Privacy Policy
Last Updated: May 2025
1. Who is responsible for processing your data?
ZOF AI INC, located at Ferry Building, Suite 201 San Francisco, CA 94111, United States, is responsible for processing your personal data. We operate in compliance with the General Data Protection Regulation (GDPR) for individuals located in the European Union, as well as the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for users residing in California. For any request, please contact us at:privacy@zof.ai
2. What data is collected?
When you use our services, we collect data related to your identity (name, email, company, billing), technical data from your projects (logs, videos, metadata), and usage data (pages visited, API calls, navigation). We also collect data via cookies and trackers (IP address, browser, device), for analytics purposes, with your consent.
3. For what purposes is your data processed?
| Purpose | Legal basis |
|---|---|
| User account and subscription management | Performance of a contract |
| Technical assistance and support | Legitimate interest |
| Usage analytics for continuous improvement | Consent |
| Payments and billing | Performance of a contract |
| Marketing campaigns (emails, newsletters) | Consent |
| Compliance with legal obligations | Legal obligation |
4. Where is your data hosted?
Data of customers located in the European Union is exclusively hosted on AWS servers located in Germany.
Our customers may also choose to host their project data on their own servers, in the environment of their choice, subject to technical compatibility. Users located outside the EU may have their data hosted on AWS servers located in the United States, in accordance with applicable laws.
5. Who has access to your data?
Your data may be shared with our service providers (hosting, payment, email, analytics) strictly within the scope of their services. These providers (e.g., AWS, Stripe, Google) are contractually required to uphold data confidentiality and security
6. How long do we keep your data?
Account-related data is retained for three years after your last activity. Technical logs are retained for twelve months. Billing data is archived for ten years in compliance with accounting obligations. Marketing data is deleted upon withdrawal of your consent or after three years without interaction.
7. What are your rights?
In accordance with the GDPR (for EU residents) and the CCPA/CPRA (for California residents), you have the right to access, correct, delete, port, and restrict the processing of your data. You may also object to certain processing activities, withdraw your consent at any time, and opt out of the sale of your data if you reside in California.
To exercise these rights, please contact: privacy@zof.ai.
You may also contact a supervisory authority:
- In France: CNIL – www.cnil.fr
- In California: California Privacy Protection Agency (CPPA) – www.cppa.ca.gov – 2101 Arena Blvd, Sacramento, CA 95834
8. Is your data transferred outside your country?
All our data processing operations are governed by data protection agreements and, where applicable, by the European Commission’s Standard Contractual Clauses. We do not transfer data outside the contractual framework agreed with each client.
9. Are the data fields mandatory or optional?
The data collected through our forms is necessary to manage your account or deliver our services. If you choose not to provide such data, we may be unable to respond to your request. Optional fields are clearly indicated.
10. Protection of minors
Our services are intended only for individuals aged 18 and over. We do not knowingly collect data from minors. If such data is inadvertently collected, it will be promptly deleted.
11. Contact Us
For any question regarding this policy or your personal data, you may contact us at privacy@zof.ai