Back to login

Privacy Policy

Last updated: May 2026

1. Introduction

Zennn (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI agent dashboard and related services.

The data controller for account, billing, and service administration data is [Legal Entity Name], trading as Zennn, registered at [Registered Address], the Netherlands, with Chamber of Commerce number [KvK Number] and VAT number [VAT Number, if applicable].

For personal data contained in your workspaces, knowledge bases, chat conversations, and embedded widgets, Zennn may act as a processor on behalf of the workspace owner or organization that uses the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Authentication credentials (managed by Supabase Auth)
  • Profile information you choose to provide

2.2 Workspace and Agent Data

We collect data related to your use of our services:

  • Workspace configurations and settings
  • AI agent configurations, knowledge bases, and training data
  • Conversation history and chat logs
  • Widget deployment settings and usage analytics

2.3 Billing Information

Payment processing is handled by Stripe. We store:

  • Subscription plan and status
  • Credit and usage balances
  • Stripe customer ID (payment details are stored by Stripe)

2.4 Technical Data

We automatically collect:

  • IP address and browser information
  • Device and operating system details
  • Usage patterns and feature interactions
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use your data to:

  • Provide and maintain our AI agent services
  • Process payments and manage subscriptions
  • Improve our products and user experience
  • Communicate service updates and security alerts
  • Comply with legal obligations
  • Prevent fraud and abuse

4. Legal Bases for Processing

Where GDPR applies, we process personal data under the following legal bases:

  • Contract: to create accounts, provide workspaces, operate AI agents and widgets, process subscriptions, and deliver the Service.
  • Legitimate interests: to secure the Service, prevent abuse, improve reliability, understand feature usage, and support customers.
  • Legal obligation: to keep required billing, tax, accounting, fraud-prevention, and compliance records.
  • Consent: where required for non-essential cookies, marketing communications, or optional processing choices.

5. AI and Third-Party AI Providers

Zennn uses third-party AI providers, such as OpenAI, xAI, or other model providers, to generate chat responses, create embeddings, and process knowledge-base content for retrieval.

  • Chat messages, agent instructions, conversation context, and relevant knowledge-base content may be sent to AI providers to generate responses.
  • We may create embeddings or indexes from knowledge-base content so your AI agents can retrieve relevant information. This is used to provide the Service and is not the same as training a foundation model.
  • Zennn does not use customer content to train its own foundation AI models unless we obtain separate consent or enter into a separate written agreement.
  • Third-party AI providers may process data according to their own data processing terms, retention policies, and abuse-monitoring requirements. Where required, we use contractual safeguards with these providers.
  • You should not submit sensitive, special-category, or regulated data to AI agents unless you have a lawful basis and appropriate safeguards.

6. Customer and Widget End-User Data

If a workspace owner embeds a Zennn widget on their website or application, that workspace owner is responsible for informing visitors that they are interacting with an AI-powered chat widget and for obtaining any required privacy or cookie consent.

In that context, Zennn generally acts as a processor for conversation content and visitor data processed through the widget, while the workspace owner acts as the controller. Workspace owners must ensure they have the necessary rights and legal bases to submit data to Zennn and connected AI providers.

7. Data Sharing and Disclosure

We may share your data with:

  • Service providers: infrastructure, hosting, database, authentication, payment, AI, analytics, support, email, rate-limiting, and content-processing providers, including Supabase, Stripe, AI model providers, and other subprocessors used to operate the Service.
  • Legal authorities: When required by law or to protect our rights
  • Business transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

8. International Data Transfers

Some of our service providers may process personal data outside the European Economic Area, including in the United States. Where required, we rely on appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, data processing agreements, and other lawful transfer mechanisms.

9. Data Security

We use appropriate technical and organizational measures designed to protect personal data, including encryption in transit, access controls, authentication safeguards, logging, and operational security reviews. However, no system or internet transmission is completely secure, and we cannot guarantee absolute security.

10. Your Rights

Depending on your location, you may have the right to:

  • Access, correct, or delete your personal data
  • Receive a copy of your data in a portable format
  • Restrict or object to certain processing activities
  • Withdraw consent where processing is based on consent
  • Object to direct marketing, if applicable
  • Lodge a complaint with a supervisory authority, including the Dutch Autoriteit Persoonsgegevens

Contact us at privacy@zennn.ai to exercise these rights.

11. Data Retention

We retain personal data for as long as needed to provide the Service, comply with legal obligations, resolve disputes, prevent abuse, and enforce agreements. Account deletion starts a 30-day grace period during which restoration may be possible.

After the grace period, we delete or anonymize data from active systems where no longer needed, subject to legal retention requirements, backup expiry cycles, billing records, security logs, and data that must be retained to protect our rights or comply with law.

12. Cookies and Similar Technologies

We use necessary cookies and similar technologies to provide authentication, session management, security, workspace switching, and core Service functionality.

We may use optional analytics or preference cookies only where permitted by law and, where required, with your consent. You can control cookies through your browser settings and, where available, through our cookie preferences tool.

Embedded widgets may use browser storage or similar technologies to maintain a visitor session, prevent duplicate prompts, or provide continuity in chat conversations. Workspace owners are responsible for disclosing this use on websites where they deploy the widget.

13. Children

The Service is not intended for children under 16. We do not knowingly collect personal data from children through account registration. Customers deploying widgets are responsible for ensuring their use complies with laws applicable to children and minors.

14. Data Processing Addendum

Where required, Zennn offers a Data Processing Addendum for customers that process personal data through the Service as controllers. To request a DPA, contact privacy@zennn.ai.

15. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the application.

16. Contact Us

For questions about this Privacy Policy, contact us at privacy@zennn.ai. To report abuse, unlawful content, security concerns, or misuse of an embedded widget, contact support@zennn.ai.