CONVRSY | Conversational AI Platform
DATA AND PRIVACY POLICY
Effective Date: April 2, 2026
By accessing or using the Convrsy platform, you acknowledge that you have read and understood this Data and Privacy Policy and agree to be bound by it. If you do not agree, you may not use the platform. This Policy is incorporated by reference into Convrsy's Terms and Conditions.
AT A GLANCE
This summary is for convenience only. It does not replace or modify the full Policy below.
| Who we are | Convrsy provides an AI platform for conversation analysis, including emotion/prosody analysis and diarized transcripts. |
|---|---|
| What data we handle | Recordings, transcripts, and conversation content you submit; account and billing information; and technical usage data. |
| Why we process it | To deliver the Services, maintain platform security, fix errors, and improve our AI using de-identified data only. |
| Data ownership | You own all data you submit except for insights, models, and aggregated analytics generated by Convrsy and derived from your data. |
| Do we sell data? | No. We never sell or share your personal data for commercial or advertising purposes. |
| Sub-processors | We may use vetted third-party providers under confidentiality obligations. We remain responsible for their compliance. |
| Retention | Data is held during your Subscription Term. After termination you have 30 days to retrieve it before deletion. |
| Your rights | Depending on your state, you may have rights to access, correct, delete, or opt out of certain processing. We will help. |
| Security | We implement commercially reasonable technical and organizational security measures. |
| Recording consent | You are solely responsible for obtaining all legally required consents from individuals being recorded. |
| Governing law | State of New York, supplemented by applicable U.S. state privacy laws. |
| Contact us | privacy@convrsy.com |
The full Data and Privacy Policy begins on the following page.
Convrsy, Inc. ("Convrsy," "we," "our," or "us") provides an AI-powered software platform for the analysis of recorded conversations, including emotion and prosody analysis and the creation of diarized transcripts ("Platform" or "Services").
This Data and Privacy Policy ("Policy") describes how we collect, use, protect, and handle data in connection with your use of the Platform. It applies to businesses and individuals ("you" or "User") who access the Platform, as well as to the personal data of individuals whose conversations or recordings are processed through it.
Convrsy is one of the safest places to practice real conversations. This Policy explains how we protect your data and handle information processed through the platform.
This Policy is designed to comply with applicable U.S. state privacy laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act (CPRA), the Colorado Privacy Act (ColoPA), the Connecticut Personal Data Privacy and Online Monitoring Act (CPOMA), the Utah Consumer Privacy Act (UCPA), and the Virginia Consumer Data Protection Act (VCDPA) (collectively, "State Privacy Laws"). Where a conflict arises between these laws, the law applicable to the state of residence of the relevant user controls.
This Policy does not apply to third-party websites or services that may be linked from the Platform. We are not responsible for the privacy practices of those third parties.
When you submit recordings, conversation data, or other content to the Platform ("Customer Personal Data"), you act as the Controller or Business under applicable State Privacy Laws. You determine the purposes for which that data is processed and are responsible for ensuring your use of the Platform complies with all applicable law, including obtaining any required consents from individuals whose data you submit.
Convrsy acts as a Processor, Service Provider, or Contractor (as those terms are defined under applicable State Privacy Laws) on your behalf. We process Customer Personal Data only on your instructions, solely for the purpose of delivering the Services, maintaining and securing the Platform, debugging, and performing quality control. We do not independently determine the purposes for which your Customer Personal Data is processed.
The categories of Customer Personal Data processed through the Platform are determined by what you choose to submit. They may include:
We collect and process information that you or your Authorized Users actively submit to the Platform, including:
When you use the Platform, we automatically collect certain technical data, including:
This automatically collected data is used only for operating, maintaining, securing, and improving the Platform. It is processed in de-identified and aggregated form where possible and does not include the contents of your recordings or Customer Personal Data.
