Trust & Security Report
Voice AI Inc
Voice.ai is an AI voice platform offering Voice Agents (automated phone agents), Text-to-Speech, Voice Cloning, Voice Changer, and Audio Tools. Core products include: Voice AI Agents (inbound/outbound call automation for enterprise), Text-to-Speech (multi-language, real-time), Voice Cloning (10-second audio samples), and consumer Voice Changer tools. Deployable on-premise, in cloud, or via API.
Certifications held
0
Maturity
Growth
Trains on your data
Yes
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 5 unconfirmed / not-held certifications
source: voice.aiListed on the enterprise page ('SOC 2 Type II') as a compliance claim, but no public audit report, trust center, or verification link found. No SOC 2 evidence appears in the privacy policy or elsewhere on the site, and https://voice.ai/security returns 404. Vendor would need to provide the audit report under NDA to verify.
source: voice.aiClaimed on enterprise page, but no public certificate, audit report, or verification link found. No trust center or compliance documentation page exists.
source: voice.aiVendor claims HIPAA-compliance capability and advertises 'signed BAAs ready' on enterprise page. On-premise deployment supports HIPAA by keeping data local. However, no formal HIPAA BAA template, signed agreement, or audit proof is publicly available. HIPAA is a regulatory framework requiring BAA signature; BAA readiness ≠ formal compliance certification.
source: voice.aiVendor explains GDPR compliance principles (lawfulness, data minimization, encryption, access controls) but provides no formal GDPR certification, Data Protection Impact Assessment, or third-party verification. GDPR is a regulatory posture, not a certificate; vendor support for GDPR principles ≠ formal certification.
source: voice.aiClaimed in aggregate marketing language ('PCI Level 1') but no public certificate, audit scope, or compliance documentation found.
// Privacy & AI training
Trains on customer data
Yes
Data processing agreement
Not offered
Data region
Not publicly specified. US-based cloud hosting or customer-controlled on-premise deployment (for on-prem, PII and transcripts stay within the customer network per https://voice.ai/ai-voice-agents/on-premise/). Company is incorporated in Delaware, US (governing law per Terms of Service); incorporation state does not necessarily indicate data hosting location.
Terms of Service Section 4 ('Your Content') grants Voice.ai a perpetual license to 'train and refine Voice.ai's models' from all user Input (voice recordings, text, scripts, call flows, etc.). Users can disable 'metamodel training' (hardware utilization for computation), but model training on input appears to be default. No Data Processing Agreement (DPA) found; privacy policy covers GDPR lawful bases but no formal DPA is documented.
// Security controls
Access Controls
Strict access controls claimed; on-premise deployment restricts data access to local network
voice.aiData Residency
Cloud (US-based) or on-premise deployment available; Sub-100ms local processing for on-prem
voice.aiAudit & Compliance Monitoring
No public audit reports, penetration testing, or independent security assessment found
// Products & data scope
data: Call recordings, transcripts, customer data (phone numbers, appointment info, etc.)
Inbound/outbound automated phone agents; enterprise-grade with on-prem & cloud deployment; BAAs available for healthcare
data: Text input, generated audio output; 15+ languages supported
Real-time synthesis, studio-quality; no mention of data retention restrictions; on-prem option available
data: Audio samples (10 sec min), generated cloned voices
User-generated voice models; high fidelity; publicly available voices subject to platform controls
data: Real-time audio stream, user voice
Free/consumer product; streaming/gaming use case; no enterprise compliance framing
// What to watch
- Over-claim: The enterprise page (https://voice.ai/enterprise) lists 'SOC 2 Type II', 'ISO 27001 compliant', 'HIPAA', 'GDPR', and 'PCI Level 1' as compliance claims, but NO public audit reports, certificates, or trust center exist to substantiate them. The privacy policy does not mention any of these certifications, and https://voice.ai/security returns 404. Confidence in the cert claims is LOW without public evidence.
- No Trust Center: Attempted fetch to https://voice.ai/security returned 404. No dedicated compliance or trust center page found. All claims appear only on product/marketing pages.
- Model Training on User Data: Terms grant Voice.ai perpetual license to train models on all user input (voice, text, scripts). Users can opt out of 'metamodel training' (hardware utilization) but not model training. Potential concern for IP-sensitive use cases.
- HIPAA Claims Are Conditional: Vendor claims 'HIPAA compliance' and 'signed BAAs ready,' but (a) no actual BAA template is publicly available, (b) HIPAA is a regulatory framework requiring BAA signature—BAA readiness is not the same as compliance certification, and (c) healthcare buyers must verify current BAA terms and SOC 2 coverage before deployment.
- Identity Verified: Legal entity is Voice AI Inc (Delaware), domain https://voice.ai is official vendor site (TOS copyright confirms this). No conflation risk with other 'Voice AI' products identified.
- Maturity Assessment: Vendor has enterprise features (on-prem, BAAs, SSO), active product development, and scaled customer base. However, absence of public certifications and trust center is unusual for an 'enterprise' vendor claiming SOC 2/ISO. Classified as 'growth' rather than 'enterprise' due to lack of formal compliance documentation.
// At a glance
Pricing model
Freemium (voice changer, basic TTS) + Subscription (voice agents, enterprise API access); Pay-per-use for high-volume; Quoted enterprise pricing available
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Voice AI Inc's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-06. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
voice.ai