Skip to main content

Security overview: your top questions answered

Quick answers to the most common security questions: where is my data stored, is Speak HIPAA compliant, and do you train AI on my data.

Written by Speak Ai
Updated over 2 weeks ago

Where is my data stored?

Speak AI stores your files and account data in Canada Central (MongoDB) and US North (AWS) regions. All data is encrypted at rest and in transit. When you use features like transcription and AI analysis, your content is processed by our infrastructure partners. Processing may occur in the United States. Enterprise customers can discuss custom data residency configurations with our team.

Does Speak AI train AI models on my data?

No. Your content is never used to train AI models. We have Business Associate Agreements (BAAs) with our AI providers (OpenAI and Anthropic) that contractually prohibit model training on customer data. When you use transcription, AI Chat, or summaries, your data is sent to providers solely to process your request and return results. It is not stored by them for training.

We may review anonymized usage patterns and debug transcription or AI Chat interactions to improve our prompts, instructions, and in-app experience. This is operational improvement, not model training.

When you use features like Custom Vocabulary or configure AI Agents with custom instructions, you are choosing to provide data that shapes how AI models respond within your account context. This is user-directed and stays within your account.

What about HIPAA?

Speak AI completed a HIPAA compliance assessment in 2021 and maintains the security controls and practices established during that process. We execute Business Associate Agreements (BAAs) with our AI infrastructure providers including OpenAI and Anthropic. We do not hold a current third-party HIPAA audit. Organizations with specific HIPAA requirements should contact us to discuss their compliance needs and BAA execution.

Is my data secure during the free trial?

Yes. The same security protocols apply to all accounts, whether on a free trial or a paid plan.

Can I delete my data?

Yes. You have full control over your data. Delete individual files, folders, or your entire account from Settings > Data Management. Data deletion is permanent and irreversible.

What encryption do you use?

All data stored on Speak AI is encrypted at rest using industry-standard encryption. Data in transit is protected via TLS/HTTPS. Encryption keys are rotated regularly.

What about vulnerability management?

We run automated dependency scanning and vulnerability assessments through our development pipeline (including GitHub security scanning). We monitor for security advisories across our technology stack and apply patches promptly.

What AI providers do you use?

Speak AI integrates with the following providers:

  • AI Processing: OpenAI (BAA in place), Anthropic/Claude (BAA in place), Google Gemini

  • Transcription: AWS Transcribe, Microsoft Azure Speech, Deepgram, AssemblyAI

  • Infrastructure: AWS (cloud/storage), MongoDB Atlas (database, Canada Central)

All providers are bound by data processing agreements. See our Privacy Policy for the complete third-party provider list.

Detailed policies

For comprehensive security documentation, browse our full Security & Privacy collection.

Have a specific security question? Send us a message or email [email protected].

Related Articles
What Does Speak Do For Security?
Network Security Policy
Physical Security Policy
Disaster Recovery Plan
Offsite Backup & Storage Policy
Did this answer your question?