Biometric Data Disclosure & Policy

This Biometric Data Disclosure & Policy ("Policy") describes how RespondWize, Inc. ("RespondWize," "we," "us," or "our") collects, uses, stores, and protects biometric data, including voice data or other identifiers that may be subject to biometric privacy laws in certain U.S. states. This Policy is incorporated by reference into our Privacy Policy and Terms of Use. By using our products and services (the "Services"), you consent to the practices described in this Policy.

1. Scope & Purpose

1.1 Who This Policy Applies To

This Policy applies to individuals ("Users," "you") whose voice data or other biometric identifiers may be collected, captured, received, or processed by RespondWize, as well as our customers and business partners who integrate or use our Voice AI or other biometric-capable Services.

1.2 Purpose of Biometric Data Collection

RespondWize may use voice or other biometric data to power AI-based features such as voice recognition, speaker identification, or call analytics, strictly in accordance with our customers' instructions and applicable laws.

2. Definitions

3. Collection & Notice

3.1 Methods of Collection

RespondWize may collect or receive voice data or other biometric identifiers in the following ways:

• Voice Calls: AI analysis of inbound or outbound calls, capturing audio or call metadata.
• Voice Recordings or Samples: Uploads or real-time streams from our customers' systems for transcription, sentiment analysis, or other processing.

3.2 Customer Responsibility for Notice & Consent

• If you are an end user communicating with one of our enterprise customers, that customer is primarily responsible for providing notice and obtaining any legally required consent from you regarding collection or use of your biometric data (e.g., voice). RespondWize processes data under instructions from our customers and does not determine the means or purposes of such processing beyond what is specified in our service agreements.
• However, if we directly collect voice data from you (e.g., via a RespondWize-owned application or website), we will provide separate notice and obtain consent as required by law.

3.3 Limited Purpose

We collect and process biometric data only for the specific business purposes of providing our AI-based Services (e.g., voice recognition, speaker identification, analytics), as directed by our customers or end users.

4. Use of Biometric Data

4.1 Permitted Uses

Biometric data may be used for:

• Identifying or verifying speakers to personalize user experiences or secure accounts (if this feature is enabled).
• Analyzing calls for quality assurance, sentiment analysis, or compliance monitoring.
• Improving AI models for speech recognition, provided that such improvements comply with our agreements and privacy obligations.

4.2 Prohibited Uses

We will not use biometric data for any purpose beyond those stated in this Policy or in our relevant contractual agreements. Specifically, RespondWize will not:

• Sell or lease biometric data to third parties.
• Use biometric data for advertising or marketing without explicit consent.
• Disclose biometric data except as required by law or as instructed by our customers in compliance with applicable laws.

5. Retention & Destruction

5.1 Retention Schedule

We retain biometric data (including voice data) only for as long as needed to:

• Fulfill the purpose(s) for which the data was collected, or
• Comply with legal, regulatory, or contractual obligations.

5.2 Destruction

Once the business purpose for collecting or obtaining biometric data has been satisfied (or upon expiration/termination of our contract with the customer, or upon a valid deletion request), we will securely delete or destroy the data in our possession in accordance with our internal data retention and destruction policies, unless we are required by law to retain it for a longer period.

6. Storage & Security

6.1 Data Protection Measures

We maintain administrative, technical, and physical safeguards designed to protect biometric data from unauthorized access, acquisition, disclosure, or destruction. Examples may include encryption at rest and in transit, restricted access controls, and secure hosting environments.

6.2 Access Controls

Access to biometric data is limited to authorized personnel who have a legitimate business need to process the data in order to provide the Services.

7. Disclosure of Biometric Data

7.1 No Sale of Biometric Data

RespondWize does not sell, rent, or trade biometric data. We only disclose biometric data:

• To the Relevant Customer: The enterprise customer that provided or generated the data, to the extent necessary to deliver our Services or as requested by that customer.
• With Consent: When the individual or customer has provided explicit consent for a specific disclosure.
• Service Providers / Sub-Processors: We may engage trusted service providers (sub-processors) who assist us with hosting, processing, or technical support. These providers are contractually bound to protect biometric data in a manner at least as restrictive as this Policy.
• Legal Obligations: If required by subpoena, court order, or other legal process, or to protect our rights or the rights of others (subject to the limitations of applicable laws).

8. Compliance with State Laws

8.1 Illinois Biometric Information Privacy Act (BIPA)

Where BIPA applies (e.g., for data subjects in Illinois), RespondWize and our customers share responsibility to:

• Provide written notice and obtain a written release (consent) before collecting or storing biometric identifiers.
• Maintain a publicly available written retention schedule and guidelines for permanently destroying biometric identifiers.
• Use and store biometric identifiers in compliance with BIPA's requirements.

8.2 Other States

We also comply with any relevant biometric privacy laws in Texas, Washington, or other states that regulate the collection, use, or disclosure of biometric data. If additional or different obligations apply in a given jurisdiction, we will abide by those requirements.

9. Individual Rights & Choices

9.1 Opt-Out / Withdrawal of Consent

If you have previously consented to the collection or use of your biometric data, you may have the right under certain laws to withdraw consent by contacting the entity (e.g., our customer or us, as appropriate) that originally collected your data. We will facilitate that request in accordance with the applicable law and our agreements.

9.2 Access, Correction, Deletion Requests

Depending on the state or applicable law, you may have the right to request access to, correction of, or deletion of your biometric data.

• If RespondWize directly collected your biometric data, contact us at support@respondwize.com.
• If a customer collected your data, please direct your request to that customer. We will cooperate with the customer to fulfill valid requests as required by law and our contract.

10. Contact Information

For any questions regarding this Policy or how RespondWize handles biometric data, you may contact us at:

RespondWize, Inc.
108 Regal Ridge
Aledo, TX 76008
Email: support@respondwize.com

If you need more detailed information about our biometric data practices, you may also consult our Privacy Policy or relevant Data Processing Addendum (DPA) if you are an enterprise customer.

11. Policy Updates

We may update this Biometric Data Disclosure & Policy from time to time to reflect changes in our practices, legal requirements, or technology. When we do, we will revise the "Last Updated" date at the top. If we make significant changes, we may also notify you through the Services or via email (if we have your email on file). Your continued use of our Services after any modifications become effective indicates your acceptance of the revised policy.