Legal

Privacy Policy

Last updated: May 15, 2026 · Effective immediately

1. Who We Are

Zentra ("we", "us", "our") is an AI-powered financial data query platform. This Privacy Policy explains what personal data we collect, how we use it, and the choices you have. By using the Service you agree to the practices described here.

2. Information We Collect

We collect information in three ways:

Information you provide directly

  • Account details — name, email address, and profile photo when you sign in via Google
  • Database connection credentials you enter in Settings (stored encrypted in Firestore)
  • Files you upload (Excel/CSV) for analysis
  • Messages you send via the contact form

Information collected automatically

  • Query text and responses, to power history and caching
  • Usage metrics — query count, latency, cache hit rate
  • Browser and device information for security and error diagnostics
  • IP address and approximate location

Information from third parties

  • Authentication data from Google via Firebase Auth
  • Payment status (not card numbers) from Razorpay

3. How We Use Your Information

PurposeData used
Provide and operate the ServiceAccount details, queries, database credentials
Billing and subscription managementEmail, payment status from Razorpay
Query history and cachingQuery text, responses, timestamps
Security and fraud preventionIP address, device info, usage patterns
Product improvementAggregated, anonymised usage metrics
Customer supportContact form messages, account info

We do not use your queries or database contents to train AI models, and we do not sell your data to any third party.

4. Data Sharing

We share data only with the following third-party services, strictly to operate the platform:

  • Firebase / Google — authentication and data storage
  • Anthropic — AI query processing (your queries are sent to Claude API)
  • Razorpay — payment processing
  • Render — backend hosting
  • Vercel — frontend hosting
  • Resend — transactional email delivery

We may also disclose information if required by law, regulation, or valid legal process, or to protect the rights and safety of our users.

5. Data Retention

We retain your account data for as long as your account is active. Query history is retained for up to 12 months and can be cleared on request. Uploaded files (Excel/CSV) are stored only for the duration of your session and deleted thereafter. Database credentials are deleted immediately when you disconnect a database or close your account.

Billing records are retained for 7 years as required by applicable financial regulations.

6. Security

We take security seriously. Measures we use include:

  • All data in transit is encrypted via TLS/HTTPS
  • Database credentials are encrypted at rest in Firestore
  • Authentication is handled by Firebase, which enforces industry-standard security
  • API access requires valid Firebase ID tokens; all endpoints are rate-limited
  • SQL queries run in read-only mode — we cannot modify your database

No system is completely secure. If you believe your account has been compromised, contact us immediately.

7. Your Rights

Depending on where you are located, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Object to or restrict certain processing
  • Withdraw consent where processing is based on consent

To exercise any of these rights, contact us via the contact form. We will respond within 30 days.

8. Cookies & Local Storage

We use a firebase-token cookie to maintain your authenticated session. This is a strictly necessary cookie — the Service cannot function without it. We do not use tracking or advertising cookies. No third-party analytics scripts are loaded.

9. Children's Privacy

Zentra is not directed at children under 18. We do not knowingly collect personal data from minors. If you believe a minor has created an account, please contact us and we will delete the account promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via an in-app notice at least 7 days before they take effect. The "Last updated" date at the top of this page always reflects the most recent revision.


Contact

For privacy-related questions, data requests, or concerns, please use our contact form. We aim to respond to all privacy requests within 30 days.