Zapploy

Privacy Policy

Last updated: January 17, 2026

At Zapploy, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Email address, name, and password when you create an account
  • Waitlist Information: Email address and app preferences when you join our waitlist
  • Payment Information: Billing address and payment method details (processed securely by our payment processor, Stripe)
  • Preferences: Your scheduling rules, buffer preferences, communication style, and autonomy settings
  • Communications: Information you provide when contacting support or providing feedback

1.2 Information from Connected Services

When you connect third-party applications, we access only the data necessary to provide our Service:

  • Calendar Data: Event titles, times, locations, attendees, and descriptions to detect conflicts and manage your schedule
  • Email Data: Email metadata (sender, recipient, subject, timestamps) and content to extract tasks and provide inbox management
  • Task Data: Task lists, due dates, and completion status from connected task management apps
  • Contact Data: Contact names and email addresses to identify participants and suggest attendees
  • Travel Data: Itinerary information from travel apps to coordinate your schedule around trips

Each digital coworker only requests the specific permissions it needs. You can review and revoke permissions at any time in your account settings.

1.3 Automatically Collected Information

  • Device Information: Browser type, operating system, and device identifiers
  • Usage Data: Pages visited, features used, and actions taken within the Service
  • Log Data: IP address, access times, and referring URLs
  • Activity Logs: Records of all actions taken by digital coworkers on your behalf (viewable in your Activity Log)

2. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Sync your data across apps, detect conflicts, and perform actions on your behalf
  • Personalize Your Experience: Learn your preferences and apply them consistently
  • Improve the Service: Analyze usage patterns to enhance features and fix issues
  • Communicate with You: Send service updates, security alerts, and support messages
  • Process Payments: Handle subscription billing and prevent fraud
  • Comply with Legal Obligations: Meet legal requirements and respond to lawful requests

3. How We Share Your Information

We do not sell your personal information. We may share your information only in the following circumstances:

3.1 Service Providers

We work with trusted third-party service providers who assist us in operating the Service:

  • Stripe: Payment processing
  • Vercel: Hosting and infrastructure
  • PostHog: Product analytics (anonymized)
  • Resend: Transactional email delivery

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

3.2 Third-Party Integrations

When you connect third-party applications (Google, Microsoft, etc.), we send data back to these services as necessary to perform actions you request (e.g., creating calendar events, sending emails).

3.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

4. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: All data is encrypted in transit (TLS) and at rest
  • Access Controls: Strict access controls limit who can access your data
  • OAuth Tokens: We use OAuth 2.0 for third-party integrations; we never store your passwords for connected services
  • Regular Audits: We regularly review our security practices and infrastructure
  • Minimal Data Collection: We only collect data necessary to provide the Service

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5. Data Retention

We retain your data as follows:

  • Account Data: Retained while your account is active and for 30 days after deletion
  • Activity Logs: Retained for 90 days to enable undo functionality and audit trails
  • Connected Service Data: Cached temporarily to provide the Service; refreshed regularly from source
  • Analytics Data: Anonymized and aggregated data may be retained indefinitely for service improvement

You can request deletion of your data at any time. See "Your Rights" below.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a portable, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise these rights, contact us at privacy@zapploy.com. We will respond within 30 days.

7. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA:

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising privacy rights

We do not sell personal information. To exercise your CCPA rights, contact privacy@zapploy.com.

8. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland:

  • Legal Basis: We process your data based on contract performance (to provide the Service), legitimate interests (to improve the Service), and consent (where required)
  • Data Transfers: Your data may be transferred to and processed in the United States. We use appropriate safeguards such as Standard Contractual Clauses
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority

9. Cookies and Tracking

We use cookies and similar technologies to:

  • Keep you signed in to your account
  • Remember your preferences
  • Understand how you use the Service
  • Improve and personalize your experience

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service.

10. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 16, we will delete it promptly.

11. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we may also notify you by email.

Your continued use of the Service after any changes indicates your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@zapploy.com

Data Protection Officer: dpo@zapploy.com

See also our Terms of Service.