Terms of Service, Data Processing & Confidentiality Agreement

By submitting an application, accessing, or using the Service, you (“Customer”) agree to be bound by these Terms of Service, the Data Processing Addendum, the Privacy Policy, the Confidentiality Agreement, the Service Level Agreement, and the Payment Terms set forth below (collectively, the “Agreement”). If you are entering into this Agreement on behalf of a company or other legal entity, you represent that you have authority to bind that entity.

LyrAI is an artificial intelligence voice agent platform that places, receives, transcribes, summarizes, and analyzes inbound and outbound telephone calls and other voice communications on behalf of Customer. The Service uses automated speech recognition, large language models, and synthetic voice generation. Outputs are generated by AI and may be inaccurate; Customer is responsible for reviewing material outputs before relying on them.

Important. All telephone calls, voicemails, and voice interactions handled through the Service are recorded, transcribed, processed, and analyzed by automated artificial intelligence systems. By using the Service, Customer acknowledges and agrees that:

• Calls are placed and answered by an AI voice agent, not a human.
• Audio, transcripts, metadata, and derived analytics are recorded and stored.
• Customer is solely responsible for obtaining all consents required under applicable federal, state, and international law from each party to a call, including without limitation two-party (all-party) consent jurisdictions in the United States (including but not limited to California, Florida, Illinois, Maryland, Massachusetts, Montana, Nevada, New Hampshire, Pennsylvania, and Washington).
• Customer shall ensure that an audible disclosure is provided at the start of each call substantially in the form: “This call may be recorded, transcribed, and processed by an AI system for quality and service purposes.”
• Customer shall not use the Service in violation of the Telephone Consumer Protection Act (TCPA), the Telemarketing Sales Rule (TSR), the CAN-SPAM Act, state Do-Not-Call rules, or any analogous foreign law.

• Customer will not use the Service for unlawful, harassing, deceptive, or harmful purposes, including impersonation of a natural person without disclosure.
• Customer will not upload Protected Health Information (PHI) regulated by HIPAA, payment card data subject to PCI-DSS, government identification numbers, or biometric identifiers unless a separate written agreement is executed.
• Customer will maintain accurate registration information and is responsible for all activity occurring under its account credentials.

Fees are described in the applicable order form or pricing page and are non-refundable except as expressly stated. Customer is responsible for all sales, use, value-added, and similar taxes other than taxes on Critical AI’s net income.

Critical AI retains all right, title, and interest in and to the Service, including all underlying models, software, and documentation. Customer retains ownership of Customer Data. Customer grants Critical AI a limited, worldwide, royalty-free license to host, process, and display Customer Data solely to provide and improve the Service in accordance with this Agreement.

Roles. For purposes of applicable data protection law, Customer is the “Controller” (or “Business”) and Critical AI is the “Processor” (or “Service Provider”) of personal information processed through the Service.

Subject Matter & Duration. Processing continues for the term of the Agreement and any wind-down period.

Categories of Data. Voice recordings, transcripts, caller phone numbers, names voluntarily provided, call metadata, and derived analytics.

Sub-processors. Critical AI may engage vetted sub-processors (including cloud hosting and AI model providers) under written terms no less protective than this DPA.

Security Measures. Critical AI implements administrative, technical, and physical safeguards including encryption in transit (TLS 1.2+) and at rest (AES-256), access controls, logging, and regular security reviews.

Data Subject Requests. Critical AI will provide reasonable assistance to Customer in responding to verifiable requests under the CCPA/CPRA, GDPR, UK GDPR, and similar laws.

International Transfers. Where personal data is transferred outside its country of origin, the parties rely on Standard Contractual Clauses or equivalent transfer mechanisms.

Retention & Deletion. Recordings and transcripts are retained for the period selected by Customer and are deleted within thirty (30) days of termination or upon written request, except where retention is required by law.

Each party (the “Receiving Party”) agrees to (i) protect the other party’s Confidential Information using the same degree of care it uses for its own confidential information of like importance, but no less than a reasonable degree of care; (ii) use such information solely for purposes of performing under this Agreement; and (iii) not disclose such information to any third party except to employees, contractors, and advisors who are bound by obligations of confidentiality at least as restrictive as those herein. Confidentiality obligations survive termination of the Agreement for a period of five (5) years, and indefinitely with respect to trade secrets.

