Privacy Policy

1. Who We Are

Plyrium is an AI marketing and customer-facing operations company providing automated lead handling, online-presence management, and AI Voice Receptionist services for home-service contractors. References to "we," "us," and "our" in this Privacy Policy refer to Plyrium.

Contact: sales@plyrium.com · (520) 380-4410 · For privacy-specific requests including access, correction, deletion, or portability of your data: privacy@plyrium.com.

2. What Information We Collect

2.1 Account information

• Name, email address, business name, phone number
• Business address, service area, trade category
• Authentication credentials (passwords are hashed via bcrypt-equivalent; we never store them in plaintext)
• Two-factor authentication enrollment (TOTP secrets, registered phone numbers, recovery codes - all stored encrypted)
• Team-member email addresses, full names, role assignments, and permission grants
• Billing information processed by Stripe - we never store your full credit card number on our systems; we receive only a tokenized customer ID, last-four digits, and card brand for display

2.2 Business profile content

• Service descriptions, pricing, business hours, voice-receptionist configuration (greeting, voice selection, behavior settings)
• Voice samples (past customer emails you share to train brand-voice prompts)
• Photo libraries and brand assets you upload
• Customer pain points and frequently asked questions
• Field tech roster (names, contact info, service areas, and skill assignments) for scheduling-aware AI behavior

2.3 AI Voice Receptionist call data

When the AI Voice Receptionist answers an inbound call to your business or places an outbound call on your behalf, we collect and store:

• Audio recording of the call (full duplex)
• Transcript of the call (speech-to-text)
• AI-generated summary, classification (lead / spam / hostile / etc.), and qualifying details (caller name, callback number, business type, urgency, recommended tier)
• Tool-call traces - what the AI looked up (calendars, customer records, route maps) during the call
• Caller phone number from caller ID, plus any name/email/business info the caller shared verbally
• Call metadata - start/end timestamps, duration, cost, resulting appointment ID if any

This data is required to run the service: without recording and transcription, the AI cannot summarize the call for you, route the right leads, or learn from past interactions to recognize returning callers.

Recording disclosure for callers: see Section 8 for state two-party-consent obligations and how we handle recording disclosure.

2.4 Operational data we collect on your behalf

• Inbound leads via webhook (form submissions, SMS, email)
• Customer reviews from your Google Business Profile (review text, star rating, reviewer name as published)
• Google Business Profile insights (calls, profile views, direction requests, website clicks)
• Activity logs of posts published, reviews answered, leads replied to, calls handled
• Customer contact records you create or that flow in from the AI’s qualification process (name, phone, email, address)
• Quotes (including 3-tier proposals + reusable templates), invoices, change orders, and the line items / amounts / signatures associated with each
• Recurring service contracts - schedule cadence, pricing model, billing-collection mode, Stripe subscription IDs (when autopay is configured)
• Service-plan memberships (Care Club / loyalty plans) - enrolled customers, plan perks, period dates
• Parts inventory - catalog entries, on-hand counts, restock events, and which parts were used at which appointment
• Projects - multi-visit job rollups grouping appointments, invoices, change orders, expenses, and time entries under one parent record
• Tech time tracking - per-appointment start/stop timers, durations, cost calculations, and overtime classifications based on the threshold rule the Owner selected
• Tech time off - vacation, sick, holiday, training, and other PTO blocks recorded per tech
• Expense receipts - vendor, category, amount, expense date, optional photo of the receipt (stored in Supabase Storage)

2.5 Customer payment data (when you charge your customers through Plyrium)

When you accept card payments from your customers via the Service’s Stripe Connect integration, we store on our systems:

• Stripe-tokenized payment-method IDs (never raw card numbers)
• Card brand and last-4 digits (for display only)
• Customer-side billing-portal session tokens (short-lived, single-use)
• Invoice payment records (charge timestamp, amount, fee, status, refund history)
• For autopay subscriptions: Stripe subscription IDs and the saved Stripe customer reference
• For card surcharges: the surcharge percentage you configured + the surcharge amount on each charge (stored in payment metadata for accounting transparency)

Stripe holds the actual card data + processes all charges; Plyrium is not a money transmitter and does not handle PAN data. See Stripe’s Privacy Policy for their data practices.

