Zaniti

Privacy Policy

At Zaniti, we value your privacy and are committed to protecting your personal information. This policy explains how we collect, use, and safeguard your data when you use our services.

Effective as of September 6, 2025
(View Previous Versions – we maintain an archive of prior versions of this page for reference.)

When you use Zaniti’s products, you’re trusting us to handle your personal data with care. We take that trust seriously.

When this policy applies: We, Zaniti (“Zaniti,” “we,” “us,” or “our”), provide this Privacy Policy to explain how we collect, use, and disclose your personal data when you interact with us as an individual, such as when you create an account and receive our products directly from us. It also applies when you browse our websites, use our mobile or desktop applications, install our browser extensions, or subscribe to our communications.

When this policy doesn’t apply: If you use Zaniti under the management of a company, school, or other organization (for example, Zaniti Business, Zaniti for Education, or an enterprise deployment), then this Privacy Policy does not apply to the User Content (enterprise-controlled) that your organization uploads or manages in its account. For those accounts, we process User Content on behalf of and in accordance with the contract and data protection terms with that organization (see our Data Processing Addendum (DPA)). This Privacy Policy still applies to your personal data (for example, account and device information) in those environments.

We may update this Privacy Policy from time to time. If we make material updates, we will notify you or seek your consent as required by applicable laws.

Summary

This policy explains our global privacy practices. If you live in certain places, additional disclosures may apply (for example, EEA/UK/Swiss Supplemental Statement and U.S. State Privacy Notice including California).
We make money from paid subscriptions and services, not by selling your data or User Content.
We collect account and billing information, device and usage data, cookies and identifiers, support communications, and User Content you choose to process in Zaniti. In applicable products, you control whether your content is used to improve our models.
We protect your data with encryption, access controls, logging, and layered security. We use trusted subprocessors (see our Subprocessors page for current list) to help deliver our products and disclose data in the limited scenarios described below.
You have privacy rights and choices, including access, correction, deletion, portability, and opt-out rights where applicable.

How Does Zaniti Make Money?

We offer free and paid products. We make money from subscriptions and enterprise contracts. We do not monetize data or use your User Content for third-party advertising.

What Types of Personal Data Does Zaniti Collect?

We collect the following types of personal data:

Account information when you sign up for an account, which includes your email address, password or single sign-on identifiers, name, and email preferences, and, as applicable, role or job title. If you sign up through a third-party service (for example, Google or Apple), we collect the information from them that you authorize.
Payment information if you make a purchase or payment on our websites, which includes payment transaction history and limited billing details (such as billing address). If you use a payment processor (for example, Stripe, Apple App Store, Google Play), you provide payment details directly to that provider, not to Zaniti.
Log data, application, network, and device information, which includes, for example, IP address, device type, browser type and version, time zone and language, operating system and platform, app version, and other technical identifiers.
User Content, which consists of the text, documents, images, audio, video, design files, metadata, and knowledge base materials you upload or otherwise submit when using our products, along with any live data modules you enable (for example, regulatory feeds).
For individual accounts, we process User Content to provide services back to you (for example, reviews, suggestions, insights).For managed or enterprise accounts, your organization controls User Content. See the “Notice to End Users” section below and our DPA for more.
Usage data, which includes information about how you use and interact with our products (for example, features you use, frequency, performance metrics, and crash reports) to deliver insights and optimize your experience.
Cookie information and other identifiers to recognize your browser or device and to provide, protect, improve, and (on marketing sites only) promote our services.
Support communications and other information you provide directly to us, such as data you submit in support tickets, surveys, research sessions, or sales conversations.
Inferences. We may derive information or draw inferences based on the information we collect (for example, approximate location from IP or product feature preferences inferred from use).

Does Zaniti Obtain Any Data From Third-Party Sources?

Yes. We sometimes obtain information about you from partners or vendors to make our products better or more useful (for example, security or fraud signals, rough geolocation from IP-to-region services). Where you connect Zaniti to third-party tools, we receive the data you authorize us to receive. We may combine such data with other information we collect.

For What Purposes Does Zaniti Use Personal Data?

We use personal data for the following purposes:

Providing and tailoring our products to you. To operate our products, process User Content, generate reviews and suggestions, and deliver a personalized experience.
Communicating with you. To respond to support requests, send service notices, and (with consent or as allowed by law) share promotional communications.
Troubleshooting and debugging. To resolve technical issues, track outages, and maintain reliability. Building and improving products. To develop features and improve accuracy and security. In applicable products, you control whether your User Content is used for model training.
Processing payments. To complete transactions and manage subscriptions.
Managing events and research. To register participants, host webinars or beta programs, and send related updates.
Complying with law and protecting rights. To meet legal obligations, protect rights, and prevent fraud or abuse.

