Introduction
Edysor Technologies Pvt. Ltd. (hereafter referred to as “Edysor,” “we,” “our,” or “us”) runs AlterHuman, which represents a high-end AI solutions platform that provides voice automation technologies alongside voice cloning services and natural language processing (NLP) functions. The AlterHuman platform helps diverse businesses in fields like finance, healthcare, e-commerce, and customer support execute automated customer dialogues through AI voice bots that replicate human voice tone capabilities. The combination of AI-focused communication tools within systems leads companies to boost operational performance and decrease expenses while creating personalised user engagements.
This Privacy Policy provides business end-users and additional parties with details about information collection and management within AlterHuman. We devote maximum attention to safeguarding user data while deploying multiple protective measures to secure all client information from business users and independent users who operate on our platform. The use of AlterHuman demands business stakeholders to accept all policies that this Privacy Policy establishes. All service users must discontinue our platform immediately if they find any disagreement with our established terms.

1. Scope of This Privacy Policy
1.1 Who This Policy Covers
Businesses and Enterprises
This policy applies to all businesses, organisations, or enterprises that integrate or use AlterHuman to manage client interactions via AI-generated voice cloning. Whether you are a small start-up looking to automate customer support lines or a large multinational corporation implementing AI for high-volume calls, the policy governs how your data—and the data of your end-users—will be processed and protected.
End-Users
This policy covers end-users privacy rights as customers are involved in AI-based calls, voice messages, and interactive voice responses facilitated through AlterHuman. The platform supports end-users, including customers, clients, patients, and their corresponding business clients who use our system.
Data Types Processed
The policy specifies the processing rules we have established for personal information and business information alongside client information, which can move through our voice AI engine and platform integration features and application programming interfaces (APIs) as well as analytics tools. End-users provide either basic data such as phone numbers or extensive information to the system. This data could be as minimal as a phone number, or it could be more extensive depending on the nature of the business’s integration and the compliance requirements of a given industry (e.g., healthcare or finance).
1.2 Third-Party Services and Integrations
AlterHuman’s functionality can be extended by integrating with various third-party websites, software tools, or platforms. This may include customer relationship management (CRM) systems, cloud telephony solutions, and other data analytics services. It is important to note that this Privacy Policy does not apply to how third-party services collect, store, or use data. We strongly encourage businesses to review the privacy policies of any external services that they choose to integrate with AlterHuman. By combining third-party services with our AI technology, businesses accept responsibility for understanding and adhering to separate policies and data protection rules relevant to those external systems.
1.3 Policy Updates
We reserve the right to update this Privacy Policy at any time to reflect new service offerings, changes in data practices, or evolving regulatory requirements. Any material changes to the policy will be communicated to businesses through official channels such as email notifications or platform alerts. Continued use of AlterHuman after these updates will signify acceptance of the revised terms.

2. Information We Collect
The type and scope of information we collect depend on how a business implements AlterHuman. Below are the categories of data collection that may occur throughout your use of our platform.
2.1 Information Provided by Businesses
When you create an account or integrate AlterHuman into your existing systems, you may provide various types of data:
Business Details
We collect essential information about your company, including but not limited to:
Company name and legal entity structure (e.g., LLC, Pvt. Ltd., etc.)
Industry or sector (finance, healthcare, e-commerce, etc.)
Primary point of contact: name, email address, and phone number for managing the account.
Location: The business’s official mailing or billing address, if necessary, for tax or legal compliance.
User Accounts
Each business can create multiple user accounts for employees or team members who will manage AlterHuman. Details may include:
Login credentials (usernames and hashed passwords)
Access levels or roles (administrator, analyst, etc.)
Profile details such as name, title/department, and professional contact information
Voice Data & Cloning Requests
If a business chooses to use our voice cloning feature:
Sample Voice Recordings are necessary for training custom models. These may be recordings of specific individuals who have consented to have their voice cloned or voice samples purchased/obtained lawfully for commercial usage.
Metadata about the sample recordings, such as the date and context in which they were recorded.
Call Scripts & Interaction Data
Many businesses provide:
Predefined call scripts for the voice bot to follow during customer interactions.
Customised workflows indicating how to handle customer queries, escalate calls to human agents, or trigger specific AI responses.
