Privacy Policy

1. Introduction

Welcome to ZEROCODE ("Company," "we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered mobile app development platform and related services (collectively, the "Service").

This Privacy Policy applies to information we collect through our website at zerocode.com, our web application, mobile applications, and any other services that link to this policy.

Important: By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when using our Service:

Account Information: Name, email address, password (encrypted), profile picture
Profile Data: Professional information, preferences, and settings you choose to provide
Payment Information: Billing address, payment method details (processed securely by our payment processors - we do not store full card numbers)
Project Content: Prompts, code, files, and other content you create or upload
Communications: Messages, feedback, and correspondence with our support team
Survey Responses: Information provided in surveys, feedback forms, or research studies

2.2 Information Collected Automatically

When you access our Service, we automatically collect certain technical information:

Device Information: Device type, operating system, browser type and version, device identifiers
Log Data: IP address, access times, pages viewed, referring URL, clickstream data
Usage Data: Features used, actions taken, session duration, interaction patterns
Location Data: General geographic location based on IP address (not precise GPS)
Performance Data: Error logs, crash reports, diagnostic data

2.3 AI Interaction Data

Our AI-powered features collect specific data to function properly:

Prompts and Instructions: Text inputs you provide to our AI systems
Generated Content: Code, designs, and outputs created by our AI
Feedback Data: Your ratings and feedback on AI-generated content
Context Data: Project context necessary for AI to generate relevant outputs

2.4 Information from Third Parties

We may receive information about you from third-party sources:

Social Login Providers: If you sign in using Google, GitHub, or other providers, we receive your public profile information
Analytics Partners: Aggregated usage and demographic data
Payment Processors: Transaction confirmation and fraud prevention data

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

Provide, operate, and maintain the Service
Process and complete transactions
Generate AI-powered code and content based on your inputs
Store and manage your projects and files
Enable collaboration features

3.2 Service Improvement

Analyze usage patterns to improve features and user experience
Train and improve our AI models using aggregated, anonymized data
Develop new products, services, and features
Conduct research and analytics

3.3 Communication

Send transactional emails (receipts, confirmations, security alerts)
Provide customer support and respond to inquiries
Send product updates and announcements (with opt-out option)
Send marketing communications (with consent where required)

3.4 Security and Compliance

Detect, prevent, and address fraud, abuse, and security issues
Monitor and enforce our Terms of Service
Comply with legal obligations and respond to lawful requests
Protect the rights, property, and safety of our users and the public

4. Legal Basis for Processing (EEA/UK Users)

If you are in the European Economic Area (EEA) or United Kingdom (UK), we process your personal data based on the following legal grounds:

Contract Performance: Processing necessary to provide our Service to you
Legitimate Interests: Processing for our legitimate business interests (security, improvement, analytics) where not overridden by your rights
Consent: Processing based on your explicit consent (e.g., marketing communications)
Legal Obligation: Processing required to comply with applicable laws

5. Data Sharing and Disclosure

We do not sell your personal information. We only share your data as described below.

5.1 Service Providers

We share information with trusted third-party service providers who assist us in operating the Service:

Cloud hosting and infrastructure providers
Payment processors and fraud prevention services
Analytics and monitoring services
Customer support and communication tools
AI model providers (for processing your requests)

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information when required by law, such as in response to a subpoena, court order, or other governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5.3 Business Transfers

If we are involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.

5.4 With Your Consent

We may share your information for other purposes with your explicit consent.

6. Third-Party Services

Our Service integrates with and uses the following third-party services:

Service	Purpose	Data Shared
Supabase	Authentication, Database	Account data, Project data
OpenAI	AI Code Generation	Prompts, Context data
Vercel	Hosting, Edge Functions	Technical logs, IP addresses
Razorpay/Stripe	Payment Processing	Payment details, Billing info
Google Analytics	Analytics	Usage data, Device info

Each third-party service has its own privacy policy governing their use of your data. We encourage you to review their policies.

7. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes described in this policy:

Data Type	Retention Period
Account Information	Duration of account + 30 days after deletion
Project Data	Duration of account + 30 days after deletion
Payment Records	7 years (legal/tax requirements)
Usage Logs	90 days
Support Tickets	3 years after resolution
AI Interaction Logs	90 days (anonymized for training)

8. Data Security

We implement comprehensive security measures to protect your data:

Technical Safeguards

Encryption: TLS 1.3 for data in transit; AES-256 for data at rest
Authentication: Secure password hashing (bcrypt), optional 2FA
Access Control: Row-level security, role-based access controls
Infrastructure: SOC 2 Type II compliant cloud providers
Monitoring: Real-time intrusion detection and security monitoring

Organizational Safeguards

Employee background checks and confidentiality agreements
Security awareness training for all team members
Incident response procedures and breach notification protocols
Regular security audits and penetration testing

Note: While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data ("right to be forgotten")
Portability: Request a machine-readable copy of your data
Restriction: Request restriction of processing in certain circumstances
Objection: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@just0code.com. We will respond to your request within 30 days.

10. GDPR Compliance (EEA/UK Users)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

Right to lodge a complaint with a supervisory authority
Right to receive information about automated decision-making
Right not to be subject to solely automated decisions with legal effects

Data Controller

ZEROCODE acts as the data controller for personal data collected through the Service. For data processing inquiries, contact our Data Protection Officer at dpo@just0code.com.

11. CCPA Compliance (California Residents)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

Right to Know: Request information about categories and specific pieces of personal information collected
Right to Delete: Request deletion of your personal information
Right to Opt-Out: Opt out of the "sale" of personal information (we do not sell personal information)
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

To submit a CCPA request, contact us at privacy@just0code.com or call our toll-free number.

Categories of Personal Information Collected

In the past 12 months, we have collected the following categories: Identifiers, Commercial Information, Internet Activity, Geolocation Data, and Professional Information.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your activity:

Types of Cookies We Use

Essential Cookies: Required for the Service to function (authentication, security)
Functional Cookies: Remember your preferences and settings
Analytics Cookies: Help us understand how you use the Service
Marketing Cookies: Track effectiveness of our marketing (with consent)

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse all cookies or indicate when a cookie is being sent. Note that disabling cookies may affect some functionality of the Service.

Do Not Track

We currently do not respond to "Do Not Track" browser signals. We will update this policy if we adopt a DNT standard in the future.

13. Children's Privacy

Our Service is not intended for individuals under the age of 16 (or 13 in the United States). We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will delete such information immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@just0code.com.

14. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your country.

When we transfer data internationally, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with all service providers
Ensuring recipients are in countries with adequate data protection

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

We will notify you of any material changes by:

Posting the new Privacy Policy on this page
Updating the "Last updated" date at the top
Sending an email notification for significant changes
Displaying a prominent notice on our Service

Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Privacy Inquiries

Email: privacy@just0code.com

Data Protection Officer

Email: dpo@just0code.com

Mailing Address

ZEROCODE
Attn: Privacy Team
[Address will be updated]

Support

Contact Form

Table of Contents