Security | Voto

We're a small company building a consumer product. We take security seriously, but we don't pretend to be a bank. Here's exactly what we do.

In transit

Every request between your iPhone, this website, and our backends goes over TLS 1.2+.
Our TLS certificates are issued by Google Trust Services via Cloudflare.
We HSTS-preload the root domain; browsers will refuse any downgrade.

At rest

Your account data is stored in Convex (AES-256 at rest).
Contact-form and tool-submission data is stored in a Cloudflare KV namespace encrypted at rest, with a one-year TTL.
Your prompts are stored in your personal library — tied to your account, never shared with other Voto users.
Passwords: we never store them. Authentication is handled by Clerk, which uses modern password hashing and supports passkeys.

Model providers

When Voto sends your prompt to a model (Anthropic, OpenAI), it's sent over their enterprise APIs, which contractually do not retain your data for training.
Your prompts are never shared with model providers outside the exact request they're answering.

Payments

We never touch your card number. App Store subscriptions go through Apple; web subscriptions go through Dodo Payments, which is PCI-DSS Level 1.
We store only an opaque subscription identifier linking your Voto account to the payment provider.

Access control

Short list of engineers have production access.
All production access requires SSO + hardware 2FA (YubiKey).
We keep an audit log of every production read that touches customer data. We review it monthly.

Reporting a vulnerability

If you find a security issue, please email security@try.voto. We'll reply within one business day. We don't have a paid bug-bounty programme yet, but we'll credit you (with permission) once the issue is fixed, and we'll never threaten researchers acting in good faith.