Speko Group, Inc. ("Speko", "we", "us", or "our") provides a voice AI gateway and platform for routing speech-to-text, language model, text-to-speech, and real-time voice agent workloads across providers. This Privacy Policy explains how we handle information for our public website, dashboard, APIs, SDKs, demos, documentation, support channels, and connected integrations.
1. Information We Collect
We collect information in the following categories:
- Account and identity information. Name, email address, organization, authentication identifiers, role, workspace membership, and security settings.
- Platform configuration. Agents, prompts, routing preferences, provider selections, tool definitions, knowledge base metadata, API key metadata, and encrypted provider credentials you choose to store with Speko.
- Voice session and API content. Audio, transcripts, generated responses, tool inputs and outputs, session recordings, phone numbers, request metadata, latency, routing decisions, logs, and usage data generated when you or your users use Speko.
- Integration data. Information from third-party services you connect, such as account identifiers, access tokens, calendars, events, availability, messages, files, or other data exposed by the scopes you approve.
- Website, device, and support data. IP address, browser and device metadata, pages visited, referral source, diagnostics, cookies or similar technologies, support messages, and feedback.
- Billing data. Billing contact details, subscription status, usage credits, invoices, and payment processing records handled by our payment providers.
2. How We Use Information
We use information to:
- create and secure accounts, organizations, workspaces, API keys, and sessions;
- provide the Speko platform, APIs, SDKs, demos, integrations, and support;
- route voice and AI requests to selected providers, perform failover, return transcripts, play generated audio, execute configured tools, and show operational logs;
- measure usage, manage billing, enforce limits, detect abuse, and prevent fraud;
- debug, maintain, secure, and improve Speko services;
- communicate about service updates, security events, support requests, and billing; and
- comply with legal obligations and enforce our terms.
We do not sell personal information. We do not use customer voice session content or Google user data for advertising.
3. Voice, Audio, and Transcript Data
Speko processes voice data so the service can create live voice sessions, transcribe speech, route model requests, synthesize responses, provide observability, and allow customers to inspect or debug their own sessions. Depending on your configuration, Speko may send audio, transcripts, prompts, and related request data to third-party speech, language model, and voice providers selected by the routing system or by your organization.
Session recordings are generally retained for 30 days after a session ends, then deleted by lifecycle policy, unless a different product configuration or legal requirement applies. Customers should avoid sending sensitive information unless their workspace and providers are configured for that use case.
4. Google User Data
Speko's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
If you connect a Google account or install a Google integration, Speko requests only the scopes needed for the feature you choose to use. For example, a calendar integration may use Google account identifiers, calendar lists, event details, availability, and event write access so your configured agents can check schedules, create bookings, update meetings, or perform related actions you authorize.
We use Google user data only to provide and maintain the connected Speko feature, including:
- authenticating the connected Google account;
- displaying and managing integration status inside Speko;
- executing user-configured agent actions, such as reading availability or creating events;
- debugging, securing, and auditing the integration; and
- complying with law, security obligations, and user instructions.
We do not sell Google user data, use it for advertising, or use it to train generalized AI or machine learning models. We do not allow humans to read Google user data except when necessary for security, legal compliance, support you request, or internal operations with appropriate access controls.
5. Sharing and Subprocessors
We share information only as needed to operate Speko or as you direct, including with:
- cloud hosting, database, storage, analytics, security, observability, and support vendors;
- speech, language model, voice, telephony, and media transport providers used to fulfill requests;
- payment processors and billing vendors;
- third-party integrations you connect or instruct Speko to use;
- professional advisors, auditors, and legal authorities when required; and
- successors in a merger, acquisition, financing, or sale of assets.
Customers are responsible for reviewing the third-party providers they configure, including any provider-specific privacy, security, retention, and compliance terms.
6. Cookies and Analytics
We may use cookies, local storage, and similar technologies to keep you signed in, remember preferences, protect against abuse, understand website traffic, and improve the product. Browser settings may let you block or delete some cookies, but the platform may not work correctly without required authentication or security cookies.
7. Data Retention
We retain information for as long as needed to provide Speko, comply with legal obligations, resolve disputes, maintain security, and enforce agreements. Account, billing, audit, and security records may be retained longer than product content where necessary. You may request deletion of your account or certain data by contacting us.
8. Security
We use administrative, technical, and organizational safeguards designed to protect information, including access controls, encryption for sensitive credentials, logging, and monitoring. No system is perfectly secure, so customers should protect their API keys, configure least-privilege integrations, and notify us promptly of suspected misuse.
9. Your Choices and Rights
Depending on your location, you may have rights to access, correct, delete, export, or object to certain processing of your personal information. Workspace administrators can manage many settings directly in the dashboard. You can disconnect integrations, revoke API keys, and request account or data deletion by contacting us.
10. International Transfers
Speko is operated from the United States and may process information in the United States and other countries where we or our subprocessors operate. Those countries may have data protection laws different from the laws where you live.
11. Children
Speko is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
12. Changes
We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide additional notice when required.
13. Contact
Questions or requests about this Privacy Policy can be sent to team@speko.ai.