Security | VoiceMate - Smart Voice-to-Text Chrome Extension

Security

How we protect your privacy and data

Last updated: 03 March 2026

Privacy First Architecture

VoiceMate is built from the ground up with privacy as a core principle. VoiceMate does not collect, store, or have access to your audio data — speech recognition is handled entirely by your browser's built-in Web Speech API.

Browser-Based Recognition

Speech recognition is handled by your browser's built-in Web Speech API. VoiceMate never collects, stores, or has access to your audio data.

No Audio Storage

VoiceMate never stores, records, or retains your audio. We only receive the transcribed text output from your browser's speech recognition engine.

Encrypted Connections

All communications with our servers (for license validation only) use TLS 1.3 encryption to protect data in transit.

Minimal Permissions

VoiceMate only requests the permissions it absolutely needs: microphone access and active tab access.

How VoiceMate Works

Privacy-First Architecture

Your Voice

Your Browser
(Web Speech API)

Your Text

VoiceMate never collects your audio

Technical Security Measures

Chrome Extension Security

  • Manifest V3: Built with Chrome's latest and most secure extension platform
  • Content Security Policy: Strict CSP to prevent XSS attacks
  • Minimal permissions: Only requests microphone and activeTab permissions
  • No remote code execution: All code is bundled within the extension

Data in Transit

  • TLS 1.3: All server communications encrypted with the latest TLS standard
  • HTTPS only: No unencrypted connections allowed
  • HSTS: HTTP Strict Transport Security enforced via Cloudflare

Payment Security

  • Stripe: Payments processed by PCI DSS Level 1 compliant provider
  • No card storage: We never see or store your full card details
  • 3D Secure: Additional authentication layer for card payments

What We Don't Do

  • ❌ We never record, store, or have access to your audio — speech recognition is handled by your browser
  • ❌ We never sell your data to third parties
  • ❌ We never use your data for advertising
  • ❌ We never train AI models on your data

Compliance & Standards

  • GDPR compliant: Full compliance with UK and EU data protection laws
  • Data Protection Act 2018: Compliant with UK data protection legislation
  • ICO registered: Registered with the Information Commissioner's Office (Registration: ZB939246)
  • Chrome Web Store policies: Compliant with all Google extension policies

Vulnerability Disclosure

We take security seriously. If you discover a security vulnerability in VoiceMate, please report it responsibly:

  • Report via our Support Centre
  • Include detailed steps to reproduce the issue
  • Allow reasonable time for us to address the issue before public disclosure

We appreciate your help in keeping VoiceMate secure and will acknowledge security researchers who report valid vulnerabilities.

Regular Security Updates

We continuously monitor and improve VoiceMate's security:

  • Regular dependency updates to patch known vulnerabilities
  • Periodic security reviews of our codebase
  • Monitoring for new security threats and best practices
  • Prompt response to any reported security issues

Questions?

If you have questions about VoiceMate's security practices, please contact us:

MAGIX AI NW LTD
Company Number: 16697038
20-22 Wenlock Road
London, N1 7GU
United Kingdom

Email: [email protected]