2.6 Tech location data (GPS tracking - opt-in, two-gate)

If both the Owner enables tracking for a specific tech AND that tech consents in their app session (the two-gate model described in Terms § 5A), we receive periodic location pings (latitude, longitude, accuracy radius, timestamp) from the tech’s mobile app during their tracking window. We store these pings in the per-tenant database. Tracking can be revoked by either party at any time; revocation immediately stops new pings. Location data older than 30 days is purged on a rolling cadence unless tied to an active appointment record (in which case it’s retained for the same window as the appointment).

2.7 Cookie consent + tracking opt-in (visitor-level)

For visitors to the marketing site (plyrium.com, demo.plyrium.com), we record the cookie-consent decision (accepted / declined / Global-Privacy-Control auto-decline) in browser localStorage on the visitor’s own device. Both PostHog product analytics AND advertising-measurement tools (Meta Pixel, Google Ads conversion tag) are opt-IN - none drop their third-party cookies or send identifying data until the visitor explicitly clicks Accept on the cookie banner. The advertising scripts themselves are loaded on every page (so Google + Meta’s attribution models can collect coverage data), but they run in “Consent Mode default-denied” - no _fbp, _gcl_*, or related advertising cookies are set, and no user identifiers are sent until consent is granted. Browsers that send the Global Privacy Control signal are auto-declined without showing the banner. See Section 11 for the full cookie inventory and how to revoke consent.

2.7.1 Marketing attribution (UTM, click IDs)

When you land on plyrium.com via a link that includes UTM parameters (utm_source, utm_medium, utm_campaign, utm_content, utm_term) or an ad-platform click ID (fbclid from Meta, gclid from Google Ads), we capture those values into browser localStorage as “first-touch” attribution. If you sign up later, the values are written onto your account so we can attribute the signup back to the campaign that originated it. UTM data is non-PII (campaign labels). Click IDs are per-user opaque identifiers that the issuing platform can correlate back to your ad-platform identity; we treat them as marketing data and they are stored on the same visitor-localStorage path. UTM/click-ID capture is first-party only (no third-party network call), runs on every page load, and is not gated by the cookie banner - it’s the implementation of the marketing-attribution promise we make to ourselves to spend ad budget responsibly.

2.8 Technical data

• IP address, browser type, device type, operating system
• Pages visited within our application, timestamps, navigation flow
• Authentication events (login, logout, 2FA challenge, password change)
• Error logs and performance metrics (anonymized except for an authenticated user ID linkage so we can debug per-user issues)
• Source-mapped error stacks via Sentry (see Section 4.6) for crash diagnosis

3. How We Use Your Information

We use your information solely to:

• Deliver the Service: answer your business phone, publish posts, reply to reviews, respond to leads, generate reports, route appointments to techs
• Bill you accurately: manage your subscription via Stripe, send invoices and receipts, calculate per-call cost
• Communicate with you: account confirmations, urgent escalations from the AI receptionist, product updates, customer support, milestone onboarding emails (day 3, 7, 14)
• Identify returning callers on the AI Voice Receptionist line - we look at the inbound caller ID against past calls/leads to recognize existing customers and adapt the greeting
• Improve the Service: via anonymized, aggregated analytics - never individual-level training of public AI models
• Comply with the law: respond to legal requests, prevent fraud, enforce our Terms

We do not sell your data. We do not share it with advertising networks, data brokers, or any party not listed in Section 4. We do not use your customer data, voice samples, business information, or call recordings to train any third-party large language model or shared AI system.

3.1 SMS Opt-In Data and Consent

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. When a recipient consents to receive SMS messages from Plyrium (whether for two-factor authentication, customer service notifications, or AI lead-response conversations on behalf of our contractor customers), the consent record and the recipient's phone number are stored solely to honor that opt-in and to comply with TCPA / CTIA / A2P 10DLC carrier requirements. SMS opt-in data is never sold, shared with marketing affiliates, or transferred to any party other than the carriers and SMS infrastructure providers (Quo / OpenPhone) required to deliver the message itself. Recipients may opt out at any time by replying STOP, END, QUIT, UNSUBSCRIBE, or CANCEL to any message; opt-outs are honored immediately and propagated to all future messages from the same sender.

