Privacy Policy

Black Leaf Digital ("Company", "we", "us", or "our") operates the Zatabase platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service. Please read this policy carefully. By using the Service, you consent to the practices described in this policy.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, organization name, and password (stored as a one-way hash). If you sign in via a third-party provider, we receive the profile information you authorize that provider to share.

Payment Information

When you purchase credits or subscribe to a paid plan, our payment processor collects your billing name, billing address, and payment method details. We do not store full credit card numbers on our servers.

Usage Data

We automatically collect information about how you interact with the Service, including API calls made, queries executed, features used, credit consumption, error logs, and performance metrics.

Device and Connection Information

We collect your IP address, browser type and version, operating system, device identifiers, referring URLs, and pages visited within our console and documentation.

Your Data

We process data that you store in the Service (tables, collections, vectors, files, function code). This data is processed solely to provide the Service and is not used for any other purpose.

2. How We Use Your Information

• Provide and maintain the Service: Authenticate your identity, execute queries, store your data, process payments, and deliver the features you use.
• Improve the Service: Analyze usage patterns to improve performance, reliability, and user experience. Usage data may be aggregated and anonymized for this purpose.
• Communicate with you: Send transactional emails (account verification, password resets, billing receipts), service announcements, and security alerts. We may also send product updates and tips, which you can opt out of at any time.
• Security and fraud prevention: Detect, investigate, and prevent unauthorized access, abuse, and fraudulent activity.
• Legal compliance: Comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

3. Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

• Service providers: We use third-party vendors for payment processing, infrastructure hosting, email delivery, and analytics. These providers are contractually obligated to protect your information and may only use it to perform services on our behalf.
• Legal requirements: We may disclose your information if required to do so by law or in response to valid legal process (e.g., subpoena, court order, or government request).
• Business transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.
• With your consent: We may share information with third parties when you have given us explicit consent to do so.
• Aggregated or anonymized data: We may share aggregated or anonymized information that cannot reasonably be used to identify you.

4. Data Security

We implement industry-standard technical and organizational measures to protect your information, including encryption in transit (TLS 1.3) and at rest, access controls, regular security assessments, and incident response procedures. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your account information for as long as your account is active or as needed to provide the Service. Usage data and logs are retained for up to 24 months for analytics and security purposes. When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes (such as resolving disputes or enforcing our agreements).

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that we correct inaccurate or incomplete personal information.
• Deletion: Request that we delete your personal information, subject to certain exceptions.
• Portability: Request a machine-readable copy of your personal information.
• Restriction: Request that we restrict processing of your personal information in certain circumstances.
• Objection: Object to our processing of your personal information for direct marketing purposes.
• Opt-out of marketing: Unsubscribe from marketing communications at any time using the link in our emails or by contacting us.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and understand how you use the Service. The types of cookies we use include:

• Essential cookies: Required for the Service to function (authentication, session management). These cannot be disabled.
• Analytics cookies: Help us understand usage patterns and improve the Service. You can opt out of analytics cookies in your account settings.

We do not use advertising or third-party tracking cookies. We do not participate in cross-site tracking or targeted advertising networks.

8. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from those in your country. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses approved by relevant data protection authorities.

9. Children's Privacy

The Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at [email protected].

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page, updating the "Last updated" date, and, for significant changes, sending an email notification to the address associated with your account. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at [email protected].