Data points for automated interactions, including personalised elements (such as the customer’s name, service plan, or past purchase behaviour).
Payment Information
To facilitate subscription, usage fees, or billing, we collect:
Credit card details, bank account information (stored securely through third-party payment processors), or other preferred payment methods.
Billing addresses, transaction history, and invoice records to comply with financial regulations and provide businesses with accurate billing statements.
2.2 Information Collected Automatically
Our platform automatically collects certain information to monitor performance, troubleshoot technical issues, and improve service quality:
Call Data
Every interaction performed via AlterHuman’s platform can generate data such as:
Call duration
Timestamps marking when calls start and end
Call frequency and the number of successful connections
AI-generated responses used during each cal, logged for quality assurance and improvement
Voice Interactions
AI-driven calls that are recorded or logged for future reference:
Audio transcripts produced by the speech-to-text mechanism
Digital call recordings, if the business has opted to record the calls for compliance or quality-checking
Sentiment or intent analysis performed on the calls, providing data points for AI training and improvement
Device and Technical Data
Whenever businesses or end-users interact with our platform through a web-based dashboard or integrated system, we may collect:
IP addresses and other network identifiers
Device types, browser details, and operating systems
API request logs that track calls made to our endpoints, ensuring we can diagnose integration issues effectively
Usage Analytics
To continuously refine our AI:
Performance metrics on how well the AI handles real-life scenarios
Engagement metrics such as average call handling time or user satisfaction ratings, if available
Conversation effectiveness analytics, which includes detection of user language preferences, commonly asked questions, or success in problem resolution
2.3 Third-Party Integrations & External Data
Many businesses harness the power of AlterHuman more comprehensively by integrating it with external data sources. In these situations, additional data flows into our system:
Customer Contact Details
A business can access customer contact information, including phone numbers and names, through a CRM system or another database platform. AlterHuman can then use the contact details to initiate AI-operated outreach phone calls or automated reminder systems. AlterHuman processes this information solely for business-authorized operations.
Interaction Histories
The merging of historical data between ticketing systems and helpdesk software and CRM logs with AlterHuman allows business use.
Attractive AI interactions become possible by uniting call history data with support ticket archives and documented complaints.
AI calls receive their message content based on customer purchase records and account data.
Compliance-Related Information
Finance and healthcare institutions need to develop further compliance restrictions. This can include:
The regulatory data system operates under two rules formats: allowed call durations and mandated data protection regulations.
The business operates patient IDs and insurance data as sensitive personal information based on their standards and HIPAA requirements.
Note:  The business owns the responsibility to verify data validity that enters AlterHuman from legal sources while maintaining evidence of obtaining data from data subjects. Business heads need to follow data protection laws in their local areas at all times during their data handling activities.
3. How We Use Your Information
We rely on the collected data to enhance our platform’s capabilities, maintain a high-quality user experience, and uphold legal obligations. Below is an expanded overview of how we utilize the data that is entrusted to us.
3.1 Providing AI-Powered Voice Automation Services
Executing AI-Driven Interactions
The main goal of gathering data serves to enhance the operational capability of AI voice bots. The system generates real-time voice responses through analysis of call scripts, user queries and previous interaction histories. This includes:
The integrated or external telephony services enable our system to place phone number calls.
Enhancing call responses relies on the installed scripts and identified voice patterns from the system.
The system should transfer calls to human operators if required.
Customizing Voice Bots
The setup of voice bots allows businesses to customise the solutions according to their industry needs. Voice bots serving in financial sectors must display complete compliance warnings, whereas healthcare providers need their bots to deliver appointment reminders and privacy notices. We use the data provided to:
Fine-tune speech recognition algorithms for improved accuracy in domain-specific terminology
Organize pre-programmed answers for standard questions and worries that frequently appear in particular business fields
Voice Model Training and Improvement
Sample voice recordings and transcripts are vital for training machine learning models. The better the quality and quantity of this data, the more accurately the AI bot can mimic human speech or detect nuances in natural language.
