Last updated: May 2025
"Coming of Age 20/40" is an interactive exhibition experience created by Futurity. Visitors use a mobile app (iOS or Android web) to have voice conversations with AI characters while scanning NFC-tagged physical objects at the exhibition. This privacy policy explains what data is collected, how it is processed, who processes it, and what rights you have.
The data controller for this application is:
Futurity
Email: collaborator@futurity.systems
If you have questions about your data or this policy, contact us at the email above.
Voice audio
When you start a conversation, your device's microphone captures your voice. This audio is streamed in real time to ElevenLabs, Inc., a third-party AI service provider, for speech recognition, language model processing, and text-to-speech response generation. The audio is processed in real time and is not stored — all ElevenLabs agents used by this application operate in zero-retention mode, meaning no audio recordings are kept after the conversation ends.
NFC tag data
When you scan a physical object or card at the exhibition, the app reads the NFC tag's serial number (a hardware identifier like "04:5D:DD:34:BF:2A:81"). This serial number is matched against a local lookup table on your device to determine which object was scanned. The resulting text prompt (e.g. "tell me about this journal") is then sent to ElevenLabs as part of the conversation. The NFC serial number itself is not transmitted to any server.
Conversation content
The full conversation — your spoken words (transcribed by ElevenLabs) and the AI character's responses — is processed on ElevenLabs' servers in real time. Any text injected via NFC scans is included as part of the conversation content. With zero-retention mode enabled, no transcripts or conversation logs are stored by ElevenLabs after the session ends.
Web hosting metadata
When your device loads the application, the web host (Vercel) necessarily processes your IP address and standard HTTP metadata (such as browser type and request timestamps) in order to deliver the page. This is standard for any website and is handled by Vercel's infrastructure. No conversation data, audio, or user-submitted content passes through Vercel.
This application does not collect, store, or transmit:
There are no user accounts, no sign-ups, no logins, and no persistent data stored between sessions.
Your voice audio and conversation content are processed by ElevenLabs, Inc., a US-based AI company that provides the conversational AI service. The app connects directly to ElevenLabs' servers using their client SDK. All ElevenLabs agents used by this application are configured with zero-retention mode — no audio, transcripts, or conversation data is stored by ElevenLabs after a session ends.
The application itself is hosted on Vercel as a static HTML file. Vercel's servers process standard web request metadata (IP address, HTTP headers) to deliver the page, but receive no conversation data, audio, or user-submitted content.
The Inter typeface is loaded from Google Fonts. When the page loads, your browser makes a request to Google's CDN to fetch the font files. Google processes standard HTTP metadata for this request. No data is shared with Google by the application itself.
The iOS companion app is a native shell that wraps the web experience and adds NFC scanning via Apple's CoreNFC framework. All NFC processing happens locally on your device.
By the app: Zero retention. The app does not store any data locally or remotely. When you end a conversation or close the app, no trace of the conversation remains on your device.
By ElevenLabs: Zero retention. All agents used by this application are configured with ElevenLabs' zero-retention mode. This means no audio recordings, transcripts, or conversation logs are stored on ElevenLabs' servers after your session ends. Your conversation exists only for the duration of the real-time session and is discarded immediately afterward. For further details on ElevenLabs' data handling practices, see their privacy policy: elevenlabs.io/privacy
By Vercel: Vercel may retain standard web server access logs (IP addresses, request timestamps, HTTP headers) in accordance with their own privacy policy. These logs do not contain any conversation content, audio, or user-submitted data. See: vercel.com/legal/privacy-policy
If you are located in the European Economic Area (EEA), the legal basis for processing your voice data is explicit consent (Article 6(1)(a) of the GDPR). Before starting a conversation, you are asked to confirm that you agree to your voice being processed by ElevenLabs.
You may withdraw your consent at any time by simply ending the conversation. Once ended, no further data is transmitted, and no data is retained.
This application operates with zero data retention — both on-device and on ElevenLabs' servers. No personal data is stored after a conversation ends, which means there is no data to access, correct, delete, or export.
Under the GDPR, you have the right to withdraw consent at any time by simply ending the conversation. Once ended, no further data is transmitted.
Vercel may retain standard web server logs (IP addresses, request metadata) as part of serving the page. To exercise your rights regarding that data, refer to Vercel's privacy policy.
For any questions about this app's data practices, contact us at collaborator@futurity.systems.
This application is designed for use at a public exhibition and is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has used the app and you have concerns, please contact us.
All data transmission between your device and ElevenLabs' servers occurs over HTTPS (TLS-encrypted connections). The web application is served over HTTPS from Vercel's global CDN. The iOS app enforces App Transport Security (ATS), which requires all network connections to use HTTPS.
NFC tag processing happens entirely on-device. Tag serial numbers are never transmitted to any server — only the resulting text prompt is sent to ElevenLabs as part of the conversation.
With zero-retention mode enabled, conversation data is not persisted on any server, reducing the risk surface to the duration of the live session only.
No other permissions are requested. The app does not access your camera, location, contacts, photos, health data, or any other sensitive information.
We may update this privacy policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. We encourage you to review this policy periodically.