Security

Last updated: 28 February 2026

1. Overview

Security is foundational to LingoVoice. We protect your data at every stage — from the moment audio leaves your microphone through real-time translation and back to your speakers. This page provides a transparent overview of the technical and organisational measures we employ to safeguard your information.

2. Encryption

2.1 In Transit

All connections to LingoVoice are secured with TLS 1.2 or higher. This applies to every communication channel:

• HTTPS — All web traffic and API requests are encrypted via HTTPS. HTTP connections are automatically redirected to HTTPS.
• WSS (WebSocket Secure) — Real-time interpreting sessions use encrypted WebSocket connections for all audio, text, and control messages.

No unencrypted data transmission is permitted at any point in the platform.

2.2 At Rest

All platform data is stored on encrypted volumes provided by DigitalOcean block storage. Data remains protected even in the event of physical media compromise.

2.3 Passwords

User passwords are hashed using bcrypt with 12 salt rounds. Passwords are never stored in plaintext or reversible formats. bcrypt's adaptive cost factor ensures resistance to brute-force attacks as hardware capabilities improve.

3. Authentication & Access Control

3.1 JWT Tokens

• Access tokens — Short-lived tokens with a 15-minute expiry. Automatically refreshed in the background without interrupting the user experience.
• Refresh tokens — 7-day expiry, delivered as httpOnly cookies (not accessible to JavaScript). Stored as irreversible SHA-256 hashes in the database — a database compromise cannot yield valid tokens.

3.2 OAuth

LingoVoice supports sign-in via Google and Microsoft OAuth. For OAuth users, no password is stored on our platform — authentication is delegated entirely to the identity provider.

3.3 Organisation Roles

Organisations on LingoVoice use a role-based access control model with three tiers:

• Owner — Full administrative control, including billing, member management, and organisation settings.
• Admin — Can manage members and rooms, but cannot modify billing or delete the organisation.
• Member — Standard access to interpreting sessions and shared resources.

3.4 Guest Tokens

Guest access is controlled through purpose-built tokens that are:

• Room-specific — Each token grants access only to a single interpreting room.
• Time-limited — Tokens expire automatically after a set duration.
• Revocable — The host can revoke guest access at any time.

4. Data Handling

• Voice data — Audio is processed in real-time via third-party speech-to-text providers. Voice data is streamed directly to the provider, transcribed, and discarded. No audio is ever stored on LingoVoice servers.
• Messages — Chat messages are encrypted in transit and exist only for the duration of an active room session. When all participants leave and the room empties, messages are permanently deleted. Ephemeral by default.
• Transcripts — Session transcripts are only persisted if explicitly exported by the user. Exported transcripts are delivered to the user and are not retained on the platform after export.
• No AI training — Your data is never used to train AI models. All sub-processor agreements explicitly prohibit the use of customer data for model training or improvement.

5. Infrastructure

• Hosting — LingoVoice is hosted on DigitalOcean in the London (LON1) region, ensuring UK data residency for all platform data at rest.
• Reverse proxy — All traffic is routed through nginx, which handles TLS termination, request filtering, and rate limiting before requests reach the application server.
• Process management — The application runs under PM2 with automatic health monitoring, crash recovery, and zero-downtime restarts.
• DNS — DigitalOcean managed DNS with DNSSEC, providing authenticated DNS responses and protection against DNS spoofing attacks.

6. Rate Limiting & Abuse Prevention

LingoVoice employs Redis-backed rate limiting across all API endpoints to prevent brute-force attacks, credential stuffing, and platform abuse:

Additional abuse prevention measures include:

• Disposable email detection — Over 500 known disposable email domains are blocked at registration to prevent throwaway account abuse.
• Browser fingerprinting — Multi-account abuse is detected through browser fingerprint analysis, flagging accounts that share device characteristics with previously flagged users.

7. Sub-processors

LingoVoice engages third-party sub-processors to deliver translation, speech, payment, and infrastructure services. All sub-processors are bound by data processing agreements that require them to protect personal data in accordance with UK GDPR.

For the complete sub-processor list with data shared, hosting locations, and certifications, see our Data Processing Agreement.

8. Incident Response

LingoVoice maintains a documented incident response process. In the event of a personal data breach:

• Affected controllers will be notified within 72 hours of LingoVoice becoming aware of the breach, in accordance with UK GDPR Article 33.
• Notification will include the nature of the breach, the categories and approximate number of data subjects affected, the likely consequences, and the measures taken or proposed to address it.
• LingoVoice will cooperate fully with affected organisations in investigating and mitigating the breach, including assisting with ICO notifications where required.
• All security incidents are documented in an internal breach register, regardless of severity.

To report a security vulnerability or concern, contact security@lingovoice.ai.

9. Contact

For security questions, vulnerability reports, or to request further details about our security practices, please contact us: