What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This policy engages GDPR (EU/EEA users), UK GDPR, CCPA/CPRA (California residents), and potentially state biometric privacy statutes including Illinois BIPA, Texas CUBI, and Washington's My Health MY Data Act. The EU AI Act may also apply given ElevenLabs' core product is an AI-powered voice generation system. The FTC holds general jurisdiction over unfair or deceptive data practices for US users. Where the policy asserts legitimate interests as a legal basis for processin…

How does ElevenLabs's ElevenLabs Privacy Policy affect users?

The policy establishes that voice recordings and AI-generated voice model data submitted to ElevenLabs may be retained and processed for system improvement and shared with third parties. Users gain the ability to request access to, deletion of, or restrictions on processing of their personal data through designated contact channels or account settings tools where available. The authorization for retention and processing of biometric voice data extends beyond the immediate service session.

How often is ElevenLabs's ElevenLabs Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when ElevenLabs updates this document?

Yes. Watcher subscribers ($9.99/month) can add ElevenLabs to their watchlist and receive same-day email alerts whenever this document or any other ElevenLabs document changes.

CA-D-000450

ElevenLabs Privacy Policy

ElevenLabs

Last change detected May 19, 2026 Privacy policy

SHA-256: 23ba6fbe35d3b0be9a2… 2 versions captured 1 change documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at ElevenLabs ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

1 High severity

6 Medium severity

1 Low severity

Summary

This is ElevenLabs' privacy policy that describes how the company collects, processes, and uses personal data when users access its voice cloning and text-to-speech services. The policy permits ElevenLabs to retain and process voice recordings and custom voice models to improve its AI systems and share data with service providers and business partners. Users in California, the EU, and specified US states (Illinois, Texas, Washington) have rights to access, delete, or restrict processing of their data by submitting requests to privacy@elevenlabs.io.

Technical / Legal Breakdown

This document is ElevenLabs' privacy policy governing the collection, use, and sharing of personal data across its AI-powered voice synthesis platform, operating under a consent and legitimate interests legal basis framework consistent with GDPR and US state privacy law requirements. The policy states that ElevenLabs collects account information, payment data, voice recordings and cloned voice models, usage data, device identifiers, and communications content; the terms authorize sharing this data with service providers, business partners, affiliates, and in the context of corporate transactions such as mergers or acquisitions. Notably, the policy asserts that voice recordings and AI-generated voice models submitted by users may be used to improve ElevenLabs' models, which engages biometric and voice data considerations that several US state laws and the EU GDPR treat with heightened sensitivity; the policy does not explicitly enumerate a prohibition on selling voice data to third parties in all contexts, and the scope of 'business partners' as a sharing category warrants scrutiny. The policy acknowledges GDPR rights for EU/EEA users including access, rectification, erasure, and data portability, and references CCPA rights for California residents including the right to know, delete, and opt out of sale or sharing; compliance obligations under the EU AI Act may also be engaged given the platform's core AI voice generation functionality. Material compliance considerations include the adequacy of consent mechanisms for voice biometric data in Illinois (BIPA), Texas, Washington, and other states with biometric privacy statutes, as well as the need to assess whether the 'business partners' sharing category constitutes a 'sale' or 'sharing' under CCPA.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

1 important change detected

2 versions captured · Last updated: May 2026

May 19, 2026

low

What changed ElevenLabs removed two social media platform links from their privacy policy footer on May 19, 2026. The updated policy no longer includes direct links to X-Developers and YouTube-Developers accounts in the 'Socials' section. This is a minor formatting or navigation change with no material effect on privacy practices, data handling, or user rights.

Why this matters This change has no material effect on consumer privacy rights, data handling practices, or terms of service. The updated policy removes navigation links to social media accounts from the footer section. The substantive privacy commitments and data processing practices described in the policy remain unchanged.

View full change record →

High — 1 provision

Voice Data Use for AI Model Training Compare →

ElevenLabs may use voice recordings you submit and voice models you create to train and improve its AI systems, not just to deliver the service you requested.

Added May 10, 2026 Common Seen across 104 platforms

Medium — 6 provisions

Data Sharing with Business Partners Compare →

ElevenLabs may share your personal data not just with companies that help run its platform, but also with business partners who may use it for their own marketing or business purposes.

Added May 10, 2026 Standard Seen across 246 platforms
Corporate Transaction Data Transfer Compare →

If ElevenLabs is sold, merges with another company, or goes through bankruptcy, your personal data including voice recordings and account information can be transferred to the new owner.

Added May 10, 2026 Standard Seen across 246 platforms
User Rights for EU and California Residents

EU/EEA users and California residents have specific legal rights to see, correct, delete, and transfer their data, and California users can also opt out of their data being sold or shared.

Added May 10, 2026 Rare
Data Retention Compare →

ElevenLabs keeps your data for as long as it needs to for business and legal purposes, but does not specify exact timeframes for each data type including voice recordings.

Added April 30, 2026 Standard Seen across 223 platforms
Children's Data and Age Restriction Compare →

ElevenLabs does not intentionally collect data from children under 13, and will delete such data if discovered, but relies on self-reported age rather than active verification.

Added May 10, 2026 Standard Seen across 262 platforms
International Data Transfers Compare →

Your personal data including voice recordings may be transferred to and stored in the US or other countries, which may have weaker privacy protections than your home country.

Added April 30, 2026 Common Seen across 122 platforms

Low — 1 provision

Cookies and Tracking Technologies Compare →

ElevenLabs uses cookies and trackers to monitor how you use the platform, and you can manage some of these through browser settings or the site's cookie tool.

Added April 30, 2026 Standard Seen across 251 platforms

Monitoring

ElevenLabs has updated this document before.

Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

Professional Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Professional free trial

Cross-platform context

See how other platforms handle Third-Party Data Sharing with Advertising Partners and similar clauses.

Compare across platforms →