Skip to content

Zept Privacy Policy

Effective Date: December 4, 2024

At Zept, we respect your privacy and are committed to protecting your personal and business information.
This Privacy Policy explains how we collect, use, share, and protect your data when you use our platform.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, phone number, business name
  • Financial Data: Transaction records, invoices, receipts, business expenses
  • Business Information: Industry type, business size, revenue data
  • Voice Data: Audio recordings when you use voice features (processed and deleted after transcription)
  • Payment Information: Credit card details (processed securely through third-party payment processors)

1.2 Google OAuth Data

When you connect Zept with Google, we collect:

  • Email Address: To identify your account and enable email functionality
  • Profile Information: Your name and profile picture to personalize your experience
  • Calendar Data: Access to Google Calendar to read existing events and create new events on your behalf when requested
  • Calendar Metadata: Calendar information to help schedule events at appropriate times
  • Send Email Capability: Ability to send emails on your behalf only when you explicitly request
  • Contacts: Access to Google Contacts to help you add attendees to calendar events or recipients to emails

1.3 Information We Collect Automatically

  • Usage Data: Features used, pages visited, time spent on platform
  • Device Information: IP address, browser type, operating system, device identifiers
  • Location Data: General location based on IP address (we do not track precise GPS location)

2. How We Use Your Information

We use your information to:

  • Service Delivery: Provide core functionality including creating calendar events, sending emails, and generating financial insights
  • User Experience: Personalize and improve your experience with Zept
  • Process Voice Commands: Generate financial insights from your voice queries
  • Communication: Send financial reports, business analytics, updates, and respond to inquiries
  • Service Improvement: Analyze usage patterns to improve our services
  • Security: Detect and prevent fraud or security issues
  • Legal Compliance: Comply with applicable laws and regulations

3. How We Share Your Information

We never sell your data. Period.

We may share your information only in these limited circumstances:

  • Service Providers: Third-party companies that help us operate (cloud hosting, payment processing, analytics). They're contractually obligated to protect your data.
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: If Zept is acquired or merged, your data may transfer to the new entity (you'll be notified)
  • With Your Consent: When you explicitly authorize us to share specific information

4. Data Storage and Security

4.1 Storage Location

Your data is stored securely in our PostgreSQL database hosted on secure cloud infrastructure.

4.2 Security Measures

We implement industry-standard security measures:

  • Encryption of data in transit using TLS/SSL
  • Encryption of data at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms limiting who can view your data
  • Secure OAuth 2.0 token storage
  • Secure data centers with physical and digital protections

However, no system is 100% secure. We cannot guarantee absolute security but work continuously to protect your information.

5. Your Data Rights

You have the right to:

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your account and data (some data may be retained for legal compliance)
  • Portability: Export your data in a common format
  • Opt-Out: Unsubscribe from marketing emails anytime
  • Revoke OAuth Access: Disconnect Google integration at any time through your account settings

To exercise these rights, contact us at customerservice@zept-ai.com

6. Data Retention

We retain your data:

  • Active Accounts: As long as your account is active
  • Deleted Accounts: Up to 90 days after deletion (for recovery purposes), then permanently deleted
  • Legal Requirements: Certain financial records may be retained longer for tax/legal compliance

7. Cookies and Tracking

We use cookies to:

  • Keep you logged in
  • Remember your preferences
  • Analyze how you use Zept

You can disable cookies in your browser, but some features may not work properly.

8. Third-Party Links

Zept may contain links to external websites. We're not responsible for their privacy practices. Please review their policies before sharing information.

9. Children's Privacy

Zept is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has provided information, contact us immediately.

10. International Users

Zept is based in Indonesia. If you are accessing our services from outside Indonesia, please be aware that your information may be transferred to, stored, and processed in Indonesia.

By using Zept, you consent to this transfer.

If you require your data to be hosted in a specific country due to regulatory or business needs, custom hosting options are available upon request.

11. Compliance with Indonesian Law

This Privacy Policy complies with:

  • UU PDP (Personal Data Protection Law No. 27 of 2022)
  • UU ITE (Electronic Information and Transactions Law No. 11 of 2008, as amended)

12. Changes to This Policy

We may update this Privacy Policy periodically. We'll notify you of significant changes via email or platform notification. Continued use after changes means you accept the updated policy.

13. Contact Us

Questions about this Privacy Policy?

Email: customerservice@zept-ai.com