Privacy Policy
Effective June 12, 2026
Zaxim ("Zaxim," "we," "us," or "our") respects your privacy. This Privacy Policy explains what information we collect when you use the Zaxim website and application (the "Service"), how we use it, who we share it with, and the choices you have. By using the Service, you agree to the terms of this Policy.
1. Information we collect
Information you give us
- Account: name, email address, password (handled by Clerk), profile photo if you upload one.
- Company & client data: business name, logo, contact details, industry, default terms, and similar profile information.
- Proposal content: the text, scope items, pricing, timelines, terms, and any other content you create or upload, including client names and emails you enter.
- Payment information: processed by Paddle.com Market Ltd. (our merchant of record). We do not store full card numbers; we receive only a token, the last four digits, brand, and expiration.
- Support messages: anything you send us by email or in the application.
Information collected automatically
- Usage data: pages visited, features used, clicks, and timestamps, via PostHog product analytics.
- Device & log data: IP address, user agent, browser, operating system, referring URL, error logs, request timing.
- Cookies & similar: session cookies for authentication (Clerk) and analytics identifiers (PostHog). You can block non-essential cookies in your browser; this may break some features.
- Share-link views: when a recipient opens a proposal share link, we record a basic read receipt — the time of each open, the recipient's IP address, IP-derived country, and browser/user agent — so the proposal's owner can see that, and when, their proposal was opened. We do not track time spent on the page, scroll depth, or which sections were read.
- E-signature audit: when a contract is signed, we record the signer's name, email, IP address, device/user agent, and timestamp, and seal them into a tamper-evident certificate (a SHA-256 fingerprint of the agreement). This audit data is embedded in the signed PDF and shared with both parties as legal proof of the signature, and is retained for as long as the contract record exists.
2. How we use your information
- provide and operate the Service: create accounts, render PDFs, store templates, deliver share links;
- process payments and manage subscriptions;
- generate AI drafts you request (your inputs are sent to our AI provider — see Section 4);
- send transactional email (sign-up confirmations, billing receipts, share notifications);
- analyze usage to improve features, fix bugs, and prioritize work;
- prevent fraud, enforce our Terms, and comply with legal obligations.
We do not sell your personal information. We do not use your proposal content to train any AI model.
3. Legal bases (for users in the EU/UK)
We process your information under the following legal bases: (a) contract — to deliver the Service you signed up for; (b) legitimate interests — to operate, secure, and improve the Service; (c) consent — for non-essential cookies and marketing; and (d) legal obligation — for tax, accounting, and regulatory requirements.
4. Sharing with service providers
We use carefully chosen third-party providers to run the Service. They process your information only on our instructions and under their own commitments to security and privacy:
- Clerk — authentication, account management.
- Supabase — Postgres database hosting.
- Vercel — application hosting and serverless functions.
- Cloudflare R2 — object storage for logos and uploaded files.
- Paddle — payment processing & merchant of record.
- Anthropic — AI draft generation (your prompt and proposal inputs are sent to Anthropic's API on your request).
- Resend — transactional email delivery.
- PostHog — product analytics.
We may also disclose information when required by law, to enforce our Terms, to protect the rights, property, or safety of Zaxim, our users, or the public, or in connection with a merger, acquisition, or sale of all or part of our business.
5. International transfers
Your information may be transferred to, stored in, and processed in countries other than your own, including the United States. By using the Service, you consent to such transfers.
6. Data retention
We retain your information for as long as your account is active and as needed to provide the Service. After account deletion, we retain limited records (e.g. billing history) for as long as required by law or to resolve disputes. Backup copies may persist for a short period after deletion.
7. Your rights
Depending on where you live, you may have the right to access, correct, export, or delete the personal information we hold about you, to restrict or object to certain processing, and to withdraw consent. To exercise these rights, email support@zaxim.app. We will respond within the timelines required by applicable law.
California residents may have additional rights under the CCPA/CPRA, including the right to know, delete, and opt out of the "sale" or "sharing" of personal information. We do not sell personal information.
8. Security
We use industry-standard measures to protect your information, including TLS in transit, encryption at rest where supported by our providers, scoped access tokens, and limited administrative access. No system is perfectly secure; if you believe your account has been compromised, contact us immediately.
9. Children
The Service is not intended for users under 18. We do not knowingly collect information from children. If you believe a child has provided us with personal information, contact us and we will delete it.
10. Changes to this Policy
We may update this Policy from time to time. We will update the effective date at the top of this page and, for material changes, notify you in the application or by email. Continued use of the Service after the changes take effect constitutes acceptance.
11. Contact
Questions or requests? Email support@zaxim.app.