Privacy Policy

1. Introduction

Zidra AI, Inc. ("Zidra," "we," "us," or "our") operates the Zidra platform, an AI-powered assistant for construction companies. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at zidra.ai or use our services.

By accessing or using our services, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access the site or use our services.

2. Information We Collect

Information you provide directly:

• Name and email address when you sign up for early access or create an account
• Company name and business information
• Messages and queries you submit through the Zidra chat interface
• Information from third-party services you connect (QuickBooks, Procore, Google Calendar, etc.)

Information collected automatically:

• Device and browser information, IP address
• Usage data including pages visited, features used, and interaction patterns
• Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our services
• Process your requests and respond to your inquiries
• Connect to and retrieve data from your authorized third-party tools
• Improve our AI assistant and develop new features
• Send you updates about your account and our services
• Detect, prevent, and address technical issues or security threats
• Comply with legal obligations

4. Data from Connected Services

When you connect third-party services (such as QuickBooks, Procore, or Google Calendar), we access only the data necessary to provide our services. We use OAuth 2.0 for authentication and do not store your third-party passwords. Access tokens are encrypted at rest and can be revoked by you at any time by disconnecting the integration.

Data retrieved from connected services is stored securely, scoped to your company account, and is never shared with other customers or used to train AI models for other companies.

5. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.2+) and at rest, role-based access controls, and regular security audits. Our infrastructure is hosted on Vercel and Supabase with SOC 2 compliant data centers.

While we strive to use commercially acceptable means to protect your information, no method of transmission over the Internet or electronic storage is 100% secure.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service providers who assist in operating our platform (hosting, analytics, email)
• Legal authorities when required by law or to protect our rights
• Business transfers in connection with a merger, acquisition, or sale of assets

7. Data Retention

We retain your data for as long as your account is active or as needed to provide our services. If you request account deletion, we will remove your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

8. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing of your data
• Data portability
• Withdraw consent at any time

To exercise any of these rights, please contact us at admin@zidra.io.

9. Cookies

We use essential cookies to maintain your session and preferences. We may also use analytics cookies to understand how our website is used. You can control cookie preferences through your browser settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: