Legal

Privacy Policy

Last updated: March 21, 2026

1. Introduction

Zedrai (“we,” “us,” “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our AI-powered customer support platform (“Service”).

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, company name, and billing information. Payment details are processed and stored by our payment processor, Paddle — we do not store your credit card information directly.

Customer Support Data

When you use the Service, we process customer ticket data, chat messages, email content, and order information that flows through the platform. This data is processed solely to provide the Service (AI replies, analytics, ticket management).

AI Training Data

You may upload FAQs, product information, policies, and other knowledge base content to train your AI agent. This data is stored securely and used exclusively for your account's AI configuration.

Usage Data

We collect information about how you use the Service, including page views, feature usage, ticket volumes, AI response metrics, and performance data. This helps us improve the Service and provide analytics.

3. How We Use Your Information

  • Provide, maintain, and improve the Service.
  • Process AI responses to customer tickets on your behalf.
  • Generate analytics and reports about your support performance.
  • Process billing and payments through Paddle.
  • Send account-related notifications (usage alerts, billing, security).
  • Provide customer support to you as a subscriber.
  • Detect and prevent fraud, abuse, or violations of our Terms.

4. AI Processing

Customer ticket data is sent to third-party AI providers (Anthropic) to generate responses. This data is processed in accordance with our data processing agreements with these providers and is not used to train their general AI models. AI-generated responses are returned to the Service and stored as part of your ticket history.

5. Data Sharing

We do not sell your personal information. We share data only with:

  • Paddle — for payment processing and tax compliance.
  • Anthropic — for AI response generation (under data processing agreement).
  • Infrastructure providers — hosting and database services (Vercel, Supabase) for Service operation.
  • Third-party integrations — only the data necessary for integrations you explicitly connect (e.g., Shopify order data).

6. Data Retention

We retain your account data for as long as your account is active. Ticket data and AI interaction logs are retained for 12 months, after which they are automatically deleted. If you cancel your account, we delete your data within 30 days, except where retention is required by law (e.g., billing records for tax purposes).

7. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, access controls, regular security audits, and secure infrastructure. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access — request a copy of your personal data.
  • Rectification — correct inaccurate personal data.
  • Erasure — request deletion of your personal data.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing of your personal data.
  • Restriction — request restriction of processing.

To exercise these rights, contact us at privacy@zedrai.com. We will respond within 30 days.

9. Cookies

We use essential cookies for authentication and session management. We use analytics cookies to understand Service usage. You can manage cookie preferences through your browser settings. The live chat widget uses a session cookie to maintain conversation state.

10. International Transfers

Your data may be processed in countries outside the EU/EEA (e.g., where our infrastructure providers operate). We ensure appropriate safeguards are in place, including Standard Contractual Clauses and data processing agreements, to protect your data in accordance with GDPR requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days before they take effect. The “Last updated” date at the top of this page indicates when the policy was last revised.

12. Contact

For privacy-related questions or requests, contact us at privacy@zedrai.com.