Privacy Policy
ConstanceAI, Inc.
Last updated: 2026-06-05
AGEWARDEN estimates age from a short voice sample. We return a pass/fail result and delete the audio and derived features within one hour. We do not sell end-user data or use it for ads, profiling, or training. The Client receives the result, not the recording.
ConstanceAI, Inc. ("we," "us," "our") operates AGEWARDEN, a voice-based age verification service. We are incorporated in Delaware with offices at 3245 Geary Blvd #590843, San Francisco, CA 94118. You can reach our privacy team at privacy@constance.ai.
When you use AGEWARDEN on a website or app, that website or app (the "Client") has asked us to verify your age. Under data protection law, the Client is the data controller (they decide why age verification is needed) and we are the data processor (we perform the check on their behalf). This policy explains what we do with your data.
When you start an AGEWARDEN voice check, here is what happens:
| Data | What happens to it |
|---|---|
| Voice audio | Captured from your microphone as a short voice sample. Sent to AGEWARDEN over an encrypted connection, processed in ephemeral runtime environments, and permanently deleted within one hour of capture. The Client does not receive the recording. |
| Acoustic features | Numerical values extracted from your voice to estimate age. These features are used only for the age check and are permanently deleted alongside the audio within one hour. |
| Age result | A binary pass/fail outcome (e.g., "over 18" or "not over 18"). This is the per-check result shared with the Client website. |
| Technical metadata | Browser type, device type, and session identifiers necessary to deliver the service. AGEWARDEN application audit logs do not record IP addresses or device fingerprints. |
| Audit record | After processing completes, we retain an application audit record that a verification occurred. It may include a verification identifier, approximate time, pass/fail result, and broad age bracket. It does not include your voice, derived acoustic features, name, IP address, device fingerprint, or End User identifier. |
What we do NOT collect: We do not collect your name, email, phone number, address, date of birth, government ID, or photographs. We do not create voiceprints, speaker profiles, or biometric templates. The acoustic features we extract during processing are used solely for age estimation and are permanently deleted.
We process your voice data for one purpose only: to estimate whether you meet the age threshold required by the website you're visiting. That's it.
Depending on where you are, we rely on the following legal grounds:
| Jurisdiction | Legal basis |
|---|---|
| UK / EU (GDPR) | Legitimate interest in providing age verification services that protect children online (Article 6(1)(f)). Where required, your explicit consent (Article 9(2)(a)) for processing voice data as a special category. |
| United States | Your consent. Where law requires notice or consent before capture, the Client website is responsible for obtaining it before AGEWARDEN starts. |
| Australia | Your consent under the Privacy Act 1988 and compliance with the Client's obligations under the Online Safety Act 2021. |
Maximum one hour. Voice audio and derived acoustic features are permanently and automatically deleted within one hour of capture. No voice data, acoustic features, or biometric information is retained beyond this window.
Why one hour? One hour is the maximum processing window. Most verifications complete and are deleted far sooner.
Destruction schedule (for jurisdictions requiring one): All voice audio and derived acoustic features are permanently destroyed within a maximum of one hour from capture. Destruction is automatic. After destruction, the only record that remains is the application audit record described in Section 2.
Application audit records exist for regulatory compliance, billing, and service integrity. They do not include End User identifiers, IP addresses, device fingerprints, voice data, or derived acoustic features.
The Client website receives the binary age result (pass/fail). Clients also have access to aggregated analytics about their verification activity, such as total counts, pass/fail ratios, and age group distributions.
We do not sell end-user data or share it for cross-context behavioral advertising. We do not use end-user data for advertising, profiling, marketing, training, or any purpose other than the age check.
Service providers: We use subprocessors to run AGEWARDEN. They process only the data needed to operate the service. The current subprocessor list and scope are in Section 6 and Annex III of the Data Processing Agreement, which controls.
AGEWARDEN currently processes voice data in the United States. If you are located outside the United States, your voice data will be transferred to the US for processing. Voice data is encrypted in transit using TLS 1.2 or higher, encrypted at rest if transiently persisted during processing, and permanently deleted within one hour. We will update this policy as regional availability changes.