4. Third-Party Sub-Processors

The Service is built on a small, deliberate stack of third-party processors. We share with each only the minimum data needed for them to perform their function. Each is bound by their own privacy policy and a Data Processing Agreement with us.

4.1 Hosting and infrastructure

• Vercel, Inc. - hosts the application and serves the CDN. Receives request metadata and serves static and dynamic content. Does not retain your business data beyond cache.
• Supabase, Inc. - hosts our Postgres database. All client data, leads, posts, reviews, account information, call summaries, and transcripts are stored here. Hosted in the United States (us-east-1). Row-level security is enabled on every multi-tenant table.

4.2 AI / large language models

• Anthropic, PBC (Claude) - generates text content (posts, replies, reports, AI receptionist responses). Each request is sent in real time and is configured for zero data retention; Anthropic does not retain or train on our prompts or outputs.

4.3 Voice telephony and AI voice agent

• Vapi, Inc. - orchestrates the AI Voice Receptionist, including ringing your business phone number, capturing audio, routing to TTS/STT providers, and delivering tool-call payloads to our application. Receives full call audio, transcripts, and caller metadata. Stores call recordings and transcripts on our behalf.
• ElevenLabs, Inc. (as a Vapi sub-processor) - provides text-to-speech (TTS) for the AI receptionist's voice in most configurations. Receives the text the AI is about to speak.
• MiniMax (Shanghai Xiyu Technology Co., Ltd.) (as a Vapi sub-processor) - alternate text-to-speech provider used for some voice presets. Receives the text the AI is about to speak. We use MiniMax voice models hosted via Vapi's worldwide region.
• Deepgram, Inc. (as a Vapi sub-processor) - provides speech-to-text (STT) transcription of caller audio in real time. Receives the inbound caller's audio stream.

4.4 Payments

• Stripe, Inc. - handles all credit card processing, recurring billing, and PCI compliance. Stripe receives your payment information; we receive only a tokenized customer ID, the card brand, and last-four digits for display. For Bundle and Front Office customers, Stripe Connect is used to facilitate invoice payments from your customers to your account.

4.5 Communications

• Resend, Inc. - sends transactional and notification emails on our behalf (welcome emails, escalation alerts, milestone onboarding, password resets, invoice/quote sends). Receives email addresses and message content.
• Quo Software, Inc. (formerly OpenPhone) - provides phone numbers, SMS, and call routing for Plyrium's own sales line and (on Bundle / Front Office tiers) for customer-facing SMS automations. Receives recipient phone numbers and message content.

4.6 Operations and reliability

• Sentry, Functional Software, Inc. - receives error events and source-mapped stack traces when something fails in the application. Sentry events may include the authenticated user ID, the URL path, and the error context. We do not send customer PII (names, phone numbers, lead bodies) into Sentry payloads.
• PostHog, Inc. (U.S. region) - receives product analytics events used to measure the signup, onboarding, and trial-to-paid funnel. We send page paths, click events, plan tier, and wizard step numbers. We never send raw email addresses, raw phone numbers, customer names, lead bodies, or transcripts; identifiers are SHA-256 hashed before transmission. See Section 11 for the full disclosure.
• OpenStreetMap Foundation (Nominatim API) - geocodes service addresses to coordinates so the AI receptionist can route by drive-time. Receives only the street address, never the customer's name or contact info.

4.7 Google services

• Google Business Profile API - we connect via OAuth to your business profile to publish posts, reply to reviews, and read insights. We never access your personal Gmail, Drive, Photos, or Contacts.
• Google Calendar API - when you connect Google Calendar, we read free/busy information to find appointment slots and write new appointments to your calendar. We do not read existing event content beyond start/end times.

4.8 Microsoft services (optional)

• Microsoft Graph API - when you connect Microsoft 365, we read free/busy information for the same calendar use case as Google Calendar above. Same minimum-access principle applies.

