Talkniva
EN|PT
Start now

Security

Last updated: June 5, 2026

At Talkniva, security and privacy are a priority, not an afterthought. This page lays out, in plain language, the controls we have in place to protect your calls and your data.

Last updated: June 10, 2026.

The promise that matters most

We do not record or store your calls. Not the audio, not the video, not transcripts. Your speech is translated in real time and is not retained after the call. Captions are generated live, shown on screen only, and never saved. We do not sell your personal data, and we do not use your conversations to train AI models.

How your conversation is protected

  • Encrypted in transit. Everything travels over HTTPS/TLS, and the live audio and video use encrypted real-time media (WebRTC).
  • Translation is transient. Your speech is processed in real time only to produce the translation, and then it’s gone — we don’t keep a copy.
  • Nothing stored on our side. Our providers process the audio in the moment to generate the translation and captions; Talkniva doesn’t store it.

The practical security model is simple: a room exists so people can talk live, not so Talkniva can create a record of the meeting. The application needs temporary access to audio and video while the call is happening, because that is how live translation works. Once the call is over, the content of the conversation is not available to us as a recording, transcript, or saved caption log.

This also means that our troubleshooting focuses on technical signals rather than conversation content. We may use error reports, delivery status, room state, participant status, and usage metadata to understand whether the product is working. We do not need the words spoken in the meeting to investigate most failures, and we do not design the product around collecting them.

Room access controls

  • Unguessable links. Every room has a random, unguessable identifier.
  • The host approves every guest. Someone who opens the link waits in a lobby until the host explicitly lets them in — the host sees the guest’s name and decides. Nobody joins a room uninvited.
  • Scoped access. Each participant’s access is locked to a single room (a token for one room can’t be reused for another), and participants can’t inject or spoof the live captions.

Guests join through the browser and do not need a Talkniva account. That lowers friction, but the host remains in control of admission. For scheduled rooms and shared links, the same principle applies: possession of a link is not meant to silently bypass the host’s decision. A person who should not be in the conversation should not be approved into the room.

Rooms are private product surfaces. They do not load product analytics, session replay, support beacons, or cookie-consent banners. Technical error monitoring is allowed so we can detect crashes and application failures, but it is scoped to fixing the product, not observing private conversations.

Account security

  • Passwords are hashed. We store passwords only as a salted scrypt hash, never in plain text — so even we can’t read them.
  • Sessions you control. Sign-in uses a short-lived, http-only session cookie; resetting your password ends your other sessions.
  • Abuse protection. Sign-in, sign-up, and password reset are rate-limited to slow automated attacks. Password-reset links are single-use and expire.
  • Modern web hardening. A Content-Security-Policy and standard security headers protect the site in your browser.

The administrative area has additional controls because it can expose customer and operational visibility. Admin access is limited to authorized accounts, and sensitive admin actions can require an extra verification step. This is separate from the normal customer session so that switching back into administrative mode is treated more carefully than ordinary app navigation.

Your data and your rights

  • We collect only what we need to run the service and bill active guest time — see the Privacy Policy for the full list.
  • Delete your account and data yourself, anytime, from your dashboard.
  • LGPD. We operate under Brazil’s data-protection law (LGPD) and honor your rights over your data.

Billing and usage records exist so customers can understand their balance and so we can operate the service transparently. Guest-hours are based on active guest time, and room usage may be shown down to seconds. Those records are different from call content: they tell us that a room existed, which languages were selected, and how much guest time was consumed, but not what people said.

We keep financial and account records only as needed for the service and for legal obligations. If you delete your account, we remove what we can remove and keep only records that law or legitimate operational needs require us to keep.

Payments

Payments are processed by Stripe (PCI-compliant). Your card details are entered on Stripe and never touch Talkniva’s servers.

Reporting a security issue

Found something that looks off? We want to hear about it. Use the message icon in the bottom-right corner of any page to reach us, and we’ll look into it.

Talkniva is a product of CCAMPELO TECH LTDA. For how we handle personal data, see our Privacy Policy; for the terms of use, see our Terms.

Questions?

There's no email to dig up — just use the message icon in the bottom-right corner of the site. Privacy and data requests go there too.

Talkniva is a product of CCAMPELO TECH LTDA, incorporated in Brazil.