3.2 Business Analytics & AI Enhancement
Continuous Improvement of AI
Every interaction with end-users serves as a learning opportunity for our AI models. By analyzing conversation success rates, user sentiment, and call handling times, we refine our speech-to-text, text-to-speech, and NLP systems. This iterative process ensures that AlterHuman remains at the forefront of conversational AI technology.
Performance Metrics and Usage Insights
We compile statistics on metrics such as:
Call drop rates
Call completion rates
Preferred language selections
Conversion rates (e.g., how often calls lead to successful sales or resolved support tickets)
These insights are aggregated, anonymized, and shared with businesses to help them make informed decisions regarding their customer engagement strategies.
Internal Testing and Optimizations
A subset of recorded data may be used internally by Edysor’s data science and engineering teams for:
Algorithmic improvements in voice cloning accuracy
Detection of edge cases where the AI might struggle, such as unusual accents, background noise, or specialized jargon
Validation of new features before they are released to production
3.3 Customer & Business Communication
Account Updates and Notifications
We use contact details to keep businesses informed about important account activities:
Billing reminders for upcoming subscription renewals
Feature announcements for newly released AI enhancements or integrations
Policy changes that could affect how data is handled
Technical Support and Troubleshooting
When users or businesses reach out to our support team, we often need access to relevant data to provide effective assistance. This may include:
Call transcripts to diagnose unexpected AI behavior
Platform usage logs to determine if an error lies in the API integration or in the user’s own environment
Marketing Communications
We may occasionally send newsletters or marketing emails about new product features, special promotions, or educational resources (e.g., webinars, tutorials). Businesses can opt out of these at any time through unsubscribe links or account preferences.
3.4 Legal Compliance & Security
Preventing Fraudulent Activities
Certain data is collected and monitored to detect and prevent unauthorized voice cloning, suspicious account activity, or other fraudulent behavior that may compromise the integrity of AlterHuman’s services.
Adhering to Data Protection Laws
Depending on the region in which the business operates or the data subjects are located, we comply with various regulations:
General Data Protection Regulation (GDPR) in the European Union
California Consumer Privacy Act (CCPA) in the state of California
India’s IT Act (2000) and related data protection directives
Telephone Consumer Protection Act (TCPA) in the U.S., especially for outbound AI calls and text messaging
Law Enforcement Requests
There may be instances where Edysor receives valid legal requests or subpoenas demanding the disclosure of certain data. In such cases, we will scrutinize each request to ensure it is legally binding and proportionate, and then comply in a manner consistent with our legal obligations.

4. Data Sharing & Disclosure
We understand that businesses share sensitive information with us and that end-users trust they are participating in calls that align with their privacy rights. Hence, we do not sell, rent, or trade personal or business data to third parties for any reason. However, there are certain circumstances under which data may be shared.
4.1 With Service Providers
Cloud Hosting and Storage
We may use reputable cloud service providers to store call recordings, transcripts, or databases. These providers are contractually bound to maintain strict confidentiality measures and to process data only as directed by us.
AI and Speech-to-Text Partners
To deliver state-of-the-art voice recognition and text-to-speech functionalities, we sometimes collaborate with specialised technology vendors. In these partnerships, only the minimum necessary data is shared (often anonymised or encrypted).
Customer Support Platforms
A helpdesk or ticketing system integration enables us to deliver prompt and organised, efficient support. All business assistance requests and support tickets transfer business-critical information, including error message,s together with user IDs and conversation logs to these support systems
4.2 Legal & Compliance Disclosures
Compliance with Laws
Sharing particular data with regulators law enforcement agencies, and governmental bodies becomes necessary when laws or valid compliance needs require it. Edysor must disclose data upon demand by legal entities, especially when handling phone-based fraud investigations and data protection audits or investigating illegal activities.
Enforcing Our Rights
Edysor's legal rights, together with its platform security and business contractual agreements, receive protection from the release of specific details in unusual situations.
Mergers or Acquisitions
When edysor undergoes mergers, acquires new entities or undergoes corporate restructuring we relocate all data to the new operator under the same set of privacy commitments, thus preserving data protection standards.

5. Data Retention Policy
We adhere to a data minimisation principle, collecting and retaining only as much data as required to fulfill the purposes stated in this Privacy Policy.