4.9 Advertising and conversion measurement (marketing site only)

The following advertising sub-processors run only on the marketing site (plyrium.com), only after visitor consent (see Section 2.7), and only on public pages - never on signed-in /portal, /admin, or token-gated customer surfaces (/q/*, /i/*, /me/*, /r/*):

• Meta Platforms, Inc. (Meta Pixel + Conversions API) - used to measure which Meta (Facebook + Instagram) ads led people to sign up. Receives the page URL, a Meta-issued _fbp first-party browser identifier, and (after a signup happens) the SHA-256 hash of the email address used to sign up. We never send raw email addresses, raw phone numbers, lead bodies, customer names, or any field values from inside the product. Pixel ID 963766723295636.
• Google LLC (Google Ads gtag.js + Conversion Tracking) - used to measure which Google Search ads led people to sign up. Receives the page URL, a Google-issued gclid click identifier (when present), and (after a signup happens) a transaction identifier and a SHA-256 hashed email address. Same exclusions as above. Tag ID AW-18139096693, sub-account 669-978-0739 under Google Ads manager 244-954-3552.

Both run in opt-in mode by default - when consent is denied (or undecided, or the browser sends Global Privacy Control), the scripts load but do not drop their third-party cookies and do not send identifying data to the platforms. Click Cookie preferences in the footer at any time to revoke consent; both will immediately stop setting cookies and stop sending identifying data.

5. Voice Call Data - Specific Practices

Because AI voice calls are the most sensitive data the Service handles, we cover them separately:

5.1 What we record

For every inbound call answered by the AI Voice Receptionist, we record the full duplex audio (caller and AI voice), generate a real-time transcript via our speech-to-text sub-processor, and store an AI-generated summary and classification. We retain the audio recording, transcript, and summary as long as your account is active, plus 90 days after termination.

5.2 What we don't do with it

• We do not share recordings or transcripts with other Plyrium customers
• We do not use them to train any third-party AI model, including Anthropic, ElevenLabs, MiniMax, or Deepgram
• We do not sell or rent them
• We do not use them for marketing to your customers without your explicit prior authorization

5.3 Caller identification

For returning callers, the AI may recognize the inbound number against past call records to deliver a continuity-aware greeting. The AI does not see caller-name or business-name data until the caller confirms their identity verbally - caller-ID can be spoofed and we treat it as untrusted by default. Internal records keyed to the phone number are linked server-side after the AI verifies identity through conversation.

5.4 PII redaction in tool responses

When the AI looks up an existing customer record during a call, the response payload returned to the AI excludes owner email, owner phone, and other contact PII; only the business name, owner first name, plan tier, and recent activity summaries are exposed to the AI conversational layer. This reduces the surface for transcript-based PII leakage.

6. Data Retention

We retain your information as long as your account is active. After cancellation:

• Account and configuration data are retained for 90 days, then permanently deleted
• Customer leads, posts, reviews, call recordings, transcripts, and summaries are retained for 90 days for your export, then deleted
• Billing records (invoices, receipts, Stripe transaction metadata) are retained for 7 years to comply with U.S. tax law
• Encrypted database backups are rotated; longest backup retention is 30 days
• Sentry error events are retained for 30 days, then aged out per Sentry's defaults

You may request earlier deletion at any time by emailing privacy@plyrium.com. Note that some records (billing, legal compliance, fraud prevention) may be retained even after your request as required by law.

7. Your Rights

Depending on where you live, you may have the right to:

• Access: request a copy of the personal data we hold about you
• Correction: ask us to fix inaccurate information
• Deletion: request deletion of your data ("right to be forgotten")
• Portability: request your data in a machine-readable format (CSV/JSON exports are available from the dashboard)
• Opt out of marketing: unsubscribe from marketing emails (transactional and account-critical emails are not opt-out-able while you have an active account)
• Object to processing: in certain circumstances, ask us to stop using your data
• Restrict processing: ask us to limit how we use your data while a request is pending
• Withdraw consent: where processing is based on your consent, you may withdraw it at any time without affecting prior lawful processing
• Lodge a complaint with a supervisory authority (where applicable)

To exercise any of these rights, email privacy@plyrium.com. We will respond within 30 days (or sooner where required by law).

7.1 California residents (CCPA / CPRA)

California consumers have additional rights under the California Consumer Privacy Act and California Privacy Rights Act, including the right to know what personal information we have collected, used, disclosed, or shared in the past 12 months; the right to delete; the right to correct; the right to opt out of "sale" or "sharing" (we do not sell or share for cross-context behavioral advertising); the right to limit use of sensitive personal information; and the right not to be discriminated against for exercising your rights.

