Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last Updated: December 9, 2025

1. Introduction

Welcome to Zamili.ai ("we," "our," or "us"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information. This Privacy Policy explains our practices regarding data collection, processing, and your rights concerning your personal data.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

We collect several types of information from and about users of our service:

2.1 Information You Provide Directly

  • Account Information: Name, email address, password, and other registration details when you create an account
  • Profile Information: Any additional information you choose to provide in your profile
  • Communication Data: Messages, comments, and other communications you send through our platform
  • Payment Information: Billing address, payment method details (processed securely through third-party payment processors)

2.2 Information Collected Automatically

  • Usage Data: Information about how you access and use our service, including pages visited, time spent, click patterns, and navigation paths
  • Device Information: IP address, browser type and version, device type, operating system, device identifiers, and mobile network information
  • Log Data: Server logs, including access times, dates, and pages viewed
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar tracking technologies to track activity and store certain information

2.3 Information from Third-Party Services

  • Instagram/Facebook Data (Meta Platforms): When you connect your Instagram or Facebook account, we may collect:
    • Account information (username, profile picture, follower count, post count)
    • Posts and media content
    • Comments and messages (when you authorize us to automate responses)
    • Analytics and insights data (engagement metrics, reach, impressions)
    • Facebook Page ID and Instagram Business Account ID
    • Access tokens and refresh tokens (stored securely and encrypted)
    • Token expiry dates

    This data is collected through Meta's OAuth 2.0 API in accordance with Meta's Platform Terms and your explicit authorization.

  • Gmail/Google Data: When you connect your Gmail account, we may collect:
    • Email address associated with your Google account
    • Gmail profile information (name, email address)
    • Access tokens and refresh tokens (stored securely and encrypted)
    • Token expiry dates
    • Email sending history (when you use email automation features)

    This data is collected through Google's OAuth 2.0 API in accordance with Google's API Services User Data Policy and your explicit authorization. We only access your Gmail account to send emails on your behalf through our automation workflows.

  • Social Media Platforms: Data you choose to share from other social media platforms you connect

2.4 Workflow and Automation Data

  • Workflow configurations and automation rules you create
  • Webhook data received from Meta (Instagram/Facebook) platforms
  • Generated links and tracking data
  • Email templates, sending history, and email automation logs
  • Gmail account configurations and email sending records

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

  • To provide, maintain, and improve our services
  • To process your registration and manage your account
  • To authenticate users and prevent unauthorized access
  • To execute workflow automations you configure (e.g., replying to comments, sending DMs, creating links)
  • To track and analyze link clicks and engagement metrics

3.2 Communication

  • To send you service-related notifications and updates
  • To respond to your inquiries, comments, and support requests
  • To send you marketing communications (with your consent, which you can opt-out of at any time)
  • To deliver automated messages through workflows you configure

3.3 Analytics and Improvement

  • To analyze usage patterns and trends
  • To monitor and improve service performance
  • To develop new features and functionalities
  • To provide analytics dashboards and insights

3.4 Security and Compliance

  • To detect, prevent, and address technical issues and security threats
  • To comply with legal obligations and enforce our terms of service
  • To protect the rights, property, and safety of our users and others

3.5 Personalization

  • To personalize your experience and content
  • To remember your preferences and settings
  • To provide recommendations and tailored content

4. Data Processing and Legal Basis

We process your personal data based on the following legal grounds:

  • Consent: When you provide explicit consent (e.g., connecting social media accounts, receiving marketing emails)
  • Contract Performance: To fulfill our contractual obligations and provide the services you request
  • Legitimate Interests: To improve our services, ensure security, and prevent fraud
  • Legal Obligations: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

5.1 Service Providers

We may share information with third-party service providers who perform services on our behalf, such as:

  • Cloud hosting and infrastructure providers
  • Payment processors
  • Email service providers
  • Analytics and monitoring services

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Meta Platforms (Instagram/Facebook)

When you connect your Instagram or Facebook account, we interact with Meta's APIs to:

  • Retrieve your account information and content
  • Send automated replies to comments and DMs (as configured in your workflows)
  • Access analytics and insights data
  • Process webhook notifications for new comments, DMs, and other events

This is done in accordance with Meta's Platform Terms, Meta's Data Use Policy, and your explicit authorization. We comply with Meta's webhook requirements for deauthorization and data deletion requests.

