Back to Home
Privacy Center

Privacy Policy

Last Updated: 01/01/2026

We are committed to protecting your privacy and handling personal data in a transparent and responsible manner, in accordance with the General Data Protection Regulation (GDPR) and applicable European data protection laws.

Information We Collect

Account Information

When you create an account, we collect: Name, Company name, Website, Work email address, and Phone number.

We do not store passwords. Authentication is handled using time-limited verification codes.

Chat and Interaction Data

We process user inputs, AI-generated responses, and data retrieved from connected third-party tools that is displayed in the user interface.

Third-Party Integration Data

When you connect services (Notion, Gmail, Calendar, Asana, Jira, ClickUp), data is accessed only after explicit authorization and retrieved only upon request. We do not continuously sync or store full datasets.

How We Use Your Information

We use personal data solely to:

  • Provide, operate, and maintain the Service
  • Authenticate users and manage accounts
  • Respond to user requests and deliver AI-generated responses
  • Enable user-authorized third-party integrations
  • Ensure platform security, reliability, and performance

We do not collect financial data and do not sell personal data.

Legal Basis & AI Processing

GDPR Legal Bases

  • Performance of Contract (Art. 6(1)(b)): Account creation, authentication, AI responses
  • Consent (Art. 6(1)(a)): Connecting third-party tools
  • Legitimate Interests (Art. 6(1)(f)): Security monitoring, fraud prevention

AI Transparency

AI models receive only data visible in the UI. They do not access backend databases, third-party credentials, or make autonomous execution decisions. We do not use customer data to train LLMs.

Data Sharing & International Transfers

We share data only with trusted sub-processors (cloud infrastructure, AI providers, security services) contractually bound to GDPR compliance.

Our primary infrastructure is hosted in the EU. Where data is transferred outside the EU, Standard Contractual Clauses (SCCs) are applied.

We may disclose data if required by law or valid legal request.

Your Data Protection Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectification and erasure
  • Restrict or object to processing
  • Data portability

We respond to verified requests within 30 days.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at: founder@zizka.ai