CHANL AI PRIVACY POLICY

Last Updated: January 1, 2025 Effective Date: January 1, 2025

1. INTRODUCTION

Elemente, Corp. ("Elemente," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our voice AI testing platform, optimization services, websites, applications, and related services (collectively, the "Services").

This Privacy Policy applies to all users of our Services, including visitors, registered users, customers, and individuals whose voice data may be processed through our platform. By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.

IMPORTANT NOTICE REGARDING VOICE DATA: Our Services involve the processing of voice recordings and biometric voice characteristics. Voice data is considered sensitive personal information under various privacy laws. Please review Section 4 carefully for details about how we handle voice and biometric data.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

Account Information

  • Name, email address, phone number
  • Company name and business information
  • Billing and payment information
  • Account credentials and authentication data

Service Data

  • Voice recordings submitted for testing
  • Call transcripts and metadata
  • Testing scenarios and parameters
  • API configuration and integration settings
  • Customer support communications

Professional Information

  • Job title and role
  • Industry and use case information
  • Technical requirements and preferences

2.2 Information Collected Automatically

Usage Data

  • Service feature usage and interactions
  • Performance metrics and analytics
  • Error logs and debugging information
  • API calls and response data

Device and Technical Information

  • IP address and approximate location
  • Browser type and version
  • Operating system and platform
  • Device identifiers and characteristics
  • Network and connectivity information

Cookies and Tracking Technologies

  • Session cookies for authentication
  • Analytics cookies (with consent where required)
  • Performance and functionality cookies
  • For details, see our Cookie Policy

2.3 Information from Third Parties

Platform Integration Data

  • Data from integrated voice AI platforms (Bland, Vapi, Synthflow, etc.)
  • OAuth tokens and authentication credentials
  • Platform-specific identifiers and metadata

Business Information Services

  • Company verification and credit information
  • Public business records and profiles

3. HOW WE USE YOUR INFORMATION

3.1 Primary Purposes

We use your information to:

Provide and Improve Services

  • Execute voice AI testing and optimization
  • Process and analyze voice recordings
  • Generate performance reports and insights
  • Maintain and improve Service functionality

Account Management

  • Create and manage user accounts
  • Process payments and billing
  • Provide customer support
  • Send service-related communications

Safety and Security

  • Detect and prevent fraud
  • Monitor for security threats
  • Enforce our Terms of Service
  • Comply with legal obligations

3.2 Legal Bases for Processing (GDPR)

For users in the European Economic Area, we process personal data based on:

  • Contract Performance: Processing necessary to provide our Services
  • Legitimate Interests: Improving Services, security, and business operations
  • Consent: For marketing communications and optional data processing
  • Legal Obligations: Compliance with applicable laws and regulations
  • Vital Interests: Protecting health and safety in emergency situations

4. VOICE DATA AND BIOMETRIC INFORMATION

4.1 Special Notice About Voice Data

Voice as Biometric Data: Voice recordings and voiceprints are considered biometric data under many privacy laws, including Illinois BIPA, GDPR, and California CPRA. We treat voice data with enhanced security measures.

Voice Data Collection: We collect voice recordings solely for the purposes of:

  • Testing AI voice agents
  • Analyzing conversation quality
  • Generating optimization recommendations
  • Training our AI testing personas (with explicit consent)

4.2 Voice Data Processing Safeguards

  • Encryption: All voice data is encrypted in transit and at rest
  • Access Controls: Strict role-based access limitations
  • Anonymization: Voice data is anonymized where possible
  • Retention Limits: Voice recordings are deleted per our retention schedule
  • No Voice Cloning: We do not create voice clones or synthetic voices of individuals
  • Purpose Limitation: Voice data is only used for stated purposes

4.3 Consent for Biometric Processing

Where required by law (including Illinois, Texas, Washington, and other states with biometric laws), we obtain explicit consent before collecting or processing biometric voice data. You may withdraw consent at any time by contacting us at privacy@chanl.ai.