5.3 Google/Gmail Services

When you connect your Gmail account, we interact with Google's Gmail API to:

  • Send emails on your behalf through automation workflows
  • Access your email address for account identification
  • Manage OAuth tokens for secure API access

This is done in accordance with Google's API Services User Data Policy, Google's OAuth 2.0 requirements, and your explicit authorization. We only use the Gmail API to send emails as configured in your workflows - we do not read, modify, or delete your emails.

Google OAuth Scopes Used:

  • https://www.googleapis.com/auth/gmail.send - Permission to send emails on your behalf
  • https://www.googleapis.com/auth/userinfo.email - Permission to access your email address for account identification

5.4 Legal Requirements

We may disclose your information if required by law, legal process, or government request, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Prevent illegal activities or security threats
  • Protect the safety of users or the public

5.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: Data transmitted between your device and our servers is encrypted using SSL/TLS
  • Access Controls: Access to personal data is restricted to authorized personnel only
  • Secure Storage: Sensitive data, including access tokens, is encrypted at rest
  • Regular Security Audits: We conduct regular security assessments and updates
  • Authentication: Strong password requirements and secure authentication mechanisms

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain security and prevent fraud

When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal purposes.

8. Your Rights and Choices

You have the following rights regarding your personal information:

8.1 Access and Portability

  • Request access to your personal data
  • Request a copy of your data in a portable format

8.2 Correction and Updates

  • Update or correct your account information through your dashboard
  • Request correction of inaccurate data

8.3 Deletion

  • Request deletion of your personal data (see Section 9 below)
  • Delete your account through your account settings

8.4 Objection and Restriction

  • Object to processing of your data for certain purposes
  • Request restriction of processing in certain circumstances

8.5 Withdraw Consent

  • Withdraw consent for data processing where consent is the legal basis
  • Disconnect social media accounts (Instagram/Facebook) at any time through your dashboard
  • Disconnect Gmail accounts at any time through your dashboard
  • Revoke OAuth permissions directly through Meta or Google platforms

8.6 Marketing Communications

  • Opt-out of marketing emails by clicking the unsubscribe link or contacting us
  • Manage communication preferences in your account settings

9. Requesting Data Deletion

How to Request Data Deletion

You have the right to request deletion of your personal data at any time. To submit a deletion request, please use one of the following methods:

Email: privacy@zamili.ai

Contact Form: Visit our Contact Page

In-App: Go to Account Settings → Privacy → Delete Account

What to Include in Your Request:

  • Your account email address or username
  • Confirmation that you want to delete your data
  • Any specific data categories you want deleted (if not requesting full deletion)

Processing Time: We will process your deletion request within 30 days. You will receive a confirmation email once your data has been deleted.

Note: Some information may be retained for legal or business purposes (e.g., transaction records, security logs) as required by law or our legitimate interests.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Authenticate your session
  • Analyze usage patterns and improve our services
  • Provide personalized content

You can control cookies through your browser settings. However, disabling cookies may affect your ability to use certain features of our service.

11. Children's Privacy

Our services are not intended for individuals under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete that information.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending you an email notification (for significant changes)
  • Displaying a notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@zamili.ai

General Inquiries: hello@zamili.ai

Support: Contact Form

Address: AIX Training Academy

15. Additional Information for EU Users (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

To exercise these rights, please contact us using the information provided in Section 14.

16. Additional Information for California Users (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us using the information provided in Section 14.