Hecttor logo
Security architecture

Security at Hecttor

Security built into the architecture

Hecttor is designed with a local-first, privacy-by-design approach, minimizing data exposure while meeting enterprise security standards.

Security architecture
Audio never leaves the device

AUDIO NEVER LEAVES THE DEVICE

All voice processing happens locally on the user's device.

We never record, transmit, or store call audio or conversation content.

The cloud is used only for license verification, authentication, & updates.

OUR SECURITY MODEL

LOCAL-FIRST. CLOUD-MINIMAL.

A unified SDK combining speaker isolation, turn-taking, and voice activity detection to deliver cleaner, structured audio for Voice AI systems.

On-Device Processing

All real-time voice processing happens in memory on the user's device. No audio is sent to or processed in the cloud.

Minimal Data Exposure

We handle only the data needed to run the service, such as primarily licensing information. No conversations, transcripts, or metadata are stored.

Reduced Attack Surface

With no cloud audio and minimal data collection, we dramatically reduce the risk of breach, misuse, or unauthorized access.

PRIVACY BY DESIGN

Privacy is the default

Most systems struggle not because of models, but because conversations are not properly structured:

  • No audio retention or call recording
  • No hidden data collection
  • No analytics without consent
  • Built to simplify GDPR compliance
Privacy is the default

Enterprise Security Controls

  • AES-256 encryption at rest

  • TLS 1.2 / 1.3 encryption in transit

  • Certificate pinning

  • Role-based access control (RBAC)

  • Multi-factor authentication

  • Hardened cloud infrastructure (AWS / GCP)

Monitoring & Resilience

  • 24/7 monitoring and alerting

  • Intrusion detection and anomaly tracking

  • DDoS protection via Cloudflare

  • Multi-zone cloud infrastructure for high availability

  • Incident response process and runbooks

Vulnerability Management

  • Regular vulnerability scanning

  • Independent penetration testing

  • Timely patching and updates

  • Secure development lifecycle and code reviews

Compliance & Certifications

  • hello

    SOC 2 Type II Certified

    Audited by Grant Thornton
  • hello

    GDPR Compliant

    Aligned with EU data protection regulations
  • hello

    ISO Aligned Infrastructure

    ISO 27001, 27017, and 27018 aligned – AWS / GCP
  • hello

    Annual Audits & Reviews

    Continuous review of controls, policies, and procedures

What This Means For You

  • Your audio stays in your environment.

  • No sensitive conversations are stored or shared.

  • Security risk is minimized by design.

  • Compliance is built-in, not bolted on.

  • You stay in control of your data.

Secure by design

SECURE BY DESIGN. READY FOR ENTERPRISE.

Learn more about our security practices or request documentation.