Operational Need
Our organisation stores business together with customer information until we complete delivering or advancing our services. The method for data storage accommodates AI model training and usage metric generation while honouring performance improvement potentials while preventing the retention of extra information.
Contractual Obligations
Business relationships may require detailed data storage periods through legal obligations or formal SLA documentation. The required duration of data retention receives our honor through secure storage practices followed by elimination when the retention period ends.
Legal & Regulatory Requirements
Call recordings together with payment records must be kept according to specific rules established by each jurisdiction. The maintenance of transaction logs must extend past a mandated time period as stipulated by financial industry regulations. After expiration of the legally required retention term we follow these requirements by eliminating or anonymizing the data through secure processes.
Data Deletion Requests
After business discontinuation of AlterHuman access we handle all their user data removal or anonymization within applicable reasonable periods despite legal storage requirements. End-users seeking to delete personal data need to send their requests through their data-collecting and -controlling business organizations. We quickly process verifiable deletion requests from business clients through the deletion of their data from our active databases alongside backups until any applicable regulatory rules allow such procedures.
6. Security Measures
Edysor dedicates significant company finances to secure data processing systems employed by AlterHuman. The organisation deploys several defensive measures to maintain its system security.
We implement Multi-Factor Authentication (MFA) for applicable instances to minimize unauthorized entry points to admin panels as well as cloud storage systems.

Encryption
Data in Transit: The SSL/TLS encryption protocol, along with similar secure standards, protects data that moves between devices and servers and third-party connectors to keep information safe from spying and interception during transit.
Data at Rest: The company apart from industry-standard encryption, uses proper data access keys to protect recordings and transcripts when they are stored.
Access Controls
Role-Based Access: Secure information access exists only for properly authorized staff who receive data permissions according to their job responsibilities.
Multi-Factor Authentication (MFA): We implement Multi-Factor Authentication (MFA) for applicable instances to minimize unauthorized entry points to admin panels as well as cloud storage systems.
Secure Architecture
Network Segmentation: Databases containing sensitive voice data may be stored on segregated servers with restricted inbound and outbound connections.
Firewalls & Intrusion Detection: The company deploys enterprise-grade firewalls complemented with intrusion detection/prevention systems to monitor and defeat security attacks immediately.
Regular Audits & Testing
Penetration Testing: 
The platform undergoes periodic assessment by trained experts from outside the organization who seek to find exploitable weak points which lead us to resolve potential threats in advance.
Compliance Reviews: Our organization conducts regular internal and external audits together with GDPR and CCPA and other applicable data protection standards.
Fraud Prevention
Our system includes detection methods for detecting atypical or dubious API usage that blocks both unauthorized voice cloning intrusions and extensive malicious activities. The detection of uncommon patterns generates two responses which range from temporarily halting operations to demanding additional user verification as a pre-processing requirement.
Important: While we strive to employ robust security measures, no system can be fully impenetrable. We encourage businesses to adopt their own supplementary security strategies, especially when integrating customer data into the platform.
7. Business & Customer Rights
We believe in empowering businesses and end-users to control how their data is handled and used within the AlterHuman ecosystem. Depending on the applicable laws and the nature of your relationship with AlterHuman (business vs. end-user), you may have the following rights:
7.1 Access & Correction
Access to Stored Data: You have the right to obtain information about the personal data we hold about you or your customers. This may include call transcripts, audio recordings, or user profile details.
Accuracy of Data: If you find that certain pieces of information are inaccurate or outdated, you can request corrections. Businesses are generally responsible for ensuring the correctness of data they feed into AlterHuman, but we also provide ways to rectify any internal record mistakes.
7.2 Opt-Out & Deletion
End-User Opt-Out: End-users (the recipients of AI-driven calls) who do not wish to receive further calls of this nature should direct their opt-out request to the business controlling the calls. In line with TCPA and similar regulations, businesses must honor do-not-call (DNC) requests.
Data Removal: Businesses can request the deletion or anonymisation of stored call logs, voice recordings, or transcripts. Once such a request is received, we will verify it, and then proceed to remove data from active databases and archives (subject to legal retention requirements).
7.3 Cookie & Tracking Control
Browser Settings: When interacting with AlterHuman’s online portal or dashboards, you can adjust your browser settings to control cookies and other tracking technologies. However, disabling certain cookies may limit the functionality of our platform.
