Skip to content
AIZona
Legal

Privacy Policy

Effective date: June 1, 2026

AIZona, Inc. (“AIZona,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you use the AIZona platform and related services (“Service”). By using the Service, you agree to the practices described in this Policy.

1. Data We Collect

We collect information in the following categories:

1.1 Information You Provide

  • Account information: name, email address, username, password (hashed), and profile details you choose to add.
  • Payment information: billing address and payment method details processed by our third-party payment processor (Stripe). We do not store full card numbers.
  • Agent & workspace content: prompts, agent definitions, uploaded files, and other content you create or submit to the Service.
  • Communications: messages you send us via support channels, email, or contact forms.

1.2 Information Collected Automatically

  • Usage data: pages visited, features used, agent run metrics, Credit consumption, and interaction logs.
  • Device & technical data: IP address, browser type, operating system, device identifiers, and referring URLs.
  • Log data: server logs, error reports, and performance telemetry.
  • Cookies: see Section 6 for our full Cookie Policy.

1.3 Information from Third Parties

  • OAuth profile data when you sign in with a third-party provider (e.g., GitHub, Google).
  • Analytics data from providers such as PostHog and Sentry used for product improvement and error tracking.

2. How We Use Your Data

We use the information we collect to:

  • Provide, operate, and improve the Service.
  • Process transactions, manage AIZ Credits, and fulfill Marketplace payouts.
  • Personalize your experience and surface relevant agents or features.
  • Send transactional emails (e.g., receipts, security alerts, password resets) and, where you have opted in, product updates and marketing communications.
  • Monitor for abuse, fraud, and violations of our Terms of Service.
  • Comply with applicable legal obligations and respond to lawful requests from authorities.
  • Conduct analytics and research to understand how the Service is used and to improve it.

3. Sharing Your Data

We do not sell your personal information. We may share your data in the following circumstances:

  • Service providers: trusted vendors who help us operate the platform (e.g., Stripe for payments, Sentry for error tracking, PostHog for analytics, cloud infrastructure providers). These parties are bound by data processing agreements.
  • Marketplace participants: limited information (e.g., public username, agent usage statistics) visible to other platform users per your privacy settings.
  • Legal compliance: when required by law, court order, or to protect the rights, property, or safety of AIZona, our users, or the public.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you of any such change.
  • With your consent: in any other circumstance where you have explicitly consented.

4. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

4.1 GDPR Rights (EEA, UK, Switzerland)

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your personal data (“right to be forgotten”), subject to legal retention obligations.
  • Restriction & Objection: request that we restrict processing of your data or object to certain processing activities.
  • Portability: receive your data in a structured, machine-readable format.
  • Withdrawal: withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.

Our lawful bases for processing include: contract performance, legitimate interests, legal obligations, and consent.

4.2 CCPA Rights (California Residents)

  • Know: request disclosure of the categories and specific pieces of personal information we collect, use, and share.
  • Delete: request deletion of your personal information, subject to certain exceptions.
  • Opt-out: we do not sell personal information. If this changes, you will have the right to opt out.
  • Non-discrimination: we will not discriminate against you for exercising your CCPA rights.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days (or as required by law).

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data is retained until you delete your account plus a 30-day grace period to allow recovery.
  • Transaction & billing records are retained for 7 years for tax and accounting compliance.
  • Agent run logs & telemetry are retained for 90 days by default, after which they are aggregated or deleted.
  • Security logs are retained for up to 12 months.

After account deletion, residual data in backups may persist for up to 90 days before full deletion.

6. Cookie Policy

We use cookies and similar technologies to operate and improve the Service. Cookie types we use:

  • Strictly necessary: required for authentication, security, and core platform functionality. Cannot be disabled.
  • Functional: remember your preferences (e.g., theme, language settings).
  • Analytics: help us understand how the Service is used (e.g., PostHog). These are anonymized where possible.
  • Performance: monitor Service performance and errors (e.g., Sentry).

Most browsers allow you to control cookies through their settings. Disabling cookies may affect Service functionality. We do not use cookies for cross-site advertising or sell cookie data to third parties.

7. Data Security

We implement industry-standard security measures to protect your personal information, including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. However, no method of transmission over the Internet is 100% secure. If you discover a security vulnerability, please report it responsibly to [email protected].

8. International Data Transfers

AIZona is based in the United States. If you access the Service from outside the US, your data may be transferred to and processed in the US, which may have different data protection laws than your country. For transfers from the EEA or UK, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms where required.

9. Children's Privacy

The Service is not directed to children under 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we learn we have collected data from a child without proper consent, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or a prominent in-app notice at least 14 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.

11. Contact Us

For privacy-related questions, requests to exercise your rights, or to reach our Data Protection Officer, contact us at:

AIZona, Inc.

Email: [email protected]

Incorporated in Delaware, USA

AIZona, Inc. · Last updated June 1, 2026

This policy applies to all personal information processed by AIZona in connection with the Service.