Zum Inhalt springen

Biometric Data Policy

Illinois BIPA (740 ILCS 14) · Texas CUBI · Washington HB 1493

1. Scope & Purpose

This Biometric Data Policy explains how Flowent (operated by Luis Ens – Flowent, a sole proprietorship based in Freiburg, Germany; the “Provider”, “we”, “us”) treats information that may, under certain U.S. state laws, be classified as biometric data. It is provided to give clear, written notice of our practices to anyone who may interact with our services, including callers who speak with an AI voice assistant operated through our platform.

This Policy is intended to address the requirements of the Illinois Biometric Information Privacy Act (BIPA), 740 ILCS 14/1 et seq.; the Texas Capture or Use of Biometric Identifier Act (CUBI), Tex. Bus. & Com. Code § 503.001; and the Washington biometric identifiers statute, RCW 19.375 (originally House Bill 1493). It supplements our general Privacy Policy and our Your Privacy Choices page.

The core statement of this Policy is simple: in the ordinary operation of our voice pipeline, Flowent does not collect, capture, purchase, receive through trade, or otherwise obtain or store biometric identifiers or biometric information — including voiceprints.

2. Definitions

For purposes of this Policy, the following terms have the meanings given to them in the applicable statutes:

  • Biometric identifier – a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. It does not include writing samples, written signatures, photographs, demographic data, or physical descriptions, among other excluded categories.
  • Biometric information – information, regardless of how it is captured, converted, stored, or shared, that is based on an individual’s biometric identifier and used to identify an individual.
  • Voiceprint – a mathematical representation of the unique characteristics of a person’s voice that is created and stored for the purpose of recognizing or identifying that specific individual.

A recording of a person’s voice, or a written transcript of what was said, is not a voiceprint. A voiceprint is a biometric template generated for the purpose of identifying or verifying a specific speaker. As explained below, our normal voice pipeline does not create such templates.

3. No Collection of Biometric Data

Flowent does not collect, capture, or store biometric identifiers, biometric information, or voiceprints in the normal operation of its voice pipeline. Our speech-to-text (STT) and text-to-speech (TTS) components transcribe spoken words into text and synthesize text into spoken audio. They do not create voiceprints, and we do not perform speaker identification, speaker verification, or biometric matching against any individual.

In other words, the audio of a call is used to understand the content of what is being said — not to mathematically model, recognize, or identify the unique characteristics of a speaker’s voice. We do not build, maintain, or query a database of voice templates for identification purposes.

Because we do not collect biometric identifiers or biometric information in the normal course of providing our services, the written-notice, written-release, and consent obligations of BIPA § 15(b), CUBI § 503.001(b), and RCW 19.375.020 are generally not triggered by our standard voice pipeline. Should that ever change, the safeguards described in Section 5 apply.

4. How Our Voice Pipeline Works

To support the statements above with transparency, the following providers process voice data on our behalf during an AI phone call. None of them is used by us to create a voiceprint or to perform speaker identification:

  • Telephony transport: Telnyx (USA, Standard Contractual Clauses) carries the raw call audio.
  • Speech-to-text (STT): Deepgram (EU endpoint) converts spoken audio into text only.
  • Language model inference: Anthropic via AWS Bedrock in the EU (eu-central-1, Frankfurt) generates the assistant’s replies from the text.
  • Text-to-speech (TTS): Fish Audio (Singapore, Standard Contractual Clauses) as the primary provider, with ElevenLabs and Cartesia (USA, Standard Contractual Clauses) as fallbacks, synthesize text into spoken audio.

Primary data and the database are hosted in the EU (Frankfurt – Supabase), and call audio is stored on Cloudflare R2 in the EU (Frankfurt). These components handle audio and text for the purpose of conducting and recording a conversation — not for biometric identification.

Call recordings, transcripts, and related metadata are retained only for the configured retention period (90 days by default, configurable per agent) and are then automatically and irreversibly deleted. These recordings and transcripts are not biometric identifiers or biometric information as defined above.

5. Notice & Written Consent (If Biometric Data Were Ever Processed)

If we were ever to introduce a feature that would collect or generate biometric data — for example, an optional voice-cloning capability that creates a voice model of an identifiable person — we would do so only after providing written notice and obtaining a written release (consent) in the manner required by applicable law, before any such data is collected.

