The recordings you make with Tayle are some of the most personal data you'll ever create — a parent's laugh, a grandparent's accent, a story told in a voice that won't always be here. We treat them accordingly.
Every connection to Tayle is TLS. Stories, transcripts, and media are encrypted at rest in our storage layer.
Every Tayle starts private. You decide which family members can listen, edit, or contribute — one person at a time.
Your recordings and stories are not used to train general-purpose or third-party AI models. Our vendors are contractually held to the same line.
We've made deliberate choices about how Tayle is built. Here's what that looks like in practice.
All traffic between your device and Tayle uses TLS 1.2 or newer. Recordings, transcripts, photos, videos, and documents are stored encrypted at rest. Backups are encrypted.
Sign-in is handled by Supabase Auth. Passwords are stored hashed, never in plain text. Access to your account requires your password and is rate-limited against guessing attacks. We recommend choosing a long, unique password and not reusing it elsewhere.
Every Tayle is private until you decide otherwise. Collaborators are added by invitation. You can change permissions or revoke access at any time. Only you, as the owner of a Tayle, can delete it.
Tayle runs on audited cloud infrastructure (Supabase for storage and database, Stripe for payments, Vapi for real-time voice AI). Each vendor is bound by a data processing agreement that restricts use of your data to providing services to us. The full list of subprocessors is in the Privacy Policy.
Only a small number of Tayle team members can access production systems, and only for support, debugging, and infrastructure operations. Access is role-based and logged. Tayle Concierge team members work with recordings only for the engagement they're staffed on, under written confidentiality.
Your stories are continuously backed up so a single hardware failure can't lose them. Backups are retained according to the windows in our Privacy Policy and deleted along with the underlying data when you delete an account.
We monitor service health and error rates continuously and review unusual patterns. If we detect a security event that affects your data, we will notify you and any required regulators within the timelines required by law.
You can export your stories, transcripts, and media at any time. You can delete individual stories, entire Tayles, or your whole account. We honor deletion within the windows described in our Privacy Policy.
If you believe you've found a security issue in Tayle, please report it privately so we can fix it before anyone else is affected. Email security@tayle.co with as much detail as you can — steps to reproduce, the version or URL involved, and the impact you observed.
We commit to acknowledging reports within three business days, working with you in good faith to resolve verified issues, and not pursuing legal action against researchers who follow this process and avoid harm to users.
Transform cherished moments into lasting legacies.