Privacy Policy

This Privacy Policy explains how Zerolo ("we", "us", "our", or "Company") collects, uses, and protects your personal data when you use our AI reception service (the "Service"). We are committed to transparency and your data privacy rights under GDPR, UK Data Protection Act 2018, CCPA, and other applicable laws. Last updated: 2026-01-13 Effective date: 2026-01-13 For privacy-related questions or to exercise your data rights, contact us at: support@zerolo.ai

We collect personal data in the following ways: 1. Information You Provide: - Email address (when you contact our support) - Phone number (when provided during service use) - Name (optional, for conversation summaries) - Message content (when you use chat or voice features) 2. Information Collected Automatically: - IP address (for geolocation routing) - Browser type and device information - Conversation metadata (duration, timestamps) - Usage analytics (which features you use) - Session cookies (to maintain your preferences) - Turnstile verification data (for security) 3. From Third Parties: - Retell AI (voice/chat platform provider) - Turnstile (verification service) - Vercel Analytics (usage insights) - Your web hosting provider's logs

We collect your personal data through: 1. Direct collection: When you voluntarily provide information (name, email, phone during calls) 2. Automatic collection: Through cookies, analytics, and logs 3. From service providers: When you use our third-party integrations 4. Browser/device information: Standard web server logs You are never required to provide personal data to use the Service. However, some features (like conversation summaries) require minimal information to function.

We use your personal data for these legitimate purposes: 1. Service Provision: To provide and improve the AI reception service 2. Communication: To respond to support requests (support@zerolo.ai) 3. Service Quality: To analyze usage patterns and improve features 4. Security: To prevent fraud, abuse, and unauthorized access 5. Legal Compliance: To comply with applicable laws (GDPR, UK DPA, CCPA) 6. Geolocation: To route you to the correct regional service We do not sell, rent, or trade your personal data to third parties.

Data Protection Measures: - All data is transmitted via HTTPS encryption - Access controls restrict who can view personal data - We use industry-standard security protocols - Regular security audits and updates Data Retention: - Conversation records: Retained for 30 days for improvement purposes - Email/contact data: Retained until you request deletion - Session cookies: Automatically cleared after 30 days - Analytics data: Aggregated and anonymized after 90 days For deletion requests, contact: support@zerolo.ai

We share data only when necessary: 1. Service Providers (under data processing agreements): - Retell AI: Processes voice/chat conversations - Turnstile: Processes verification data - Vercel: Hosts and provides analytics - Upstash: Redis database for session management 2. Legal Requirements: - When required by law, court order, or government authority - To protect against fraud or security threats - To enforce our Terms of Service 3. We do NOT share data for marketing purposes 4. We do NOT sell data to third parties 5. We do NOT share data across domains without consent

Under GDPR, UK DPA 2018, and CCPA, you have the right to: 1. Right of Access: Obtain a copy of your personal data 2. Right to Correction: Correct inaccurate data 3. Right to Erasure: Request deletion ("right to be forgotten") 4. Right to Data Portability: Receive your data in a portable format 5. Right to Restrict Processing: Limit how we use your data 6. Right to Object: Object to certain data processing 7. Right to Lodge a Complaint: Contact your local data protection authority To exercise these rights, contact: support@zerolo.ai We will respond within 30 days (or as required by applicable law).

Zerolo operates globally. Your data may be processed in different jurisdictions. We ensure compliance with: - GDPR Standard Contractual Clauses for EU→non-EU transfers - UK DPA 2018 adequacy requirements - CCPA restrictions on international sharing If you are in the EU/UK and your data is transferred outside, we use appropriate safeguards as required by law.

Zerolo is not directed at children under 13. We do not knowingly collect data from children under 13. If we discover we have collected data from a child under 13, we will immediately delete it. Parents who believe their child's data has been collected should contact: support@zerolo.ai

We use cookies for: 1. Essential: Session management, geolocation override (required for service) 2. Functional: Remembering your preferences 3. Analytics: Understanding usage patterns You can disable cookies in your browser settings. However, some features may not work properly without essential cookies. See our Cookie Policy for detailed information.

We may update this Privacy Policy periodically. We will notify you of material changes by: - Posting the updated policy on this page - Updating the "Last updated" date - Sending email notification for major changes Your continued use of the Service constitutes acceptance of the updated policy.

For privacy questions, requests, or complaints, contact: - Email: support@zerolo.ai - Response time: Within 30 days For data protection authority complaints (EU/UK): - Contact your local Data Protection Authority - No fee required to file a complaint