We do not intentionally collect sensitive personal information (such as Social Security numbers, government IDs, financial account credentials, health information, or biometric identifiers for the purpose of unique identification) except to the extent that such information is incidentally present in recordings or content you submit. If you believe sensitive data has been submitted inadvertently, please contact us at privacy@convrsy.com.
We do not knowingly collect personal data from individuals under the age of 13.
Convrsy processes audio data solely for the purpose of providing its Services, including transcription, speaker diarization, and emotion/prosody analysis.
By default, Convrsy does not use voice data for biometric identification or authentication purposes, nor does it create or store voiceprints or other biometric identifiers intended to uniquely identify an individual.
Certain optional features may enable voice-based user recognition or account security enhancements. Such features, if made available, will be strictly opt-in and subject to explicit User consent, additional disclosures, and compliance with applicable biometric and privacy laws.
We use Customer Personal Data to:
We use de-identified, aggregated technical data – never the content of your recordings or Customer Personal Data – to:
We will not use Customer Personal Data to train our AI models without your express written consent.
We may process data as necessary to comply with applicable law, respond to lawful legal process, enforce our Terms and Conditions, and protect the rights, property, or safety of Convrsy, our users, or third parties.
Separate from Customer Personal Data, Convrsy collects and analyzes technical usage data – including logs, metadata, and telemetry relating to how the Platform is accessed and how it performs ("Usage Data"). Usage Data does not include the content of recordings, transcripts, or Customer Personal Data, and is processed only in de-identified and aggregated form.
Convrsy may use Usage Data during and after your Subscription Term to maintain, improve, and develop its products and services. Because Usage Data is de-identified and aggregated, it is not subject to deletion upon termination of your subscription.
Important: You Are Responsible for Consent. If you use the Platform to record, transcribe, or analyze conversations involving other individuals, you are solely responsible for providing all legally required notices to, and obtaining all legally required consents from, those individuals in compliance with all applicable federal, state, and local law – including wiretapping, eavesdropping, and recording consent statutes. Convrsy disclaims all liability arising from your failure to obtain required consents.
Recording consent requirements vary significantly by jurisdiction. Many U.S. states require the consent of all parties to a conversation before it may be recorded ("all-party" or "two-party" consent states). You should consult qualified legal counsel regarding the requirements applicable to your jurisdiction and use case before recording any conversations.
You are also responsible for configuring the Platform in a manner consistent with your legal and compliance obligations, including data retention settings, access controls, and recording practices.
Convrsy does not sell, rent, or share Customer Personal Data with third parties for their own marketing, advertising, or commercial purposes. The exchange of data between you and Convrsy in connection with the Services does not constitute a "Sale" or "Sharing" as those terms are defined under applicable State Privacy Laws.
To deliver the Services, Convrsy may engage vetted third-party service providers ("Sub-Processors") who process Customer Personal Data on our behalf, under our instructions, and subject to contractual obligations of confidentiality and data protection no less protective than those in this Policy. Convrsy remains responsible for ensuring Sub-Processors comply with these standards.
We will notify you of any material changes to our Sub-Processor arrangements. You may raise concerns about a new Sub-Processor by contacting us at privacy@convrsy.com within 30 days of notification, and we will work with you in good faith to reach a commercially reasonable resolution.
All Convrsy employees, agents, and Sub-Processors with access to Customer Personal Data are subject to a duty of confidentiality. Access is limited strictly to those who need it to provide the Services.
We may disclose Customer Personal Data if required to do so by applicable law, regulation, or valid legal process. Where permitted, we will notify you promptly upon receiving such a request so that you may seek a protective order or other appropriate remedy.
In the event of a merger, acquisition, reorganization, or sale of all or substantially all of our assets, Customer Personal Data may be transferred as part of that transaction. We will notify you before Customer Personal Data becomes subject to a materially different privacy policy.
Convrsy stores and processes Customer Personal Data in data centers operated by its cloud infrastructure providers.
