ZM API
ZM API

ZM API Privacy Policy

Last Updated: January 27, 2025

This Privacy Policy explains how ZM API (“we”, “us”, “our”) collects, uses, shares, and protects information in connection with our websites, dashboard, and API services (“Services”). By using the Services, you agree to this Policy and our Terms of Service.

  1. Information We Collect.
    1. Account & Billing Data: name, email, company info, billing address, plan details. Payment details are processed by PCI-compliant providers (e.g., Stripe, PayPal); we do not store full card numbers.
    2. Payment Processing: card and wallet data are collected and processed directly by our third-party payment processors (e.g., Stripe, PayPal) under their security and PCI-DSS controls; we only receive limited tokens and billing status.
    3. Authentication Data: hashed passwords, API keys, OAuth tokens you provide to access third-party platforms.
    4. Usage & Logs: requests, headers, IP, user agent, timestamps, error and performance metrics for security, support, and analytics.
    5. Cookies & Similar Tech: session cookies and analytics cookies to maintain login state and improve the product. You can manage cookies via your browser.
    6. Support Data: information you share in tickets, email, or chat when contacting us.
  2. How We Use Information.
    1. Provide, operate, secure, and improve the Services.
    2. Authenticate users, manage API keys, and enforce rate limits.
    3. Process payments and invoicing through our processors.
    4. Detect, prevent, and investigate fraud, abuse, or security incidents.
    5. Provide support, notify you about changes, and send service-related communications.
    6. Generate aggregated and de-identified analytics to enhance performance and reliability.
  3. Legal Bases (where applicable). We rely on contract performance (providing the Services), legitimate interests (security, product improvement), and consent (where required, e.g., certain cookies or marketing) as appropriate.
  4. Sharing & Disclosures.
    1. Service Providers: infrastructure, monitoring, analytics, email, and payment processors (e.g., Stripe, PayPal) under data protection agreements.
    2. Compliance & Safety: when required by law or to protect the rights, property, or safety of users, the public, or ZM API.
    3. Business Transfers: in connection with a merger, acquisition, or asset sale, subject to continued protections consistent with this Policy.
    4. We do not sell personal data to third parties.
  5. International Transfers. Data may be processed in countries where we or our providers operate. We apply appropriate safeguards (such as standard contractual clauses) when required.
  6. Data Retention. We retain personal data only as long as needed for the purposes above, to comply with legal obligations, or to resolve disputes. API logs are generally kept for a limited operational period unless longer retention is required for security, compliance, or troubleshooting.
  7. Security. We use administrative, technical, and physical safeguards (encryption in transit, access controls, key rotation, logging, backups). Third-party payment processors apply their own PCI-DSS controls to billing data. No system is perfectly secure; please keep your credentials and API keys confidential and notify us of any suspected compromise.
  8. Your Choices & Rights. Subject to applicable law, you may request access, correction, deletion, restriction, or export of your personal data. You can also object to certain processing or withdraw consent where we rely on it. Contact us using the details below.
  9. Cookies & Tracking. Most browsers let you refuse or delete cookies. Disabling cookies may affect session continuity and some features.
  10. Children. The Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided data, contact us to delete it.
  11. Third-Party Links. Our Services may link to external sites. We are not responsible for their privacy practices. Review their policies before providing data.
  12. Changes to This Policy. We may update this Policy from time to time. Material changes will be communicated via dashboard notice or email where appropriate. Continued use after the effective date means you accept the updated Policy.
  13. Contact & Data Protection Officer. For privacy questions or requests, email [email protected]. To reach our Data Protection Officer, email [email protected].