Which rules apply to which calls.

Personal Information Protection and Electronic Documents Act.

PIPEDA applies to private-sector organizations that collect, use, or disclose personal information in the course of commercial activity in Canada. It governs how we and you handle caller data — names, phone numbers, transcripts, recordings. Compliance is structural in MeetIndi: tenant isolation, data residency in Canada, and self-serve access and deletion are designed into the platform.

• Applies whenever the caller is in Canada — this is the default for the pilot
• Right of access (PIPEDA Schedule 1, Principle 9 — Individual Access; operationalized by Section 8 of the Act) — callers can request a copy of their personal information; we surface a self-serve export inside Settings → Privacy
• Right to deletion — honored on request, with the legal-retention exceptions noted on /privacy
• Data residency — Cloud SQL Postgres in northamerica-northeast2 (Montreal); your data does not leave Canada
• Reference: /privacy is the rule of record; this page is a navigator

California, Colorado, Virginia, Connecticut — and the rest as they land.

For US callers, the relevant frameworks are CCPA (California), VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), and the growing patchwork of state privacy laws. They differ in details but share a common spine: notice at collection, right to know, right to delete, right to opt-out of sale or sharing. Our practices honor the strictest reading: we do not sell or share customer data, recordings or transcripts.

• Right to know — surfaced via the same self-serve export in Settings → Privacy
• Right to delete — same surface; same legal-retention exceptions documented on /privacy
• Right to opt-out of sale or sharing — moot, because we do not do either
• Notice at collection — provided at call start via the recording disclosure (heard before any conversational content)
• TCPA applies separately to outbound SMS for US recipients; we honor the same consent-log gate as CASL

One-party vs two-party consent — what we do, what you should know.

Call-recording laws vary by state and province. Some places require only one party to know the call is being recorded; others require all parties to consent. MeetIndi handles this with a per-tenant, jurisdiction-aware setting: an opt-in pre-call disclosure that fires deterministically before any conversational content, used by tenants who operate under two-party-consent regimes. Canadian tenants who rely on one-party consent (operator-as-consenting-party) keep the disclosure off by default and the call goes straight to Indi. You still own the call of which posture applies to your business; this section is what we do, not legal advice.

• Two-party-consent states (US): California, Florida, Illinois, Maryland, Massachusetts, Montana, New Hampshire, Pennsylvania, Washington — and a few others. Tenants serving callers in these states enable the pre-call disclosure during onboarding; it fires before Indi connects, on every call.
• One-party-consent states (US): the majority. Tenants here may run with disclosure off (operator is the consenting party) or opt in for caller transparency.
• Canada: Criminal Code §184(1) prohibits intercepting private communications; §184(2)(a) permits recording with the consent of one party (§183.1 defines consent). Default for Canadian tenants is disclosure off — the operator is the consenting party. Tenants under provincial regulators with stricter notice requirements can opt in.
• When enabled, disclosure plays via a deterministic Polly.Joanna <Say> on the inbound TwiML before <Connect><Stream>; not LLM-generated, not skippable in-flow, and Indi is told a disclosure has already played so she does not double-disclose.
• When disabled, no opening <Say> fires — Indi greets the caller directly. The recording itself is still made; the legal basis is the operator's one-party consent, not the caller's.
• Reference: /casl + /security cover the structural enforcement; /privacy documents what is retained.