Legal bases for EEA/UK/Switzerland: contract, legitimate interests (for example, securing and improving services), legal obligations, and consent (where required, such as for marketing or certain cookies).

How Does Zaniti Secure and Store Personal Data?

Security. We use layered administrative, technical, and physical safeguards including encryption in transit and at rest, secure network configuration, access controls (least privilege, MFA), logging, monitoring, and employee training. Our program is designed in alignment with SOC 2 Type II and ISO 27001 standards.

Retention. We retain data only as long as needed to deliver services, comply with laws, resolve disputes, and enforce agreements. Where feasible, we anonymize or aggregate data after the retention period.

Retention periods by category:

Account information: active account + 2 years
Billing information: 7 years (legal or tax compliance)
Device or usage logs: 12 months, then aggregated or anonymized
User Content (individuals): until deleted or account closed, with backup copies max 12 months
User Content (enterprise): controlled by your organization
Support communications: 2 years, unless longer required by law
Cookies or identifiers: up to 13 months, or shorter depending on settings

Note: Retention periods may be extended if legal or regulatory obligations require it (for example, legal holds).

To Whom Does Zaniti Disclose Personal Data?

We disclose personal data to:

Trusted service providers (subprocessors). We engage subprocessors for hosting, payments, email or support, analytics, monitoring, and AI model integration. These vendors are contractually bound to strict confidentiality and data-use limits.
Government agencies and regulators. When legally required or necessary to protect rights and safety.
Organization administrators. For managed accounts, admins may access and control accounts.
Other users in your organization. Where team features are enabled, some data may be visible to colleagues.
Advertising and analytics partners. Limited identifiers and site interaction data (on marketing sites only). No User Content is shared.
Business transferees. In connection with mergers, acquisitions, or similar events (with notice where required).
With your consent or direction. Including integrations you connect.

Your Privacy Rights & Choices

You may have rights to:

Access, correct, delete, or port your data
Restrict or object to certain processing
Withdraw consent (where applicable)
Opt out of targeted advertising or data “sharing” under U.S. laws

How to exercise rights:

Use Account Settings for most options
Contact privacy@zaniti.io for others
If your account is managed by an organization, contact your administrator first

Communication and Cookie Choices
• Marketing emails: unsubscribe link or contact us
• Cookies: manage via Your Privacy Choices banner, browser settings, or opt-out signals (for example, Global Privacy Control)

Communication and Cookie Choices

Marketing emails: unsubscribe link or contact us
Cookies: manage via Your Privacy Choices banner, browser settings, or opt-out signals (for example, Global Privacy Control)

U.S. State Privacy Notice (Including California)

This section supplements the Policy for residents of U.S. states with privacy laws and serves as our California Notice at Collection.

Categories collected: identifiers, account info, commercial info, network activity, geolocation (approximate), User Content, inferences, communications, cookies.
Purposes: see “For What Purposes Does Zaniti Use Personal Data?”
Disclosures: see “To Whom Does Zaniti Disclose Personal Data?”
Sales or sharing: We do not sell personal info. We may disclose limited identifiers and usage data to advertising or analytics partners on marketing sites, which some laws treat as “sharing” or “targeted advertising.”
Your rights: request access, correction, deletion, portability, and opt-outs. Appeals available if requests are denied. Authorized agents may act on your behalf with proof of authority.

Notice to End Users on Managed Accounts

If you use Zaniti through an organization, that organization controls its instance of the service and User Content (enterprise-controlled).

Access usage and account information
Enable or disable features or integrations
Manage retention, export, and deletion of data
Suspend or terminate access

Direct questions about User Content to your organization’s administrator.

Children’s Privacy

Zaniti is not directed to children under 13 (or under 16 in the EEA or UK). We do not knowingly collect such data. If you believe a child has provided us with personal data, contact us for removal.

International Transfers

When transferring data outside the EEA, UK, or Switzerland, we use approved mechanisms: Standard Contractual Clauses (SCCs), the UK Addendum, and where applicable, the EU–U.S. Data Privacy Framework (DPF).

Contact Information

Zaniti Privacy Team
Email : privacy@zaniti.io
Mail : Zaniti, Inc. 447 Sutter St Ste 405, San Francisco, CA 94108, United States