Privacy Architecture

At Truly, we prioritize data privacy and security. Our architecture is designed to ensure that no private audio or video data is stored on our servers.

Data Flow Diagram

The diagram below illustrates how data flows through our system while maintaining privacy:

Key Privacy Features

No Raw Data Storage

Voice and Video Data: Raw audio and video files are processed in memory and never stored on our servers
Vector Representations Only: We only store mathematical vector representations that cannot be reversed to recreate the original audio/video

Client-Controlled Storage

Optional Storage: Clients can choose to store data in their own AWS S3 or GCP buckets
Client-Owned Keys: All storage is controlled by client-owned encryption keys
No Truly Access: Truly has no access to data stored in client buckets

Secure Processing

In-Memory Processing: All data processing happens in memory
Encrypted Transit: All data is encrypted in transit using TLS 1.3
Ephemeral Compute: Processing servers use ephemeral storage that is wiped after each session

Compliance

Our architecture is designed to help you maintain compliance with:

GDPR
CCPA/CPRA
HIPAA (with appropriate BAA)
SOC 2 Type II

For more information about our security practices, please contact our security team.

Getting Started

​Privacy Architecture

​Data Flow Diagram

​Key Privacy Features

​No Raw Data Storage

​Client-Controlled Storage

​Secure Processing

​Compliance