7.2 European and U.K. residents (GDPR / UK GDPR)

If you are in the European Economic Area, U.K., or Switzerland, you have additional rights under GDPR. Our legal basis for processing is (a) contract performance - to deliver the Service you signed up for; (b) legitimate interest in operating, improving, and securing the Service; (c) compliance with legal obligations; and (d) where applicable, your consent. Our designated contact for GDPR matters is privacy@plyrium.com.

8. Call Recording Disclosure and State Law

Some U.S. states have all-party-consent (also called "two-party-consent") laws for telephone-call recording - most notably California (Cal. Penal Code § 632), Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania, Vermont, and Washington. Calls placed to or from these states may require an explicit verbal disclosure that the call is being recorded.

Because Plyrium operates the AI Voice Receptionist on behalf of you (the contractor), responsibility for ensuring the receptionist's greeting includes an appropriate recording disclosure where state law requires one rests with you. The Service supports configuring a recording disclosure in the receptionist's first message; you can enable this from the Receptionist settings page.

Plyrium itself records inbound calls to its own sales line; callers to our sales number are deemed to consent to recording per the disclosure on our website and in our published Terms.

9. Security

We use industry-standard security practices:

• TLS 1.2+ encryption for all data in transit
• Encryption at rest for the database and all backups (AES-256)
• Row-level security on all multi-tenant tables (Postgres RLS) - clients cannot read each other's data even at the database level
• Service-role database access is reserved for authorized server-side code paths only
• Per-route role-based access control on every authenticated API endpoint, with separate gates for view-only vs mutating actions
• Demo workspace write-restrictions to prevent prospects from corrupting shared sandbox data
• Two-factor authentication available for all user accounts; the workspace owner can require it of any individual member
• HMAC signature verification on all webhook endpoints (Stripe, Vapi, Quo, Calendly)
• Per-member MFA enforcement and per-role permission overrides for sensitive surfaces (services catalog, voice config, billing, integrations)
• Geo-fencing at the edge - production traffic is restricted to the U.S. and Canada
• Strict access controls; only authorized personnel can access production systems
• Regular security audits, dependency updates, and source-mapped error monitoring via Sentry

No system is perfectly secure. If we discover a breach affecting your data, we will notify you within 72 hours of confirmation, in accordance with applicable law.

10. AI Voice Disclosure

The Federal Communications Commission ruled in February 2024 (FCC-24-17) that AI-generated voices, including neural and cloned voices, qualify as "artificial or prerecorded voice" under the TCPA. The Service uses neural text-to-speech voices for the AI Voice Receptionist. If a caller asks whether they are speaking with an AI or a human, the receptionist is configured to truthfully identify itself as AI. Use of the Service to make outbound calls is governed by Section 5 of our Terms of Service, which sets out the consent requirements you must meet before initiating any outbound campaign.

11. Cookies and Tracking

We use a small number of essential cookies to run the application: authentication tokens, session identifiers, two-factor authentication state cookies (HMAC-signed), and anti-CSRF tokens. We do not use third-party advertising trackers, marketing pixels, cross-site behavioral profiling, or social-media remarketing.

Your choice. The first time you visit, you'll see a banner asking whether you're OK with optional product analytics. You can Accept all, Decline optional, or Customize per-category. To change your mind any time, click Cookie preferences in the footer of any page. We honor the browser-level Global Privacy Control signal — if your browser sends GPC, we record an automatic decline without showing the banner.

Cookie inventory. Here is every cookie / browser-storage entry the site sets, what it's for, and which category it falls into:

Product analytics (PostHog). We use PostHog to measure how visitors move through the signup, onboarding, and trial-to-paid journey so we can fix the parts of the product that confuse people. PostHog Inc. is a U.S. sub-processor (posthog.com/privacy); we use the U.S.-region instance (us.i.posthog.com). The PostHog SDK does not initialize on your device until you affirmatively click Accept; if you decline, no PostHog cookies are set and no events are sent. What we send when you do consent, and what we never send regardless:

• What is sent: page paths, click events on signup CTAs, wizard step numbers, plan tier and billing cycle (monthly vs. annual), trial start / convert / cancel events, and aggregate counts like "the user has services configured" (boolean, not the contents). UTM and campaign parameters from inbound links are preserved for attribution; all other URL query parameters are stripped before send.
• What is NEVER sent: raw email addresses, raw phone numbers, customer or lead names, message bodies, voice transcripts, voice recordings, invoice line items, payment details, or the contents of any free-text field. Email and phone (when needed for funnel stitching) are SHA-256 hashed and truncated client-side before transmission so they cannot be reversed back to the original value.
• Person profiles are only created for authenticated users (PostHog "identified-only" mode); anonymous visitors stay anonymous.
• Session replay is disabled. If we ever enable it, replays will mask all input fields and text by default and we will update this policy first.

