What can I do about this clause?

{'method': 'EMAIL', 'recipient': 'privacy@elevenlabs.io', 'difficulty': 'EASY', 'action_type': 'DELETE_DATA', 'instructions': 'Email privacy@elevenlabs.io to request deletion of your voice data and to ask for clarification on how long your voice recordings are retained. Request confirmation of deletion in writing.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'State_AG', 'reason': 'State attorneys general enforce BIPA (Illinois) and CCPA/CPRA (California) retention disclosure requirements, including the BIPA 3-year maximum retention rule for biometric data.', 'complaint_url': 'https://www.naag.org/find-my-ag/'}

What is the severity of this clause?

ConductAtlas classifies this Data Retention clause as high severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Retention clauses across approximately 39 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Retention — ElevenLabs

Share 𝕏 Share in Share 🔒 PDF

What it is

ElevenLabs keeps your personal data, including voice recordings, for as long as it decides is necessary — the policy does not specify any fixed retention periods.

Consumer impact (what this means for users)

ElevenLabs does not commit to any maximum retention period for your voice recordings or other personal data, meaning your biometric voice data could be held for years or indefinitely as long as ElevenLabs deems it necessary for its business purposes.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data

Email privacy@elevenlabs.io to request deletion of your voice data and to ask for clarification on how long your voice recordings are retained. Request confirmation of deletion in writing.

Cross-platform context

See how other platforms handle Data Retention and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

The absence of specific retention periods for sensitive biometric voice data means ElevenLabs could retain your voice recordings indefinitely, and users have no clear basis for predicting when their data will be deleted.

View original clause language

We retain your personal information for as long as necessary to provide you with our Services and as required by applicable law. When determining retention periods, we consider the nature and sensitivity of the data, the purposes for which it was collected, and our legal obligations.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: GDPR Art. 5(1)(e) (storage limitation principle) requires personal data to be kept no longer than necessary for specified purposes, with defined retention periods; GDPR Art. 13(2)(a) requires communication of retention periods or criteria to data subjects; BIPA 740 ILCS 14/15(a) requires a publicly available retention schedule and destruction of biometric data within 3 years or when the purpose is fulfilled, whichever is earlier; CCPA/CPRA requires disclosure of retention periods by category. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

State AG

State attorneys general enforce BIPA (Illinois) and CCPA/CPRA (California) retention disclosure requirements, including the BIPA 3-year maximum retention rule for biometric data.
File a complaint →

Provision details

Document information

Document

ElevenLabs Privacy Policy

Entity

ElevenLabs

Document last updated

April 29, 2026

Tracking information

First tracked

April 30, 2026

Last verified

April 30, 2026

Record ID

CA-P-004373

Document ID

CA-D-00450

Evidence Provenance

Source URL

https://elevenlabs.io/privacy-policy

Wayback Machine

View archived versions →

SHA-256

b75b1f8acd13a68881f4fcb9606d10a24499d50e9b26f218570263ebce7417e9

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: ElevenLabs | Document: ElevenLabs Privacy Policy | Record: CA-P-004373
Captured: 2026-04-30 09:06:47 UTC | SHA-256: b75b1f8acd13a688…
URL: https://conductatlas.com/platform/elevenlabs/elevenlabs-privacy-policy/data-retention/
Accessed: May 2, 2026

Classification

Severity

High

Data Retention