GDPR Compliance

1. What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data privacy law drafted and passed by the European Union. It protects the personal data of European citizens and residents, giving them control over their personal information and establishing strict guidelines on how companies can store, process, and transfer that data.

2. Your Data Rights

Under the GDPR, individuals have specific sets of rights regarding their personal data:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate data.
• Right to Erasure (Right to be Forgotten): You can ask us to permanently delete your personal data.
• Right to Data Portability: You can request a digital copy of your data to transfer to another service.

To exercise any of these rights, simply email us at the address at the bottom of this page.

3. Data Processing and Storage

As an AI infrastructure platform, ZinoDesk acts as a Data Processor on behalf of our users who embed widgets on their sites (who act as Data Controllers).

• We only host data on secure, SOC 2 compliant, tier-1 cloud providers (AWS and Supabase).
• All conversational transcripts and uploaded knowledge base documents are strictly encrypted.
• We do not voluntarily train open, public baseline AI models using your private conversational data.

4. Sub-processors

To deliver our services effectively, we rely on heavily audited third-party service providers ("sub-processors"). This includes hosting companies (AWS, Supabase, Vercel), payment gateways (Paddle, Stripe), and trusted Large Language Model APIs required for generative capabilities. We hold Data Processing Agreements (DPAs) with every sub-processor.

Contacting our DPO

For all GDPR, DPA (Data Processing Agreement), or general data-privacy inquiries, our designated Data Protection Officer operations can be reached at:
Email: devshakil.ati@gmail.com