How we protect your voice and your data · Updated July 2026
Encryption
Everything sensitive — your email, transcriptions, saved snippets, and vocabulary — is encrypted in our database using AES-256-GCM, an authenticated encryption standard used by governments and banks.
The part that matters most: the master key never lives on our servers or in our database. It's held in AWS Key Management Service (KMS), a hardware-backed vault. Our application asks KMS to unlock a working key at startup and never sees the master key itself. That means even in the worst case — someone getting a copy of our database — the data stays encrypted and unreadable without AWS KMS.
In transit, every connection is protected with TLS (HTTPS) — every API call, every transcription, every response.
Your voice
Your voice recordings are never saved — not on our servers, not in our database. Audio is held in memory only long enough to transcribe it, then immediately discarded. We keep the resulting text (encrypted), never the sound of your voice.
Your rights
reiwrite is built with GDPR in mind. Concretely, that means you control your data:
Transparency
We rely on a small set of trusted providers to run the service. Each only receives what it needs for its specific job:
Amazon Web Services (AWS)
Cloud hosting and encryption key management (AWS KMS). Region: Asia Pacific (Mumbai).
OpenAI
Speech-to-text transcription and AI text refinement. Audio and text are sent for processing and returned; we store only the resulting text.
MongoDB Atlas
Encrypted database for your account and transcription history (AWS-hosted infrastructure).
Razorpay
Payment processing for credit purchases. We never see or store your card details.
Microsoft
Optional email integration — only if you connect a mailbox.
Accounts & access
Contact
Found something, or have a question about how we handle data? Email security@reiwrite.com. For the full legal detail, see our Privacy Policy.