Privacy Policy

Account Information: When you register, we collect your name, email address, and password (hashed; never stored in plain text).

Feedback Data: Text or CSV data you upload for analysis. This is the core input for generating your product opportunities.

Usage Data: We log how many analyses you run, when you last used the Service, and general interaction metrics (e.g., page views). We do not use cookies for tracking.

Payment Information: All payment processing is handled by Razorpay. We do not store your card details. We receive billing confirmation records only.

Communication Data: If you contact us via email, we retain that correspondence to help resolve your inquiry.

• To authenticate you and operate your account
• To process your feedback and generate AI analysis results
• To send transactional emails (account confirmation, analysis notifications, alert emails)
• To enforce our plan limits and billing cycles
• To improve reliability, diagnose bugs, and maintain service security
• To respond to your support requests

We do not: sell your data, use your feedback to train AI models, send unsolicited marketing emails, or share data with third-party advertisers.

All data is stored in Supabase (PostgreSQL) with Row Level Security enabled — only you can access your own data via authenticated API calls.

Data is encrypted in transit (TLS 1.3) and at rest (AES-256). We host on AWS infrastructure in the ap-south-1 (Mumbai) region.

We perform regular security reviews and apply principle-of-least-privilege access controls to all system components.

Zointly integrates with the following third-party services to operate:

• Supabase — Database, authentication, and file storage
• Google Gemini API — AI analysis of feedback data
• Razorpay — Subscription billing and payment processing
• Resend — Transactional email delivery

Each provider processes only the minimum data required for their function. We do not authorize them to use your data for any other purpose.

When you generate a public report, the analysis results (opportunity titles, scores, and verbatim customer quotes from your uploaded feedback) become accessible via a unique public URL.

You control whether to generate and share public reports. You can regenerate a new URL from your results page at any time. Contact us to permanently remove a public report from our servers.

We retain your account data and analyses for as long as your account is active.

If you delete your account, all associated data — including analyses, opportunities, snapshots, and insight alerts — is permanently and immediately deleted from our systems within 72 hours.

Depending on your location, you may have rights under applicable privacy laws (including GDPR and India's DPDP Act) to:

• Access: Request a copy of your personal data
• Correction: Update inaccurate data via Account Settings
• Deletion: Delete your account and all associated data
• Portability: Request an export of your analyses
• Objection: Opt out of any non-essential data processing

To exercise any of these rights, contact hello@zointly.com. We will respond within 30 days.

Zointly is not intended for use by children under 16. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice at least 14 days before the changes take effect.

Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.

For privacy-related questions, data requests, or complaints, contact our privacy team at:

hello@zointly.com — subject line: “Privacy Request”

Zointly Inc. · hello@zointly.com