4.4 Voice Data Rights

You have specific rights regarding your voice data:

  • Right to access voice recordings
  • Right to delete voice data
  • Right to restrict processing
  • Right to object to certain uses
  • Right to data portability

5. INFORMATION SHARING AND DISCLOSURE

5.1 We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for their commercial purposes.

5.2 How We Share Information

We may share information in the following circumstances:

Service Providers

  • Cloud infrastructure providers (AWS, Google Cloud)
  • Payment processors
  • Analytics and monitoring services
  • Customer support tools
  • Professional service providers

Platform Partners

  • Voice AI platforms (only with your authorization)
  • Integration partners (with consent)
  • Technology partners for service delivery

Legal and Safety

  • To comply with legal obligations
  • To respond to lawful requests and legal process
  • To protect rights, property, and safety
  • To detect and prevent fraud or security issues

Business Transfers

  • In connection with mergers, acquisitions, or asset sales
  • During bankruptcy or dissolution proceedings

Aggregated Information

  • We may share aggregated, anonymized data that cannot identify individuals

5.3 International Data Transfers

We may transfer data internationally. We ensure appropriate safeguards through:

  • Standard Contractual Clauses (EU)
  • Data processing agreements
  • Adequacy determinations where applicable
  • Additional security measures

6. DATA RETENTION

6.1 Retention Periods

We retain personal information for as long as necessary to:

  • Provide requested services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements

Specific Retention Periods:

  • Account information: Duration of account plus 3 years
  • Voice recordings: 90 days unless extended by customer
  • Testing data: 1 year from test completion
  • Billing records: 7 years per legal requirements
  • Marketing data: Until opt-out or 3 years of inactivity

6.2 Deletion Procedures

Upon expiration of retention periods or valid deletion requests:

  • Data is permanently deleted from production systems
  • Backups are purged within 90 days
  • Deletion is verified through audit logs

7. YOUR PRIVACY RIGHTS

7.1 Rights for All Users

Regardless of location, you have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion of your data
  • Opt-out of marketing communications
  • Request information about our data practices

7.2 California Privacy Rights (CCPA/CPRA)

California residents have additional rights:

Right to Know

  • Categories of personal information collected
  • Sources of personal information
  • Purposes for collection and use
  • Categories of third parties with whom we share data
  • Specific pieces of personal information

Right to Delete

  • Request deletion of personal information
  • Exceptions apply for legal and operational requirements

Right to Correct

  • Request correction of inaccurate information

Right to Limit Use of Sensitive Personal Information

  • Limit use of sensitive data (including biometric data)
  • Opt-out of certain processing activities

Right to Non-Discrimination

  • No discrimination for exercising privacy rights
  • Equal service and pricing regardless of privacy choices

Do Not Sell or Share

  • We do not sell personal information
  • To opt-out of sharing for cross-context behavioral advertising: [Do Not Sell or Share My Personal Information]

Authorized Agents

  • You may designate an agent to make requests
  • Agents must provide proof of authorization

7.3 European Privacy Rights (GDPR)

EEA residents have additional rights:

Data Subject Rights

  • Right to access (data portability)
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to object to processing
  • Rights regarding automated decision-making

Consent Withdrawal

  • Withdraw consent at any time
  • Does not affect lawfulness of prior processing

Supervisory Authority Complaints

  • Lodge complaints with data protection authorities

7.4 Other State Privacy Rights

Colorado (CPA)

  • Similar rights to CCPA
  • Right to opt-out of profiling
  • Universal opt-out mechanisms honored

Virginia (VCDPA)

  • Consumer rights similar to CCPA
  • Right to appeal decisions

Connecticut, Utah, and Other States

  • Rights vary by state
  • Contact us for state-specific information

8. EXERCISING YOUR RIGHTS

8.1 How to Submit Requests

Online Form: [Privacy Rights Request Form] Email: privacy@chanl.ai Phone: 1-800-XXX-XXXX Mail: Chanl AI Privacy Team, [Address]

8.2 Verification Process

To protect your privacy, we verify identity before processing requests:

  • Account holders: Login credentials
  • Non-account holders: Information matching
  • Authorized agents: Written authorization
  • Additional verification for sensitive requests

8.3 Response Timeline

  • Acknowledgment: Within 10 business days
  • Response: Within 30-45 days (varies by law)
  • Extensions: May extend by additional 30-45 days with notice

9. DATA SECURITY

9.1 Security Measures

We implement industry-standard security measures:

Technical Safeguards

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Multi-factor authentication
  • Regular security audits and penetration testing
  • Intrusion detection and prevention systems

Organizational Safeguards

  • Role-based access controls
  • Security training for personnel
  • Confidentiality agreements
  • Vendor security assessments
  • Incident response procedures

Physical Safeguards

  • Secure data centers
  • Access controls and monitoring
  • Environmental controls

9.2 Data Breach Notification

In the event of a data breach:

  • Affected individuals notified within 72 hours (where required)
  • Regulatory notifications per legal requirements
  • Breach details and mitigation steps provided
  • Credit monitoring offered where appropriate

10. CHILDREN'S PRIVACY

Our Services are not directed to children under 16. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will promptly delete it. Parents who believe we have information about their child should contact privacy@chanl.ai.

