Back to Legal Documents

ZENZAI Privacy Policy

Effective Date: 12/29/2025
Last Updated: 12/29/2025

1. Introduction

ZENZAI ("ZENZAI", "we", "us", or "our") provides an artificial intelligence–powered software-as-a-service (SaaS) platform designed to help businesses automate sales, customer support, and operational workflows (the “Services”).

This Privacy Policy explains how we collect, use, disclose, retain, and protect Personal Data when you access or use our website, applications, APIs, integrations, and related services.

This policy applies to:

  • Website visitors
  • Business customers and their authorized users
  • End users whose data is processed by our customers

2. Roles Under Data Protection Laws

Depending on the context:

  • ZENZAI acts as a Data Controller when processing Personal Data related to our own business operations (e.g., account management, billing, marketing).
  • ZENZAI acts as a Data Processor when processing Personal Data on behalf of business customers in connection with the Services.

Processing conducted as a Processor is governed by our Data Processing Addendum (DPA).

3. Personal Data We Collect

3.1 Information You Provide Directly

We may collect Personal Data that you voluntarily provide, including:

  • Contact information (name, email address, phone number)
  • Account and business information (company name, role, organization details)
  • Authentication credentials
  • Billing and payment information (processed by third-party payment providers)
  • Communications, support requests, and feedback
  • Content and configuration data submitted to the Services by customers

3.2 Information Collected Automatically

When you access or use the Services, we may automatically collect:

  • IP address and approximate location
  • Device identifiers, browser type, operating system
  • Usage data, logs, timestamps, and interaction metadata
  • Cookies, pixels, and similar tracking technologies

3.3 Information from Third Parties

We may receive Personal Data from third-party sources, including:

  • Identity and authentication providers
  • Analytics and monitoring providers
  • Integration partners enabled by the customer
  • Publicly available sources

4. How We Use Personal Data

We use Personal Data for the following purposes:

  • Providing, operating, maintaining, and securing the Services
  • Managing accounts, authentication, and subscriptions
  • Processing payments and invoices
  • Providing customer support and technical assistance
  • Communicating service-related notices and updates
  • Improving functionality, performance, and user experience
  • Monitoring usage and preventing fraud, abuse, or security incidents
  • Complying with legal, regulatory, and contractual obligations
  • Sending marketing or promotional communications (where permitted)

5. Legal Bases for Processing (GDPR)

Where applicable, we process Personal Data based on one or more of the following legal bases:

  • Performance of a contract (Article 6(1)(b))
  • Legitimate interests (Article 6(1)(f)), such as improving and securing our Services
  • Consent (Article 6(1)(a)), where required
  • Legal obligation (Article 6(1)(c))

6. AI and Automated Processing

ZENZAI provides AI-powered features that may process customer-submitted data to generate outputs or automate workflows.

  • Customer data is processed solely to provide the Services
  • ZENZAI does not use customer content to train general AI models unless explicitly agreed in writing
  • Automated decisions are performed under customer control and configuration

7. Sharing and Disclosure of Personal Data

We may disclose Personal Data to:

  • Service providers and subprocessors (e.g., hosting, analytics, infrastructure)
  • Payment processors and billing partners
  • Professional advisors (legal, financial, compliance)
  • Government authorities where required by law
  • Successors in the event of a merger, acquisition, or asset sale

We do not sell Personal Data and do not share Personal Data for cross-context behavioral advertising.

8. International Data Transfers

Personal Data may be transferred to and processed in countries outside your jurisdiction.

Where required, we rely on appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs)
  • Other lawful transfer mechanisms recognized under applicable law

9. Data Retention

We retain Personal Data only for as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce agreements.

Upon termination of Services, customer data is deleted or returned in accordance with our DPA.

10. Security Measures

ZENZAI implements reasonable administrative, technical, and organizational safeguards designed to protect Personal Data, including:

  • Access controls and authentication
  • Encryption in transit and at rest (where applicable)
  • Monitoring and logging
  • Incident response procedures

No method of transmission or storage is completely secure.

11. Your Privacy Rights

11.1 GDPR / UK GDPR Rights

You may have the right to:

  • Access your Personal Data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Withdraw consent
  • Request data portability

11.2 CCPA / CPRA Rights (California)

California residents may have the right to:

  • Know what Personal Data is collected and disclosed
  • Request deletion of Personal Data
  • Opt out of the sale or sharing of Personal Data
  • Not be discriminated against for exercising privacy rights

Requests may be submitted using the contact details below.

12. Children’s Privacy

The Services are not intended for individuals under the age of 16. We do not knowingly collect Personal Data from children.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Services or other appropriate means.

14. Contact Information

For privacy-related questions or requests, contact:

Email: zai@zenzai.io
Company: ZENZAI
Address: