Security & privacy

Security at Twoody

Your trust is the foundation of Twoody. A voice AI assistant overhears private conversations, knows your voice, sees who is in your home, and acts as a gateway to your most sensitive services — messaging, banking, calendar.

This page summarises the measures in place to protect your data, your devices and your conversations. It is kept up to date as our practices evolve.

Last revised: April 2026

Transport and encryption

How data travels between your devices and our servers, and how it is stored at rest.

Read more

Authentication and sessions

How we issue, store and revoke the tokens that keep you signed in.

Read more

Abuse protection

Rate limits and detection at the edges that matter most.

Read more

Personal data

What we keep, what we redact, and what happens when you leave.

Read more

Voice and face data

How wake-word and face-recognition data is stored and protected.

Read more

Twoody device security

Protections that run on the speaker itself, beyond the cloud.

Read more

Monitoring and transparency

How we watch the platform, and how each change is traced.

Read more

Report a vulnerability

Found a flaw? Please don't publish it before it is fixed. Write to us with technical details (URL, request, observed behaviour, impact). We acknowledge receipt within 72 hours and communicate a remediation timeline. Good-faith reports will never lead to legal action.

[email protected]

Questions

For any question about our security posture or to receive additional documents in the context of a partnership or enterprise purchase:

[email protected]