Privacy Policy
Effective date: 2025-08-13
This Privacy Policy explains how Zaiwave (“we”, “us”) collects, uses, shares, and protects information when you use our websites and services (the “Service”).
If anything here conflicts with platform-specific terms you accept (e.g., Meta, LinkedIn, X, TikTok), those platform terms also apply to your connected accounts. Leading providers describe their controller/processor roles similarly for social-content data. :contentReference[oaicite:5]5
1) Who controls your data?
- For social content you process through Zaiwave, you (or your organization) are typically the controller and Zaiwave is your processor, acting on your instructions (publish, schedule, transform, analyze). :contentReference[oaicite:6]6
- For account data (billing, support, security), Zaiwave is the controller.
2) Data we collect
Account & billing: name, email, team details, plan, invoices (via our payment provider).
Connected platforms: OAuth tokens/permissions, profile/page IDs, page names, and limited metadata required for publishing and analytics. We do not store your social passwords.
Content: drafts, media files, captions, generated AI variants, schedules, and publishing logs.
Usage & device: app actions, event logs, approximate location (from IP), and technical identifiers for security and performance.
Support: messages and attachments you send us.
3) How we use data
- Provide and secure the Service (auth, publishing, analytics, troubleshooting).
- Generate AI variants you request and improve relevance (never to train a public model with your identifiable data).
- Send transactional emails (publishing status, billing, security alerts).
- Product research and usage analytics in aggregate.
- Comply with legal obligations and enforce our Terms.
4) Legal bases
Where applicable (e.g., EEA/UK): contract (to deliver the Service), legitimate interests (security, product improvement), consent (optional marketing), and legal obligations.
5) Sharing
We share data with service providers that help us run Zaiwave (hosting, storage/CDN, email, analytics, payments, error monitoring). They must follow strict confidentiality and security obligations. We also share data when required by law, to prevent harm, or with your consent.
6) Analytics & cookies
We use privacy-respecting analytics to understand usage and improve the product. Our analytics do not track individuals across sites for advertising. (Some providers describe privacy programs and DPAs publicly.) :contentReference[oaicite:7]7
7) Data retention
- OAuth tokens: until you disconnect an account or it expires.
- Drafts & scheduled items: while your account is active (you can delete).
- Logs & diagnostics: typically up to 180 days unless we must keep longer for security/abuse investigations.
- Billing records: as required by tax and accounting laws.
8) Security
We apply industry-standard safeguards, encrypt tokens at rest, and limit internal access. No method of transmission or storage is 100% secure.
9) International transfers
We may process data in countries other than yours (currently including the EU and other regions). When transferring data internationally we rely on appropriate safeguards (e.g., SCCs) where applicable.
10) Your rights
Depending on your location, you may have rights to access, correct, delete, port, or object to certain processing. For requests, contact privacy@zaiwave.com or /contact. If we process content as your processor, we’ll direct platform or end-user requests to you as the controller.
11) Children
The Service is not for children under 16. We do not knowingly collect personal data from children.
12) Data retention after termination
If you close your account, we will:
- Revoke tokens and stop publishing.
- Delete or anonymize customer content within a reasonable period, except minimal records we must keep for legal or billing reasons.
13) Changes
We may update this Policy. We’ll post the new version with an updated date and notify you of material changes.
14) Contact
privacy@zaiwave.com • /contact