Data Security & Privacy

At Sunflower AI, we understand that live services and events may sometimes include sensitive information.

Our platform is designed to provide real-time translation and captions while minimizing data storage and protecting user privacy. This page explains how data flows through our system, the cloud infrastructure we use, and what privacy controls are available to customers.

1. Cloud Infrastructure (Microsoft Azure)

Sunflower AI's backend services are hosted on Microsoft Azure Cloud in the Sydney (Australia) region, which helps support data residency within Australia.

Microsoft Azure provides enterprise-grade security, compliance certifications, and data protection standards used by governments, financial institutions, and global enterprises.

Azure infrastructure includes features such as:
1. Secure cloud architecture
2. Encryption of data in transit
3. Access controls and monitoring
4. Compliance with global security standards

More information about Microsoft Azure security and data privacy:
(1) Microsoft Azure Security Documentation
https://learn.microsoft.com/en-us/azure/security/
‍(2) Azure Speech Services Data Privacy and Security
https://learn.microsoft.com/en-us/azure/ai-services/speech-service/speech-to-text/data-privacy-security

‍All communication between devices and our servers is protected using secure HTTPS/TLS encryption.

2. Speech-to-Text Processing (Deepgram)
‍
Sunflower AI uses the Deepgram API to convert audio into text in real time.

Deepgram provides enterprise-grade security controls and compliance standards including: SOC 2, HIPAA, GDPR.
‍
Audio streams are processed in real time to generate transcription used for translation and captions. Additional information about Deepgram's data security practices: https://deepgram.com/data-security

‍3. Text Translation (Google Gemini via OpenRouter)
‍
Once speech is transcribed into text, it is sent for translation using Google Gemini models via the OpenRouter API gateway.

Sunflower AI uses Zero Data Retention (ZDR) mode, meaning: Prompts and responses are not stored. Data is not used for model training. Text is processed only for the translation request and then discarded.
‍
More information about Zero Data Retention mode: https://openrouter.ai/docs/guides/features/zdr

‍4. Session History Storage (Supabase – Sydney)
‍
Session history is stored to allow hosts to review transcripts after a session. Session history is stored in Supabase, hosted in the AWS Sydney region (ap-southeast-2).

This helps ensure that stored data remains within Australian data centers. Supabase provides enterprise security features including: SOC 2 Type II compliance, Encryption in transit, Encryption at rest, Secure database infrastructure.

More information about Supabase privacy and security:
(1) Supabase Privacy https://supabase.com/privacy
‍(2) Supabase Security https://supabase.com/security

‍5. Data Storage and Privacy Controls
‍
Sunflower AI is designed to support both real-time processing and optional transcript storage.

For organizations with higher privacy requirements, Sunflower AI can configure accounts to:
‍
1. Disable session transcript storage
2. Disable audience transcript downloads
‍
These options help organizations reduce the retention of sensitive spoken information. If you would like these privacy settings enabled for your account, please contact our team.

6. Contact Us
‍
If you have any questions about data security or privacy, please contact us.
Email: info@sunflowerai.io
Mail Address: PO Box 229 CONCORD NSW 2137
‍