Security at Twoody
Your trust is the foundation of Twoody. A voice AI assistant overhears private conversations, knows your voice, sees who is in your home, and acts as a gateway to your most sensitive services — messaging, banking, calendar.
This page summarises the measures in place to protect your data, your devices and your conversations. It is kept up to date as our practices evolve.
Last revised: April 2026
Transport and encryption
How data travels between your devices and our servers, and how it is stored at rest.
Read moreAuthentication and sessions
How we issue, store and revoke the tokens that keep you signed in.
Read moreAbuse protection
Rate limits and detection at the edges that matter most.
Read morePersonal data
What we keep, what we redact, and what happens when you leave.
Read moreVoice and face data
How wake-word and face-recognition data is stored and protected.
Read moreTwoody device security
Protections that run on the speaker itself, beyond the cloud.
Read moreMonitoring and transparency
How we watch the platform, and how each change is traced.
Read moreReport a vulnerability
Found a flaw? Please don't publish it before it is fixed. Write to us with technical details (URL, request, observed behaviour, impact). We acknowledge receipt within 72 hours and communicate a remediation timeline. Good-faith reports will never lead to legal action.
[email protected]Questions
For any question about our security posture or to receive additional documents in the context of a partnership or enterprise purchase:
[email protected]