Critical AI collects personal information that Customer and end users provide through the Service, including names, email addresses, phone numbers, company details, voice recordings, transcripts, and call metadata. We use this information to provide, secure, and improve the Service, to communicate with Customer, to comply with law, and to enforce this Agreement.

We do not sell personal information. We share personal information only with vetted sub-processors (such as cloud hosting and AI model providers) under written agreements, and where required by law or to protect our rights. Personal data is retained only as long as needed for the purposes described or as required by law.

Subject to applicable law, individuals may have rights to access, correct, delete, or port their personal information, and to object to or restrict certain processing. Requests may be sent to the registered office in Sheridan, Wyoming, United States. We rely on Standard Contractual Clauses or equivalent mechanisms for cross-border transfers, and we apply administrative, technical, and physical safeguards including encryption in transit (TLS 1.2+) and at rest (AES-256).

Availability. Critical AI targets 99.5% monthly uptime for the production Service, measured excluding scheduled maintenance, force majeure, and Customer-caused issues.

Support. Standard support is available by email during U.S. business hours, with target initial response times of one (1) business day for standard requests and four (4) business hours for incidents materially affecting availability.

Service Credits. Where monthly uptime falls below the target, Customer’s sole and exclusive remedy is a service credit equal to up to ten percent (10%) of the monthly fees for the affected month, requested in writing within thirty (30) days. Credits are not refundable in cash.

Maintenance. Critical AI may perform scheduled maintenance with reasonable prior notice and emergency maintenance at any time to protect the integrity or security of the Service.

Billing. Fees are billed in advance on a recurring basis according to the order form or pricing page selected by Customer, in United States Dollars unless otherwise stated.

Payment Method & Due Date. Customer authorizes Critical AI (and its payment processors) to charge Customer’s designated payment method on each billing date. Invoiced amounts, where applicable, are due net thirty (30) days from the invoice date.

Late Payment. Overdue amounts accrue interest at the lesser of 1.5% per month or the maximum rate permitted by law, plus reasonable collection costs. Critical AI may suspend the Service for non-payment after written notice.

Taxes. Fees are exclusive of all taxes other than taxes on Critical AI’s net income; Customer is responsible for all sales, use, value-added, GST, and similar taxes.

Non-Refundable. Except as expressly stated in this Agreement or required by law, fees are non-refundable. Renewals occur automatically unless cancelled before the end of the then-current term.

The service is provided “as is” and “as available.” Critical AI disclaims all warranties, express or implied, including merchantability, fitness for a particular purpose, non-infringement, and any warranty arising from course of dealing or usage of trade. AI-generated outputs may be inaccurate, incomplete, or unsuitable for any particular use.

To the maximum extent permitted by law, neither party shall be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits, revenue, or data. Critical AI’s aggregate liability arising out of or relating to the Agreement shall not exceed the fees paid by Customer to Critical AI in the twelve (12) months preceding the event giving rise to the claim.

Customer shall defend, indemnify, and hold harmless Critical AI from and against any third-party claims arising from (i) Customer’s violation of law, including consent and recording laws; (ii) Customer Data; or (iii) Customer’s breach of this Agreement.

This Agreement is governed by the laws of the State of Wyoming, United States, without regard to its conflict-of-laws rules. The parties consent to the exclusive jurisdiction of the state and federal courts located in Sheridan County, Wyoming for any dispute not subject to arbitration. Either party may seek injunctive relief in any court of competent jurisdiction to protect its intellectual property or Confidential Information.

Except for claims for injunctive relief, any dispute arising out of or relating to this Agreement shall be finally resolved by binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules, seated in Sheridan, Wyoming, conducted in English, before a single arbitrator. Each party waives any right to a jury trial and to participate in a class action.

Each party shall comply with all applicable laws and regulations, including U.S. export controls and economic sanctions administered by OFAC, anti-bribery laws including the FCPA, and applicable data protection laws including the CCPA/CPRA, GDPR, UK GDPR, and Wyoming consumer protection laws.

This Agreement remains in effect until terminated. Either party may terminate for material breach not cured within thirty (30) days of written notice. Upon termination, Customer’s right to access the Service ceases and Critical AI will delete Customer Data in accordance with the DPA.

This Agreement constitutes the entire agreement between the parties regarding the Service and supersedes all prior or contemporaneous agreements. No waiver shall be effective unless in writing. If any provision is held unenforceable, the remaining provisions shall remain in full force. Notices to Critical AI shall be sent to its registered office in Sheridan, Wyoming, United States.