Privacy Policy
Effective Date: June 14, 2026 | Version 2.1
Table of Contents
1. Introduction
Welcome to Gixo.ai, operated by Zencraft Consultancy Private Ltd. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered content operating system and related services (collectively, the "Service").
By accessing or using Gixo.ai, you agree to this Privacy Policy. If you disagree with any part of this policy, please do not use our Service.
2. Information We Collect
2.1 Information You Provide
Account Information: Name, email address, and authentication credentials
Profile Information: Company name, job title, industry, and preferences
Payment Information: Processed through Lemon Squeezy, the applicable marketplace provider for your purchase, and any other payment service provider used for that transaction
Communication Data: Support tickets, feedback, and correspondence
2.2 Information Collected Automatically
Usage Data: Features used, content generated, API calls, token consumption
Device Information: Browser type, operating system, device identifiers
Log Data: IP address, access times, pages viewed, referring URLs
Analytics Data: Performance metrics, error reports, user behavior patterns
2.3 Information from Third Parties
OAuth Providers: Basic profile information from Google, Microsoft, Facebook, or LinkedIn when you use social login
Payment Providers: Transaction confirmations, subscription status, and account-linking details from Lemon Squeezy or the marketplace/payment provider used for your purchase
2.4 Browser Extension (Send to Gixo)
If you install our Send to Gixo browser extension, the following applies in addition to the rest of this policy:
Page content you send: When you click the extension and choose to send a page, it reads the text — or your highlighted selection — of the tab you are viewing and transmits it to your authenticated Gixo account to create or analyze a document, the same as if you pasted it into Gixo. The extension activates only on your click and never reads pages in the background.
Anonymous usage events: It records minimal usage events — the page's domain, an approximate word count, and which Gixo product you selected — to help us understand how the extension is used. These never include the page's full URL, the page text, your name, or your email.
Local storage: The extension stores only your Gixo URL preference and a randomly generated anonymous installation identifier in your browser.
Single destination: The extension communicates solely with gixo.ai. We do not sell or share extension data with third parties.
3. How We Use Your Information
We use collected information for the following purposes:
Service Delivery
To provide, maintain, and improve our AI content generation services
Personalization
To customize content suggestions and maintain your brand voice profiles
Account Management
To manage authentication, subscriptions, and user preferences
Analytics & Security
To understand usage patterns, prevent fraud, and ensure security
3.5 AI Processing and Data Handling
API-Based Processing: External AI providers receive prompts and related inputs only to generate the outputs you request
Provider Controls: We rely on provider-specific contractual and product controls for retention and training restrictions, which may vary by provider and service path
No Model Training: Your content is never used to improve or train third-party AI models
Encrypted Transit: All data is encrypted in transit via TLS/SSL when sent to AI providers
5. Data Security
We implement industry-standard security measures including:
Encryption
• In transit (TLS 1.3)
• At rest (AES-256)
Authentication
• Email/password and OAuth login
• HttpOnly cookie-based sessions
Monitoring
• Security monitoring
• Access logging and alerting
Access Control
• Least privilege
• Regular reviews
5.5 Data Breach Notification
72-Hour Notification: Notify affected users within 72 hours of discovering a breach (GDPR requirement)
Email Notification: Send detailed breach notifications to your registered email address
Full Disclosure: Provide details of what data was affected, scope of the breach, and remediation steps
Immediate Action: Take immediate steps to contain the breach, secure systems, and prevent future incidents
Regulatory Reporting: Report to relevant authorities as required by GDPR, CCPA, and other applicable laws
Follow-Up: Provide ongoing updates and support to affected users throughout the incident response
6. Data Retention
We retain your information for as long as necessary to provide our Service and comply with legal obligations:
| Data Type | Retention Period | Why? |
|---|---|---|
| Active Content | Unlimited while account is active | Your work stays with you |
| Content After Cancellation | Up to 90 days | Export or reactivation support |
| Deleted Content Recovery | Varies by workflow and backup state | Recovery is not guaranteed after deletion or anonymization workflows begin |
| Account Data | Up to 90 days after cancellation | Reactivation support and account administration |
| Usage Logs & Analytics | 12 months | Service improvement and security |
| Payment Records | 8 years (minimal metadata) | Legal and tax compliance. Invoices and transaction records are maintained by Lemon Squeezy, the marketplace provider, or the payment service provider used for your purchase. |
7. Your Rights
Depending on your location, you may have the following rights:
Access
Request a copy of your personal data
Correction
Update or correct inaccurate information
Deletion
Request deletion of your personal data
Portability
Receive your data in machine-readable format
Restriction
Limit processing of your data
Objection
Object to certain uses of your data
To exercise these rights, contact us at privacy@gixo.ai.
7.5 California Privacy Rights (CCPA)
Your CCPA Rights:
Right to Know: Request disclosure of what personal information we collect, use, disclose, and sell (if any)
Right to Delete: Request deletion of your personal information (subject to certain exceptions)
Right to Opt-Out: Opt-out of the "sale" of your personal information (Note: We do NOT sell personal data)
Right to Non-Discrimination: Exercise your rights without discriminatory treatment
Right to Correct: Request correction of inaccurate personal information
Right to Limit Use: Request limitation of sensitive personal information use (if applicable)
We Do NOT Sell Your Personal Information
Gixo.ai does NOT sell, rent, or trade your personal information to third parties for monetary or other valuable consideration. We have never sold personal information in the past 12 months and do not plan to do so in the future.
How to Exercise Your CCPA Rights:
Email us at privacy@gixo.ai with "CCPA Request" in the subject line
We will verify your identity before processing your request
We will respond within 45 days (may extend to 90 days for complex requests)
There is no fee to exercise these rights
Authorized Agents: You may designate an authorized agent to submit a request on your behalf. The agent must provide written permission from you and verify their identity.
9. Children's Privacy
10. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes via email or through the Service. Your continued use after changes constitutes acceptance of the updated policy.
11. Contact Information
Zencraft Consultancy Private Ltd.
A/10, Nootan Nagar, First Floor,
Bandra West, Mumbai 400050
Maharashtra, India
General Inquiries: support@gixo.ai
Privacy Concerns: privacy@gixo.ai
Data Protection Officer: dpo@gixo.ai