For users in the EU, UK, or Switzerland: we rely primarily on the EU Standard Contractual Clauses (Module Two, Implementing Decision 2021/914) for EEA transfers, the UK Addendum to the EU SCCs for UK transfers, and Swiss FADP adaptations for Swiss transfers. Where ConstanceAI holds an active EU-US, UK Extension, or Swiss-US Data Privacy Framework certification, that mechanism applies as a supplemental basis. After the voice check, we do not retain end-user voice data or acoustic features.
AGEWARDEN processes your voice through an automated system and returns a binary age result to the Client website. The Client website then uses that result to make the access decision that affects you. No human at AGEWARDEN reviews your voice or the result.
Request human review from the Client website, which is the data controller that makes the access decision. If you contact AGEWARDEN directly, we will route the request to the Client.
If you believe the result was wrong, you can try again or use an alternative verification method offered by the Client website. You can also escalate to the Client website directly to request human review of the access decision.
AGEWARDEN is designed to protect children. If our system estimates that you are below the required age, the Client website will restrict your access accordingly. We process the voice data of all users, including minors, solely to make this determination, and we apply the same deletion practice regardless of age: all voice data and acoustic features are destroyed within one hour.
COPPA compliance: Under the Children's Online Privacy Protection Act (15 U.S.C. §§ 6501-6506) and its 2025 amendments, voice data may constitute "personal information." AGEWARDEN acts as a support service provider to the Client website (the "operator" under COPPA): we process voice on the Client's behalf, use subprocessors listed in the DPA, return the result to the Client, and delete voice data and derived features within one hour. The Client website is responsible for notice and, where required, verifiable parental consent before initiating an age screen on a user who may be under 13.
Depending on where you live, you may have some or all of the following rights:
| Right to know | You can ask what personal data we hold about you. Voice data and acoustic features are deleted within one hour. Application audit records do not include End User identifiers, voice data, or derived acoustic features. |
| Right to deletion | You can ask us to delete your data. Voice data and acoustic features are automatically deleted within one hour. Application audit records do not include End User identifiers. |
| Right to object | You can decline to use AGEWARDEN. The Client website may offer alternative verification methods. |
| Right to challenge | If you believe the age estimate was incorrect, you may try again or request review from the Client website. |
| Right to complain | You can lodge a complaint with your local data protection authority (e.g., the ICO in the UK, your state attorney general in the US, or the OAIC in Australia). |
| CCPA rights | We do not sell personal information or share it for cross-context behavioral advertising. You have the right to know, delete, and opt out. |
To exercise any right, email privacy@constance.ai. We will respond within 30 days (or sooner if your local law requires it).
AGEWARDEN runs inside an isolated iframe on the Client's website. The Client website cannot access your microphone feed or intercept voice data. Communication with AGEWARDEN is encrypted in transit using TLS 1.2 or higher. Voice data and acoustic features are encrypted at rest if transiently persisted during processing and permanently deleted within one hour. Persistent application audit logs do not include End User identifiers, voice data, or derived acoustic features.
If you are an Illinois resident, this section provides the written notice required by 740 ILCS 14/15(b):
Biometric data collected: Voice audio is captured and processed to extract acoustic characteristics for age estimation. These characteristics are numerical values used to estimate age. They are not voiceprints.
Purpose: Solely to estimate whether you meet an age threshold set by the Client website.
Retention and destruction: Voice audio and all derived acoustic features are permanently destroyed within a maximum of one hour from capture. We do not sell, lease, trade, or disclose biometric data except as described in this policy and the DPA.
Where law requires notice or consent before capture, the Client is responsible for obtaining it before AGEWARDEN starts.
If we make material changes, we will update the "Last updated" date at the top and, where feasible, notify Client websites so they can inform their users.
ConstanceAI, Inc.
3245 Geary Blvd #590843
San Francisco, CA 94118
Privacy inquiries: privacy@constance.ai
General inquiries: hello@constance.ai