privacy-first

Your career lives on your phone

VoxFolio is built so your most sensitive data — your work history, your projects, your goals — is never stored on our servers. Not marketing. Architecture.

device

your phone

dictations
knowledge base
generated CVs
sync log

~/voxfolio/users/[hash]/voxfolio.db

server

voxfolio.app

Google profile + OAuth
token quota
call metadata

postgres · neon

llm

LLM providers

OpenAI (Whisper)
Google (Gemini)
Anthropic (Claude)

transient · no retention

What stays on your device

All career data — dictations, extracted knowledge, generated CVs — lives in a SQLite database on your phone. Separate directory per Google account with a hashed name, so accounts on the same device can't read each other's data. The database is currently protected by your OS app sandbox — database-level encryption is on our roadmap.

What's on the server

Google account basics (email, name, profile picture, preferred language)
OAuth tokens (for sign-in)
Subscription tier and token quota counter
Call log: when an LLM call happened and with which model (no content)
Live Voice session durations (no content)

What's NEVER stored off-device

The full text of your dictations
Your knowledge base (companies, projects, skills)
The content of generated CVs
Job postings you paste in

Our processors

During LLM processing, data briefly passes through third parties: OpenAI (transcription + language models), Google (Gemini models), Anthropic (Claude models), Vercel (API proxy, hosting). We log server-side that a call happened (for quota accounting), not its content.

You're in control

Log out anytime — your data stays on the device
Delete account — all server-side data is permanently wiped
Export — your knowledge base downloadable as JSON
View token usage — see what you've spent this month (in Settings)

/legal: Privacy Policy · Terms of Service