Legal

Privacy Policy &
Terms of Service

Last updated: January 2025

Overview

DashVox.ai ("DashVox", "we", "us") provides a voice-first AI assistant for CarPlay, Android Auto, Wear OS, Apple Watch, and Ray-Ban Meta smart glasses. This policy explains how we handle your data depending on which hosting mode you choose.

Self-Hosted Mode

When you self-host DashVox, all data stays on your machine. We have zero access to your conversations, SSH keys, session data, or any other information.

No data is transmitted to DashVox servers. No account is required. No analytics or telemetry is collected. The server runs entirely on your hardware.

Your API keys for Claude, GPT, Gemini, or other LLM providers are stored locally and sent directly from your server to those providers. We never see or store them.

Cloud Mode

When using the cloud service at api.dashvox.ai, the following data is collected and stored:

AuthenticationFirebase Auth — Google, Apple, or email sign-in. We store your user ID, email, and display name.
ConversationsChat messages are stored in PostgreSQL on Google Cloud SQL. Encrypted at rest by Google Cloud.
SSH KeysEncrypted at rest using AES-256. Keys are used only to establish SSH connections on your behalf.
Session MetadataSession names, connection status, timestamps. Used to resume sessions across app launches.
API KeysYour LLM provider API keys are encrypted at rest. They are sent directly to providers and never logged.

Third-Party Services

Cloud mode uses the following third-party services:

Firebase Authentication (Google) — for sign-in. Google Cloud Platform — for hosting, database, and infrastructure. LLM providers (Anthropic, OpenAI, Google) — your API keys are sent to these providers when you make requests.

Each provider has their own privacy policy. We recommend reviewing them.

Data Retention

Cloud data is retained as long as your account is active. You can delete your account and all associated data at any time through the app settings.

Self-hosted data is entirely under your control. Delete it whenever you want.

Security

SSH keys are encrypted at rest using AES-256 encryption. All cloud communication uses TLS 1.3. Firebase handles authentication security. Google Cloud provides infrastructure-level encryption and security.

We never log API keys, SSH passwords, or conversation content in application logs.

Terms of Service

DashVox is provided "as is" without warranty. Use while driving is at your own risk — DashVox is designed to be voice-first and hands-free, but you are responsible for safe driving at all times.

Do not use DashVox in ways that distract from driving. The voice interface is designed for safety, but your attention should always be on the road.

We reserve the right to modify or discontinue the cloud service at any time. Self-hosted installations are unaffected by service changes.

You are responsible for complying with the terms of service of any LLM providers whose APIs you use through DashVox.

Contact

For questions about this privacy policy or terms of service, reach out via the GitHub repository or email.