Privacy Policy

1. About Ziplit

Ziplit is an AI infrastructure platform that provides APIs and tools for creating programmatic email inboxes, parsing emails and attachments, and deploying AI agents to automate workflows. Developers use Ziplit to build, manage, and operate inbox automation systems that transform unstructured email data into structured, auditable actions.

2. Controller

Ziplit is the data controller for Personal Data collected through our websites and platform, unless otherwise specified. For any questions or privacy-related requests, contact: privacy@ziplit.ai.

3. Information We Collect

We collect information provided directly by users and developers, as well as technical data generated automatically when using our APIs or dashboard.

3.1. Information you provide

• Account information (name, email address, company, billing details).
• Developer credentials and API usage configuration data.
• Support requests, documentation feedback, or feature submissions.

3.2. Content processed through our infrastructure

Ziplit processes the email content, attachments, and metadata you send through the API to perform the services requested. For example, when your application uploads or routes an email to an AI agent, Ziplit temporarily stores and parses the content to produce the structured output defined by your configuration.

3.3. Automatically collected information

• API usage data (requests, response times, error logs).
• Device, connection, and diagnostic data (IP address, browser or SDK version, operating system).
• Aggregated analytics used to improve performance, security, and reliability.

4. How We Use Personal Data

We use Personal Data solely to provide, maintain, and improve Ziplit’s core functionality, including:

• Authenticating and managing developer accounts and API credentials.
• Processing and delivering email and attachment data through our APIs.
• Monitoring usage to ensure platform security, stability, and performance.
• Providing customer support and technical assistance.
• Complying with legal and regulatory obligations.

We do not use or sell customer email content for advertising, profiling, or model training.

5. Legal Basis for Processing (EEA/UK users)

If you are located in the EEA or UK, our legal bases for processing include:

• Performance of contract: providing the Ziplit services you or your organization requested.
• Consent: for optional integrations or data sharing features that require explicit permission.
• Legitimate interests: ensuring platform integrity, preventing abuse, and improving service performance, balanced against user rights.

6. Integrations and Third-Party Services

Ziplit may integrate with third-party services such as cloud providers, communication tools, or data storage platforms as authorized by the developer. When a user connects an integration, Ziplit accesses only the data required to perform the requested processing or automation. We do not connect to or access external systems without explicit user configuration.

7. Sharing & Disclosure

We do not sell Personal Data. We may share limited data as follows:

• Service providers that host infrastructure, logging, or analytics under strict data processing agreements.
• Authorized integrations configured by the developer or organization owner.
• Legal compliance where disclosure is required by law or to protect rights, safety, or property.
• Corporate transactions such as mergers or acquisitions, with appropriate notice to affected users.

8. AI, Model Training & Use of Inputs

Ziplit processes emails, attachments, and API payloads only to execute the instructions defined by your workflow. We do not use customer data to train our underlying AI models unless a separate written agreement is in place.

• Data processed through Ziplit is transient and stored only as necessary for delivery, debugging, or user-defined retention periods.
• Inputs and outputs are not shared with third parties or advertisers.
• Any optional model improvement programs will always require explicit, opt-in consent and will exclude customer-owned data by default.

9. Data Retention

We retain Personal Data only as long as necessary to provide the Service, comply with legal obligations, and maintain system integrity. Developers can define custom retention settings for their inboxes or agent logs via API or dashboard.

10. Your Rights

EEA/UK residents (GDPR/UK-GDPR): you may request access, correction, deletion, restriction, or portability of your Personal Data, and withdraw consent where applicable.

California residents (CCPA/CPRA): you may request access, deletion, or information about our data practices and opt-out of any sale or sharing (Ziplit does not sell data).

To exercise rights, contact privacy@ziplit.ai. We may verify your identity before completing a request.

11. Security

We implement administrative, technical, and organizational measures to safeguard Personal Data, including TLS encryption, access controls, and continuous monitoring. While no system is perfectly secure, Ziplit maintains incident response procedures and will notify users as required by law in the event of a breach.

12. International Transfers

Ziplit may store or process data in the United States or other countries. For EEA/UK users, we use appropriate safeguards such as Standard Contractual Clauses or equivalent legal mechanisms when transferring data internationally.

13. Children

Ziplit is not intended for individuals under 16 years of age (or older where required by local law). We do not knowingly collect data from minors. If such data is identified, we will delete it promptly.

14. Changes to this Policy

We may update this Privacy Policy from time to time. Changes will be posted here with an updated “Last updated” date, and material changes will be communicated via email or in-app notice.

15. How to Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our data practices, please contact:

Ziplit
Email: privacy@ziplit.ai
Address: Delaware, USA