11. MARKETING AND COMMUNICATIONS

11.1 Marketing Preferences

Opt-In Communications

  • Promotional emails (with consent)
  • Product updates and newsletters
  • Event invitations
  • Marketing surveys

Transactional Communications

  • Service notifications
  • Security alerts
  • Billing and payment notices
  • Legal updates

11.2 Opting Out

Email: Unsubscribe link in emails Account Settings: Manage preferences Contact: privacy@chanl.ai

12. COOKIES AND TRACKING

12.1 Cookie Categories

Essential Cookies

  • Authentication and security
  • Load balancing
  • User preferences

Analytics Cookies (with consent)

  • Usage patterns
  • Performance metrics
  • User experience optimization

Marketing Cookies (with consent)

  • Ad effectiveness
  • Remarketing (limited)
  • Conversion tracking

12.2 Cookie Management

Browser Controls: Adjust browser settings Cookie Banner: Manage preferences Global Privacy Control: We honor GPC signals

13. THIRD-PARTY SERVICES AND LINKS

Our Services may contain links to third-party websites and services. We are not responsible for their privacy practices. We encourage you to review their privacy policies before providing personal information.

14. CALIFORNIA PRIVACY DISCLOSURE

14.1 California Shine the Light

California residents may request information about disclosures to third parties for direct marketing. We do not share personal information for third-party direct marketing.

14.2 California Do Not Track

We honor Do Not Track signals by not tracking users across third-party websites.

14.3 CCPA Metrics (Previous Year)

Requests Received:

  • Access requests: [Number]
  • Deletion requests: [Number]
  • Opt-out requests: [Number]

Response Metrics:

  • Average response time: [Days]
  • Requests complied with: [Percentage]
  • Requests denied: [Number and reasons]

15. INTERNATIONAL USERS

15.1 EU/EEA/UK Users

Data Controller: Chanl AI, Inc. EU Representative: [Name and Contact] UK Representative: [Name and Contact] Lawful Basis: See Section 3.2 Data Protection Officer: dpo@chanl.ai

15.2 Cross-Border Transfers

We transfer data internationally using:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Your explicit consent
  • Other valid transfer mechanisms

16. AUTOMATED DECISION-MAKING

16.1 AI Processing Disclosure

Our Services use artificial intelligence for:

  • Voice analysis and scoring
  • Pattern recognition
  • Performance optimization recommendations
  • Anomaly detection

16.2 Your Rights

You have the right to:

  • Request human review of automated decisions
  • Understand the logic involved
  • Challenge automated decisions
  • Opt-out where legally required

17. CHANGES TO THIS POLICY

We may update this Privacy Policy to reflect:

  • Changes in our practices
  • New legal requirements
  • Service enhancements

Notification Methods:

  • Email for material changes
  • Website notice
  • In-app notifications

Effective Date: Changes effective 30 days after posting unless stated otherwise

18. ACCESSIBILITY

This Privacy Policy is available in alternative formats:

  • Screen reader compatible version
  • Large print version
  • Additional languages upon request

Contact accessibility@chanl.ai for assistance.

19. CONTACT INFORMATION

19.1 General Privacy Inquiries

Chanl AI Privacy Team Email: privacy@chanl.ai Phone: 1-800-XXX-XXXX Mail: Chanl AI, Inc. Attn: Privacy Team [Address]

19.2 Data Protection Officer

Email: dpo@chanl.ai Phone: [DPO Phone]

19.3 EU Representative

[Representative Name] [EU Address] Email: eu-privacy@chanl.ai

19.4 UK Representative

[Representative Name] [UK Address] Email: uk-privacy@chanl.ai

20. REGULATORY INFORMATION

20.1 Supervisory Authorities

California Privacy Protection Agency Website: https://cppa.ca.gov Contact Form: [CPPA Contact]

European Data Protection Authorities List: https://edpb.europa.eu/about-edpb/board/members_en

UK Information Commissioner's Office Website: https://ico.org.uk Phone: 0303 123 1113

20.2 Legal Basis Summary

| Processing Activity | Legal Basis | Data Categories | |-------------------|-------------|-----------------| | Service Delivery | Contract | Account, Service Data | | Security | Legitimate Interest | Technical, Usage | | Marketing | Consent | Contact, Preferences | | Legal Compliance | Legal Obligation | All categories | | Voice Analysis | Consent/Contract | Voice, Biometric |

BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.

Version: 1.0 Document ID: PP-2025-001 Language: English

© 2025 Elemente, Corp. All rights reserved.

Ready to Ship Reliable Voice AI?

Test your voice agents with demanding AI personas. Catch failures before they reach your customers.

✓ Universal integration✓ Comprehensive testing✓ Actionable insights