← Back to homeZenBuild

Legal

Privacy Policy

Last updated: June 23, 2026

This Privacy Policy explains how ZenBuild (“ZenBuild,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you use our website, application, and related services (collectively, the “Service”). By using ZenBuild, you acknowledge the practices described here. Please also read our Terms of Service.

1. Information we collect

Account and profile information

When you register or sign in, we collect information such as your name, email address, profile image (if provided by an OAuth provider), and authentication identifiers. If you sign in with Google or GitHub, we receive basic profile details permitted by your provider settings.

Workspace and product data

We process content you and your teammates submit to ZenBuild, including organization and project names, feature requests, PRDs, tasks, comments, workflow status, billing plan selections, and audit events related to workspace activity.

GitHub and integration data

If you connect GitHub, we may receive repository metadata, pull requests, diffs, review comments, installation identifiers, and webhook events needed to provide development and review features. We access only the data authorized by the permissions you grant.

Usage, device, and log data

We automatically collect technical information such as IP address, browser type, device identifiers, pages viewed, timestamps, and diagnostic logs. We use this data to secure the Service, troubleshoot issues, understand usage, and improve performance.

Payment information

Paid subscriptions are processed by our payment provider (e.g., Razorpay). We receive billing status, plan tier, and transaction references, but we do not store full payment card numbers on our servers.

2. How we use information

We use collected information to:

  • Provide, maintain, and improve the Service.
  • Authenticate users, manage sessions, and enforce workspace access controls.
  • Send transactional messages such as verification codes, invitations, security alerts, and service announcements.
  • Run AI-assisted workflows you request, including clarification, PRD generation, task planning, code review, and release readiness analysis.
  • Process subscriptions, enforce plan limits, and manage credits.
  • Detect, prevent, and respond to fraud, abuse, and security incidents.
  • Comply with legal obligations and enforce our Terms.

3. AI processing

When you invoke AI features, relevant portions of your workspace content (such as feature descriptions, PRDs, tasks, and code diffs) may be transmitted to AI model providers to generate outputs. We configure providers to process data for inference purposes and do not use your private workspace content to train public models without your consent. AI outputs may be stored in your workspace so you can review and edit them.

4. How we share information

We do not sell your personal information. We may share information:

  • With your workspace members — content you submit is visible to others in your organization according to role and product settings.
  • With service providers — such as hosting (e.g., Vercel), database (e.g., Neon), email delivery (e.g., Resend), analytics, error monitoring, payment processing, AI inference, and background job infrastructure (e.g., Inngest), under contracts that limit their use of data.
  • With GitHub — when you connect repositories or post review comments via our GitHub App, as directed by your actions.
  • For legal reasons — if required by law, regulation, legal process, or to protect rights, safety, and security.
  • In a business transfer — if we are involved in a merger, acquisition, or asset sale, subject to continued protection of your information.

5. Cookies and similar technologies

We use cookies and similar technologies to keep you signed in, remember workspace preferences, protect against cross-site request forgery, and measure product usage. You can control cookies through your browser settings, but disabling essential cookies may prevent you from using authenticated features.

6. Data retention

We retain information for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. When you delete content or close an account, we delete or anonymize data within a reasonable period, except where retention is required by law or legitimate business needs (such as security logs and billing records).

7. Security

We use industry-standard safeguards including encryption in transit, access controls, org-scoped authorization, and monitoring. No method of transmission or storage is 100% secure. You are responsible for safeguarding credentials and reviewing who has access to your workspaces and connected repositories.

8. International transfers

We may process and store information in countries other than where you live. Where required, we implement appropriate safeguards for cross-border transfers consistent with applicable law.

9. Your rights and choices

Depending on your location, you may have the right to:

  • Access, correct, or delete personal information we hold about you.
  • Object to or restrict certain processing activities.
  • Export workspace data you control.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a supervisory authority.

To exercise these rights, contact privacy@zenbuild.app. We may need to verify your identity before fulfilling a request.

10. Children

ZenBuild is not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will take appropriate steps to delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email. The “Last updated” date at the top indicates when this policy was last revised.

12. Contact us

For privacy questions or requests, email privacy@zenbuild.app.