For customers based in the United States, data is generally stored and processed in the United States (e.g., U.S. East region). For customers based in the European Economic Area (EEA) or United Kingdom, data is generally stored and processed within the EEA.
Convrsy uses commercially reasonable efforts to keep Customer Personal Data within the region associated with the customer's account. However, limited cross-border transfers may occur where necessary to provide the Services, including for support, security, or infrastructure operations.
Where such transfers occur, Convrsy ensures appropriate safeguards are in place in accordance with applicable law, including contractual protections with its service providers. Customers may request additional information about data location and applicable safeguards by contacting privacy@convrsy.com.
We retain Customer Personal Data for as long as necessary to provide the Services and for any period thereafter as required by applicable law or as directed by you.
Upon termination or expiration of your subscription, Convrsy will make your Customer Personal Data available for electronic retrieval for a period of 30 calendar days. After that period, Convrsy will promptly delete or return all Customer Personal Data in its possession, unless retention is required by law.
If Convrsy is required by law to retain certain Customer Personal Data beyond the deletion period, we will isolate and protect that data, prevent any further processing except as required by law, and destroy it as soon as legally permissible.
You may request deletion of your Customer Personal Data at any time by contacting us at privacy@convrsy.com. We will complete deletion within 30 calendar days of receipt of a valid request, subject to any legal retention exceptions described above.
Convrsy implements and maintains commercially reasonable technical and organizational security measures, appropriate to the nature of the data processed, designed to protect Customer Personal Data from unauthorized access, destruction, use, modification, or disclosure. These measures include, but are not limited to:
Convrsy will notify you within five (5) business days if we determine that we can no longer meet our privacy or security obligations under this Policy. No security system is impenetrable, and we cannot guarantee the absolute security of data transmitted to or stored on the Platform.
In the event of a confirmed security incident affecting Customer Personal Data, Convrsy will notify you without undue delay and in accordance with applicable law.
Convrsy is designed in alignment with industry-standard security practices and may pursue additional certifications (such as SOC 2) in the future.
Depending on your state of residence, you may have certain rights with respect to your personal data under applicable State Privacy Laws. Where Convrsy acts as a Processor on your behalf, certain rights must be exercised against you as the Controller; we will provide commercially reasonable assistance to help you fulfill those requests.
To exercise any of these rights, please contact us at privacy@convrsy.com. We will respond within the timeframe required by applicable law (generally 45 days, with a possible extension of up to an additional 45 days where reasonably necessary). We may need to verify your identity before processing your request.
Where we act as a Processor and receive a consumer rights request relating to Customer Personal Data you control, we will notify you promptly and provide commercially reasonable assistance to help you fulfill that request within the timelines required by applicable State Privacy Laws.
Convrsy warrants that it will comply with all applicable State Privacy Laws in its processing of Customer Personal Data and will maintain the level of privacy protection required by those laws. Upon reasonable written request, we will make available to you the information necessary to demonstrate our compliance with this Policy.
Enterprise customers may have rights under their applicable agreements to assess Convrsy's privacy and security practices through reviews, automated scans, audits, or other reasonable testing methods at least once every 12 months, subject to appropriate notice and scheduling.
If Convrsy determines at any time that it can no longer meet its obligations under this Policy or applicable State Privacy Laws, we will notify you within five (5) business days so that you may take appropriate action.
We may update this Policy from time to time to reflect changes in our practices, the Services, or applicable law. When we make material changes, we will notify you by email or by prominent notice within the Platform at least 30 days before the changes take effect, and we will update the "Last Updated" date at the top of this Policy.
Your continued use of the Platform after the effective date of any updated Policy constitutes your acceptance of the revised terms. Convrsy will cooperate in good faith to address any changes required by future amendments to applicable State Privacy Laws.
If you have any questions, concerns, or requests relating to this Policy or our data practices, please contact us:
Convrsy, Inc.
Attn: Privacy
Email: privacy@convrsy.com
© Convrsy. All rights reserved.