In that event, and consistent with BIPA § 15(b), CUBI § 503.001(b), and RCW 19.375.020, we would, before collecting or generating any biometric identifier or biometric information:

  • inform the individual, in writing, that a biometric identifier or biometric information is being collected or stored;
  • inform the individual, in writing, of the specific purpose and the length of term for which it is being collected, stored, and used; and
  • obtain a written release (a written, informed consent) from the individual or the individual’s legally authorized representative.

No such feature is enabled in the standard voice pipeline. This section describes the safeguards that would apply only if biometric processing were ever introduced.

6. Written Retention & Destruction Schedule (BIPA § 15(a))

As required by BIPA § 15(a), we maintain this publicly available written retention schedule and destruction guidelines for biometric identifiers and biometric information.

Because our normal voice pipeline does not collect biometric identifiers or biometric information, in the ordinary course there is no biometric data to retain. To the extent any biometric identifier or biometric information were ever collected, captured, or generated (for example, under an optional feature as described in Section 5), the following schedule applies:

  • Biometric data, if any, is retained no longer than necessary to fulfill the purpose for which it was collected.
  • In all cases, biometric data, if any, is permanently destroyed when the initial purpose for collecting or obtaining it has been satisfied, or within three (3) years of the individual’s last interaction with us, whichever occurs first. For Texas residents under CUBI, any biometric identifier would be destroyed no later than the first anniversary of the date the purpose for collecting it expires.
  • Destruction is carried out by permanent, irreversible deletion from our systems and those of any processors acting on our behalf, such that the data cannot be reconstructed.
  • Upon a valid request to delete biometric data, if any, we will destroy it within the timeframes above and, where applicable, instruct our processors to do the same.

For clarity, call recordings, transcripts, and metadata that are not biometric identifiers or biometric information are governed by the retention periods described in our Privacy Policy (90 days by default, configurable per agent).

7. No Sale, Lease, Trade, or Profit (BIPA § 15(c))

Consistent with BIPA § 15(c), CUBI, and RCW 19.375, Flowent does not sell, lease, trade, or otherwise profit from any biometric identifier or biometric information.

More broadly, and consistent with our CCPA/CPRA position, we do not sell or share personal information, and we do not use personal information for cross-context behavioral advertising. We honor the Global Privacy Control (GPC) browser signal as a valid opt-out request. See our Your Privacy Choices page for more detail.

8. Reasonable Standard of Care (BIPA § 15(e))

Consistent with BIPA § 15(e), to the extent any biometric identifier or biometric information were ever in our possession, we would store, transmit, and protect it from disclosure using the reasonable standard of care within our industry, and in a manner that is the same as or more protective than the manner in which we store, transmit, and protect other confidential and sensitive information.

Our general security measures include transport encryption (TLS/SSL) for data in transit, encryption at rest for sensitive credentials (for example, AES-256-GCM for stored OAuth tokens), EU data residency for primary data and call audio, access controls, and contractual data-processing agreements with our service providers. These measures are described further in our Privacy Policy and our Security overview.

9. Disclosure to Third Parties

We do not disclose, redisclose, or otherwise disseminate biometric identifiers or biometric information except where permitted by applicable law — for instance, with the individual’s consent, where required to complete a transaction requested or authorized by the individual, or where required by a valid warrant, subpoena, or other applicable legal obligation. As stated above, in the normal operation of our voice pipeline we hold no such data to disclose.

10. Business Use Only

Flowent’s services are offered to businesses (B2B) only and are not directed to consumers. Our customers, who operate phone lines through our platform, act as the party responsible for the calls they conduct and for providing any notices required of them under applicable law. This Policy describes the practices of Flowent as the provider of the underlying platform.

11. Updates to this Policy

We may update this Policy from time to time to reflect changes in our services or in applicable law. The current version is published on this page, and the “Last updated” date below reflects the most recent revision. If we introduce any feature that would collect or generate biometric data, we will update this Policy and follow the notice-and-consent process described in Section 5 before any such collection occurs.

12. Contact

For questions about this Biometric Data Policy, or to make a request relating to biometric data, please contact:

Luis Ens – Flowent
Am Neugraben 9
79112 Freiburg
Germany
Email: [email protected]

Last updated: 2026-06-06