Your data.

The data controller for Zaplens is Quantum One AI, registered in India, with its principal office in Kolkata. Reach the team at [contact email — pending] for any privacy-related request.

Three categories, in increasing order of detail:

• Account & identity. Name, email, organization name, role (job title), and the Clerk user/organization IDs that map you to your local profile. Collected at signup, updated by you whenever you edit your profile.
• Product usage. Sites you tested, agent runs you triggered, credit consumption, plan tier, simulation tags. We log structured request metadata (URL path, status code, latency, timestamp) for debugging and rate-limiting.
• Generated artifacts. Screenshots, DOM snapshots, agent thought summaries, and report markdown — stored in our R2 bucket against your account ID. Persona files you upload are stored under your account and never shared.

We do NOT collect raw card numbers, CVVs, or bank account credentials. Razorpay handles all payment-instrument data directly; we only receive transaction references (order ID, payment ID, signature) and the metadata in our checkout-time notes.

• Deliver the Service. Run your simulations, generate your reports, gate features behind your plan tier, calculate billing.
• Support. Diagnose issues you raise (we ask permission before reading the contents of a specific simulation during a support ticket).
• Security & abuse prevention. Detect anomalous traffic patterns, rate-limit abusive accounts, investigate suspected misuse.
• Improving the product. Anonymized aggregates only — counts, distributions, latency percentiles. We do not train any LLM on your content.
• Required by law. Comply with valid legal process (court orders, tax / accounting obligations under Indian law).

We rely on the following sub-processors. Each is bound by their own published terms; we've picked them for security posture and the ability to scope data tightly.

• Clerk (auth, identity) — receives email, name, organization metadata. Privacy.
• Razorpay (payments) — receives card / UPI / netbanking details directly from you in their secure checkout, plus our internal order metadata (account ID, plan ID). Privacy.
• Cloudflare (Pages hosting, R2 object storage, edge cache) — receives requests / artifacts in transit and at rest. Privacy.
• Neon (Postgres) — hosts the application database where account / simulation / billing rows live. Privacy.
• Fly.io (backend hosting) — runs the FastAPI containers + ARQ workers. Privacy.

We use a small set of cookies, all functional:

• __session (Clerk) — keeps you signed in.
• __clerk_* (Clerk) — supports the auth flow (sign-in token, organization switching).

We do not use third-party advertising or analytics cookies on the dashboard. The marketing landing page may add a self-hosted analytics beacon in the future; if so, this section is updated.

• Account records — kept while your account is active and for up to 24 months after closure, for tax / audit purposes under Indian law.
• Simulation reports + screenshots — retained according to your plan's history window (7 days on Hobby, 30 days on Plus, 365 days on Pro, unlimited on Enterprise), then deleted in the next nightly sweep.
• Billing & webhook event logs — kept for 7 years to satisfy Indian tax-record obligations.

You can ask us to:

• Access a copy of your account data and reports.
• Correct inaccuracies in your account info.
• Delete your account and associated content (subject to the retention obligations in §06).
• Export your reports in JSON / Markdown before deletion.
• Object to a specific use of your data.

Email [contact email — pending] with the request and the account email; we'll respond within 30 days.

Data in transit is encrypted with TLS 1.3. Data at rest in our Postgres database and R2 bucket is encrypted with provider-default AES-256. Access to the backend is gated by short-lived JWTs (Clerk) for dashboard users and HMAC-signed bearer keys for the v1 API. Internal credentials live in Fly secrets, never in source.

Security incidents that affect customer data trigger an email to affected account owners within 72 hours of discovery.

Zaplens is operated from India. Some of our sub-processors may store or process data outside India. By using the Service you consent to such transfers. We choose providers with documented security practices and (where applicable) standard contractual clauses.

Zaplens is not directed to anyone under 18. We do not knowingly collect personal information from minors; if you believe we have, email us and we'll delete it.

We update this policy when the data flows change materially (new sub-processor, new data category, new cookies). The “Last updated” date above always reflects the most recent revision; we'll email account owners if a change is material.

Privacy questions, deletion requests, suspected misuse — email [contact email — pending] or use zaplens / contact.