Business-Wide Policies: If you are a business that uses embedded tools or third-party analytics within the AlterHuman environment, ensure you disclose any cookie usage and tracking to your end-users, consistent with applicable laws.
7.4 Exercising Your Rights
Support Channels: Most rights can be exercised by contacting our support team at support@edysor.in.
Verification: For security and to prevent fraudulent requests, we may require identity or ownership verification before processing any data-related requests.

8. Compliance with Data Protection Laws
Edysor Technologies Pvt. Ltd. is committed to worldwide data protection standards. AlterHuman is engineered to support compliance with a range of major privacy regulations. While we provide the tools and environment to help meet these standards, each business remains responsible for ensuring that its specific data-handling practices align with relevant regulations in their operations.
8.1 General Data Protection Regulation (GDPR)
For businesses or end-users located in the European Union (EU), GDPR imposes stringent requirements on how personal data is collected, processed, and stored. AlterHuman assists companies in complying with GDPR by:
Consent Management: Enabling businesses to track and document consent from end-users for voice-based interactions.
Data Subject Rights: Offering functionalities that make it easier to identify, access, correct, or delete personal data upon request.
Data Processing Agreements (DPA): We may enter into a legally binding DPA with businesses to delineate how personal data is handled in a controller-processor relationship.
8.2 California Consumer Privacy Act (CCPA)
Under CCPA, all businesses that operate in California must allow their customers to exercise a “Do Not Sell My Personal Information” right. The platform’s interface fulfils its design requirements, although we do not exchange client personal information.
Access & Deletion: We have made it easy for customers to get both their account data copies and file them for permanent deletion.
Right to Opt-Out: End-users under Right to Opt-Out have the choice to withhold consent for sharing their data or its use for particular purposes where these rights apply.

8.3 India’s IT Act (2000) & Data Protection Bill
The Information Technology Act (2000) of India, along with the Data Protection Bill, exists as current legislation. We carry our responsibilities under the Information Technology Act (2000) seriously because we maintain an Indian company headquarters.
Reasonable Security Practices: The organisation implements “Reasonable Security Practices and Procedures” standards for handling sensitive personal data and information.
Upcoming Legislation: We remain vigilant about Indian data protection developments through the future Personal Data Protection Bill to create process adaptations as needed.
8.4 Telephone Consumer Protection Act (TCPA) for U.S. Operations
Most organisations which conduct automated voice calls to U.S. consumers need to fulfil TCPA requirements. The built-in features offered by AlterHuman’s platform come with step-by-step guidelines for:
Consent Verification: Businesses can store proof of end-user consent for receiving automated calls.
Opt-Out Mechanisms: We provide tools or guidance to ensure that recipients can opt out of further calls, maintaining compliance with do-not-call lists.
9. Contact Us
Contact us through the following means in case you have questions or concerns or requests related to this Privacy Policy or your data.
Address: Edysor Technologies Pvt. Ltd.
The official correspondence requires physical office location details to be provided here.
Email: support@edysor.in
Our privacy and customer support teams supervise the email account to guide enquiries about data handling, technical support and privacy rights to the proper departments.
Phone: +91-7412067040
Our company maintains an immediate support telephone number, which businesses can use to obtain real-time and urgent assistance. Telephone service availability runs according to each geographic area together with its respective time zone.
Conclusion and Remarks: 
Edysor dedicates itself to honouring confidentiality standards for all data belonging to its clients. Our mission advances by unifying advanced AI voice technology solutions to develop robust and secure, and easy-to-use customer engagement capabilities for business operations. Top technological developments require organisations to maintain open operations and follow stringent ethical practices. The company dedicates its efforts to establishing long-lasting partnerships built on trustworthy relationships that combine accountability and respect for all privacy rights of individuals.
Our company remains focused on updating our privacy practices alongside this privacy policy because the regulatory environment continues to change for AI technology voice services and data protection systems. Tell all businesses to stay updated on the latest local and sector regulations and use AlterHuman successfully by keeping open communication with our team. The power of transformative AI communication can be maximized by collective effort while protecting the individual privacy and dignity of users.