Your Privacy Matters

1.1 Account Information

When you create an account, we collect:

• Name and email address
• Company name and role (optional)
• Password (encrypted and never stored in plain text)
• Profile preferences and settings

1.2 Content Data

To provide our AI documentation services, we process:

• Screen recordings and videos you upload
• Generated documentation and SOPs
• Comments, annotations, and edits you make
• Metadata associated with your content

1.3 Usage Information

We automatically collect:

• Device information (browser, operating system)
• IP address and general location
• Usage patterns and feature interactions
• Performance and error logs

2.1 Service Provision

• Process your videos to generate documentation
• Provide AI-powered analysis and insights
• Enable collaboration and sharing features
• Maintain and improve service performance

2.2 Communication

• Send service updates and notifications
• Provide customer support
• Share product announcements (with your consent)
• Respond to your inquiries and feedback

2.3 Legal Basis (GDPR)

We process your data based on:

• Contract performance: To provide the services you've subscribed to
• Legitimate interests: To improve our services and prevent fraud
• Consent: For marketing communications (where required)
• Legal obligations: To comply with applicable laws

We do not sell your personal data. We may share information in these limited circumstances:

3.1 Service Providers

We work with trusted third-party providers for:

• Cloud hosting and storage (AWS, Google Cloud)
• Payment processing (Stripe)
• Analytics and monitoring (anonymized data only)
• Customer support tools

3.2 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes or government requests
• Protect our rights, property, or safety
• Prevent fraud or security threats
• Enforce our Terms of Service

We implement comprehensive security measures:

4.1 Technical Safeguards

• AES-256 encryption for data at rest
• TLS 1.3 encryption for data in transit
• Regular security audits and penetration testing
• Multi-factor authentication for accounts
• Isolated processing environments for AI workloads

4.2 Organizational Measures

• Employee background checks and security training
• Role-based access controls
• Incident response procedures
• Regular security awareness training

You have the following rights regarding your personal data:

5.1 Access and Portability

• Request a copy of your personal data
• Export your content and documentation
• Receive data in a machine-readable format

5.2 Correction and Deletion

• Update or correct your account information
• Delete specific content or your entire account
• Request erasure of your personal data

5.3 Control and Consent

• Opt out of marketing communications
• Restrict processing of your data
• Object to certain uses of your information
• Withdraw consent where applicable

To exercise these rights, contact us at privacy@getzarta.com

6.1 Essential Cookies

We use necessary cookies for:

• Authentication and session management
• Security and fraud prevention
• Basic functionality and preferences

6.2 Analytics Cookies

With your consent, we use analytics cookies to:

• Understand how you use our service
• Improve user experience and performance
• Measure feature adoption and usage patterns

You can manage cookie preferences in your browser settings or through our cookie consent banner.

7.1 Active Accounts

We retain your data while your account is active and for the duration of your subscription.

7.2 Account Deletion

After account deletion:

• Personal data is deleted within 90 days
• Content and documentation are permanently removed
• Some data may be retained for legal compliance
• Anonymized usage data may be retained for analytics

7.3 Legal Requirements

We may retain certain data longer when required by law, for fraud prevention, or to resolve disputes.

Zarta is based in Poland (EU). Your data may be processed in other countries where our service providers operate. We ensure adequate protection through:

• EU Standard Contractual Clauses
• Adequacy decisions by the European Commission
• Certification schemes and codes of conduct
• Binding corporate rules where applicable

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately at privacy@getzarta.com.

We may update this Privacy Policy from time to time. When we make changes:

• We'll notify you via email or through the service
• We'll update the "Last updated" date at the top
• Material changes will be highlighted clearly
• You'll have the opportunity to review changes before they take effect

If you have questions about this Privacy Policy or how we handle your data, please contact us: