The policy states that Perplexity collects directly provided identifiers (name, email, phone, payment details) and automatically collected data including device information, IP address, search queries, conversation history, and voice or audio data from voice features.
This analysis describes what Perplexity AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes the full scope of personal data collection, including voice and audio data which may be subject to additional state-level protections (such as Illinois BIPA or Washington's My Health MY Data Act depending on data type) and GDPR requirements for processing biometric or sensitive personal data categories.
The agreement establishes that both voluntarily submitted information and automatically collected behavioral and device data are captured during platform use, including voice audio when voice features are used. Payment information is also collected, though the policy does not specify the payment processing infrastructure used.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
Perplexity AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We collect information you provide directly to us, such as your name, email address, phone number, and payment information. We also automatically collect information about your device, browser, IP address, and how you interact with our services, including your search queries, conversation history, and voice or audio data when you use voice features.— Excerpt from Perplexity AI's Perplexity Privacy Policy
1) REGULATORY LANDSCAPE: Voice and audio data collection may engage Illinois BIPA, Washington state privacy laws, and GDPR provisions on special categories of data if voice data is processed to derive biometric identifiers. Standard device and behavioral data collection engages CCPA, GDPR, and the FTC Act. Payment data collection engages PCI DSS compliance requirements and CFPB oversight if payment processing involves consumer financial data. 2) GOVERNANCE EXPOSURE: Medium. Routine device and behavioral data collection is standard across AI platforms, but voice/audio data collection creates heightened exposure in jurisdictions with biometric privacy laws. The breadth of automatically collected data including full conversation history creates data minimization compliance questions under GDPR Article 5. 3) JURISDICTION FLAGS: Illinois (BIPA), Washington, and Texas have specific statutes governing voice and biometric data. EEA users have GDPR data minimization and purpose limitation rights. California users have CCPA rights to know and delete categories of collected personal information. 4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers should assess whether employee query and conversation data captured by Perplexity creates obligations under their own data governance frameworks. Data processing agreements should specify retention periods for voice and conversation data. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should map all data collection categories against applicable law requirements, with particular attention to voice/audio data handling, retention schedules for conversation history, and whether data minimization principles are operationally enforced.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes the full scope of personal data collection, including voice and audio data which may be subject to additional state-level protections (such as Illinois BIPA or Washington's My Health MY Data Act depending on data type) and GDPR requirements for processing biometric or sensitive personal data categories.
The agreement establishes that both voluntarily submitted information and automatically collected behavioral and device data are captured during platform use, including voice audio when voice features are used. Payment information is also collected, though the policy does not specify the payment processing infrastructure used.
ConductAtlas has identified this type of provision across 17 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Perplexity AI.