Skip to main content
AgentDesc

Voice Privacy Addendum

Effective Date: January 31, 2026

This Voice Privacy Addendum supplements the AgentDesc Privacy Policy and describes how Descriptor AI Inc ("we", "us", "our") collects, uses, and protects voice data through our TrueVoice™ voice authentication system.

1. What Voice Data We Collect

1.1 Voice Embeddings (What We Store)

When you enroll in TrueVoice™ verification, we create a voice embedding — a mathematical representation of your unique vocal characteristics. This is similar to how facial recognition creates a "faceprint."

Important: We do NOT store raw audio recordings of your voice. The voice embedding:

  • Cannot be reverse-engineered into audio
  • Cannot be used to recreate your voice
  • Contains only mathematical vectors for comparison

1.2 What Voice Embeddings Capture

Voice embeddings analyze biometric characteristics including:

  • Vocal tract shape and resonance
  • Speaking patterns and rhythm
  • Pitch and frequency distribution
  • Unique acoustic signatures

1.3 Metadata Collected

In addition to the voice embedding, we collect:

  • Timestamp of enrollment and verification attempts
  • Device information used during enrollment
  • Verification success/failure logs
  • TrueScore™ confidence ratings

2. How Voice Data Is Stored

2.1 Encryption

All voice embeddings are protected with industry-standard security:

  • At Rest: AES-256 encryption
  • In Transit: TLS 1.3
  • Access: Role-based, audit-logged

2.2 Storage Location

Voice embeddings are stored in secure, SOC 2 compliant infrastructure within the United States.

2.3 Access Controls

  • Voice embeddings are accessible only to the TrueVoice™ verification service
  • No human employees have direct access to individual voice data
  • All access is logged and audited

3. Retention Period

  • Voice Embeddings: Until account deletion or 2 years of inactivity
  • Verification Logs: 1 year
  • Failed Verification Attempts: 90 days

Automatic Deletion

Voice embeddings are automatically deleted when:

  • You delete your account
  • You opt out of TrueVoice™ verification
  • Your account is inactive for 2 years

4. Your Rights

4.1 Right to Access

You may request a copy of:

  • Whether we hold voice biometric data for you
  • Metadata associated with your voice enrollment
  • Verification history

4.2 Right to Deletion

You may request deletion of your voice data at any time:

  • Through account settings (Voice Verification → Delete Voice Print)
  • By contacting privacy@agentdesc.com
  • Deletion is completed within 30 days

4.3 Right to Opt Out

TrueVoice™ enrollment is optional. You may:

  • Decline enrollment initially
  • Unenroll at any time
  • Use alternative verification methods if available

4.4 Right to Export

Upon request, we will provide your voice verification metadata in a portable format. Note: Voice embeddings themselves cannot be exported in usable form as they are specific to our system.

5. Regulatory Compliance

5.1 BIPA (Illinois Biometric Information Privacy Act)

For Illinois residents, we comply with BIPA requirements:

  • Written Notice: This addendum serves as written notice of collection
  • Consent: We obtain explicit opt-in consent before enrollment
  • No Sale: We never sell, lease, or trade biometric data
  • Retention Policy: Documented above
  • Security: Industry-standard protection measures

5.2 GDPR (EU/EEA Residents)

For individuals in the EU/EEA:

  • Legal Basis: Explicit consent (Article 9(2)(a))
  • Data Minimization: We collect only necessary biometric data
  • Right to Withdraw: You may withdraw consent at any time
  • Data Portability: Available upon request
  • Erasure: "Right to be forgotten" honored within 30 days

5.3 CCPA (California Residents)

For California residents:

  • Right to Know: Disclosed in this addendum
  • Right to Delete: Honored upon request
  • No Sale: We do not sell biometric information
  • Non-Discrimination: No penalty for exercising rights

5.4 TDPSA (Texas Data Privacy and Security Act)

For Texas residents:

  • Voice data is treated as sensitive personal data
  • Explicit consent obtained before processing
  • Enhanced security measures applied

6. How Voice Data Is Used

Your voice data is used exclusively for:

  1. Identity Verification — Confirming you are who you claim to be
  2. Fraud Prevention — Detecting unauthorized access attempts
  3. System Improvement — Anonymized, aggregated analysis to improve accuracy

We Do NOT Use Voice Data For:

  • Creating synthetic voice clones
  • Sharing with third parties for any purpose
  • Marketing or advertising
  • Any purpose other than verification

7. Third-Party Processing

Voice embedding generation and comparison is performed using secure, audited systems. We do not share raw voice data with any third parties. Our voice processing infrastructure:

  • Is SOC 2 Type II certified
  • Processes data only within the United States
  • Has signed Data Processing Agreements (DPAs)
  • Cannot access or store raw audio

8. Data Breach Notification

In the event of a security breach affecting voice biometric data, we will:

  1. Notify affected users within 72 hours
  2. Report to relevant regulatory authorities as required
  3. Provide identity protection services if appropriate
  4. Implement additional security measures

9. Children's Voice Data

We do not knowingly collect voice biometric data from individuals under 18 years of age. TrueVoice™ verification requires age verification before enrollment.

10. Changes to This Addendum

We may update this addendum to reflect changes in our practices or legal requirements. Material changes will be:

  • Announced via email to enrolled users
  • Posted with a new effective date
  • Require re-consent if collection practices change

11. Contact Us

For questions about voice data privacy:

Privacy Officer
Descriptor AI Inc
Email: privacy@agentdesc.com

For GDPR-specific inquiries: gdpr@agentdesc.com
For BIPA-specific inquiries: bipa@agentdesc.com

TrueVoice™ and TrueScore™ are trademarks of Descriptor AI Inc.
© 2026 Descriptor AI Inc. All rights reserved.