Advertising and conversion measurement (opt-in). On the marketing site (plyrium.com) we run Meta Pixel and the Google Ads conversion tag to measure which ads bring people to Plyrium. Both are off by default - when you arrive on the site (or if your browser sends Global Privacy Control), neither drops a third-party cookie or sends identifying data. The scripts themselves are loaded so the platforms’ modeled-conversions can include Plyrium data in the aggregate, but your individual visit isn’t attributed to your ad-platform identity until you click Accept. Click Cookie preferences in the footer to revoke consent at any time; both will switch back to the default-denied state immediately. We do not use these pixels for cross-site retargeting, lookalike audience building from your visit alone, or any data-broker integrations. We do not run LinkedIn Insight Tag or TikTok pixel - if either ever turns on, this section will list it before it goes live.

What gets sent to Meta & Google when you consent + sign up. Email is SHA-256 hashed before being sent (the destination platforms use the hash to match their own user records - they cannot reverse it back to your raw email). The Meta Conversions API server-side fire mirrors the browser pixel and uses the same hashing - it’s a backup path so ad-blocker noise doesn’t lose conversion signal, not an additional collection. Google Ads receives a per-event transaction identifier (we use the SHA-256 of your email here too) so duplicates between the browser tag and any future server-side import don’t double-count. We never send raw email, raw phone, your name, your business name, or any free-text field to either platform.

12. Children's Privacy

The Service is not directed at individuals under 18. We do not knowingly collect data from minors. If you believe a minor has signed up, contact us at privacy@plyrium.com and we will delete the account.

13. International Data Transfers

Plyrium is operated from the United States. If you access the Service from outside the U.S., your data will be transferred to and processed in the U.S. By using the Service, you consent to this transfer. Where required, we rely on Standard Contractual Clauses or other approved mechanisms to lawfully transfer data internationally.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced by email at least 30 days before they take effect, and the updated policy will be posted here with a new "Last updated" date. Your continued use of the Service constitutes acceptance.

15. Contact Us

For privacy questions or to exercise your rights:

• Privacy-specific email: privacy@plyrium.com
• General email: sales@plyrium.com
• Phone: (520) 380-4410

This Privacy Policy was last updated on May 4, 2026. Material updates from the prior version include: expanded Section 2.7 on tracking opt-in (now covers Meta Pixel + Google Ads conversion tag in addition to PostHog, all running in Consent-Mode default-denied until opt-in); new Section 2.7.1 disclosing first-party UTM + click-ID capture for marketing attribution; new Section 4.9 listing the new advertising sub-processors (Meta Platforms for Pixel + Conversions API, Google LLC for Google Ads gtag); replaced the Section 11 “No advertising cookies” paragraph with a truthful disclosure of Meta + Google Ads, including what gets sent (SHA-256 hashed email, transaction IDs) and what never does (raw email, raw phone, names, free-text fields); expanded Section 11 cookie inventory (added plyrium_utm_v1, _fbp, _gcl_*; bumped consent-storage key to v2 since the disclosure changed materially and re-prompts every visitor). May 2 updates: expanded Section 2.4 covering quotes / 3-tier proposals / change orders / recurring service contracts / memberships / parts inventory / projects / tech time tracking / time off / receipts; new Section 2.5 on customer payment data (Stripe Connect tokenized payment methods, billing-portal sessions, payment records, autopay subscription IDs, card surcharges); new Section 2.6 on opt-in two-gate GPS tracking with 30-day rolling retention. Earlier April updates: dedicated section on AI Voice Receptionist call data; expanded Sub-Processors list (Vapi, ElevenLabs, Rime, Deepgram, Cartesia, Sentry, PostHog); Section 8 on state call-recording laws; Section 10 on FCC AI Voice Disclosure; expanded Security section.