The short version: We are designed around the principle that your data belongs to you. We collect the minimum information necessary to run the service. Your messages and files are end-to-end encrypted — we cannot read them. You can delete everything at any time.
The data controller responsible for processing your personal data is:
| Company | Faruk AB (trading as Monopeak) |
| Org. number | 559473-3494 |
| Registered address | Hotellgatan 3, 311 31 Falkenberg, Sweden |
| Contact email | [email protected] |
| Supervisory authority | Integritetsskyddsmyndigheten (IMY), Sweden — www.imy.se |
Faruk AB is established in Sweden and is subject to the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Swedish Data Protection Act (Lag (2018:218) med kompletterande bestämmelser till EU:s dataskyddsförordning).
The table below describes every category of personal data processed by YourVoices, its purpose, legal basis under GDPR, and where it is stored.
| Data | Purpose | Legal basis | Location |
|---|---|---|---|
| Voice embedding 512-dimensional mathematical vector derived from your voice — not a raw audio recording |
Identity creation and future login verification | Art. 6(1)(a) + Art. 9(2)(a) GDPR — explicit consent | On-device Server (centroid only) |
| Sovereign ID (V-ID) A unique identifier generated on your device at registration |
Account identification across sessions and devices | Art. 6(1)(b) — performance of contract | On-device Server |
| Public encryption key X25519 public key — the private key never leaves your device |
Enable end-to-end encrypted messaging between users | Art. 6(1)(b) — performance of contract | Server (public only) |
| Email address Optional — provided voluntarily |
Verification to unlock additional Bunker storage (+2 GB) | Art. 6(1)(a) GDPR — consent | Server |
| Profile information Display name, profile photo, bio — entirely optional |
User-chosen public identity on the platform | Art. 6(1)(a) GDPR — consent | Server Publicly visible |
| Encrypted messages & media Whisper messages, shared media files |
Private communication between users | Art. 6(1)(b) — performance of contract | Bunker (E2E encrypted) |
| Call logs Metadata about voice calls (not call audio content) |
Call history in the app | Art. 6(1)(b) — performance of contract | Bunker (E2E encrypted) |
What we never collect: raw audio recordings, location data, device identifiers (IMEI, advertising ID), browsing history, behavioural tracking data, or any information from contacts on your device.
Profile information is public. Any display name, photo, or biography you add in your account settings is visible to all users of the platform. Do not include information there that you wish to keep private.
All data is stored within the European Economic Area (EEA):
We do not use cloud services outside the EEA for storing personal data. No data is transferred to third countries.
There are no automatic retention periods that extend beyond account deletion. When you delete your account, all server-side data is permanently erased with no recovery possible.
We do not sell, rent, or trade your personal data to any third party.
The only third parties involved in data processing are our infrastructure providers, acting as data processors under Article 28 GDPR:
We may disclose data if required by a valid legal order from a Swedish or EU authority. We will notify you of any such request unless prohibited by law.
Public profile data (display name, photo, bio) is visible to all registered users of the platform by design, as you have explicitly chosen to publish it.
As a data subject under the GDPR, you have the following rights:
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
Voice data is classified as a special category of personal data under Article 9 GDPR (biometric data processed for the purpose of uniquely identifying a natural person).
Important technical clarification: YourVoices does not store raw audio recordings. The voice registration process converts your voice into a 512-dimensional mathematical vector (embedding) using an on-device AI model. This embedding is a mathematical abstraction — it cannot be converted back into audio. Only this vector, and a statistical centroid of your enrolment samples, is stored.
Processing of voice biometric data is based on your explicit consent (Art. 9(2)(a) GDPR), provided at registration when you record your voice samples. You can withdraw this consent at any time by deleting your account, which removes all voice data from our systems.
We do not use voice data for any purpose other than identity verification within the YourVoices platform. Voice data is never shared with third parties, never used for advertising, and never used to train AI models after your initial embedding is computed.
YourVoices is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you are under 16, please do not use the app or provide any information through it.
If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to delete that information immediately. If you believe we may have inadvertently collected data from a minor, please contact us at [email protected].
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where required by law, notify you within the app.
We encourage you to review this policy periodically. Continued use of YourVoices after changes become effective constitutes your acceptance of the revised policy.
For any privacy-related questions, data access requests, or to exercise your GDPR rights, contact:
| [email protected] | |
| Postal address | Faruk AB, Hotellgatan 3, 311 31 Falkenberg, Sweden |
| Response time | Within 30 days of receiving your request |
If you are not satisfied with our response, you have the right to contact the Swedish Data Protection Authority (IMY) at www.imy.se.