Privacy Policy

Effective Date: July 23, 2025 | Version 1.0

This Privacy Policy explains how Zencraft Consultancy Private Ltd. ("we," "our," or "us") collects, uses, and protects your information when you use Gixo.ai.

Table of Contents

1. Introduction

2. Information We Collect

3. How We Use Your Information

4. Information Sharing and Disclosure

5. Data Security

6. Data Retention

7. Your Rights

8. Cookies and Tracking

9. Children's Privacy

10. Changes to This Policy

11. Contact Information

1. Introduction

Welcome to Gixo.ai, operated by Zencraft Consultancy Private Ltd. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered content operating system and related services (collectively, the "Service").

By accessing or using Gixo.ai, you agree to this Privacy Policy. If you disagree with any part of this policy, please do not use our Service.

2. Information We Collect
2.1 Information You Provide

Account Information: Name, email address, and authentication credentials (including passkey data for passwordless login)

Profile Information: Company name, job title, industry, and preferences

Payment Information: Processed through our payment provider Lemon Squeezy (Merchant of Record)

Communication Data: Support tickets, feedback, and correspondence

Your Generated Content is Private

Content you create using Gixo.ai (documents, images, presentations, etc.) is stored privately in your account. We do NOT access, view, read, moderate, or publish your generated content. Your content is yours alone. Gixo.ai is a private content creation tool, not a publishing platform.

2.2 Information Collected Automatically

Usage Data: Features used, content generated, API calls, token consumption

Device Information: Browser type, operating system, device identifiers

Log Data: IP address, access times, pages viewed, referring URLs

Analytics Data: Performance metrics, error reports, user behavior patterns

2.3 Information from Third Parties

OAuth Providers: Basic profile information from Google, Microsoft, Facebook, or Twitter when you use social login

Payment Processors: Transaction confirmations and subscription status from Lemon Squeezy

3. How We Use Your Information

We use collected information for the following purposes:

Service Delivery

To provide, maintain, and improve our AI content generation services

Personalization

To customize content suggestions and maintain your brand voice profiles

Account Management

To manage authentication, subscriptions, and user preferences

Analytics & Security

To understand usage patterns, prevent fraud, and ensure security

Your Content is NOT Used for AI Training

We do NOT use your content to train AI models. Your prompts, generated content, uploaded files, and brand voice data are NOT shared with third-party AI providers for model training purposes. Content is processed temporarily to generate outputs and then deleted from our AI providers' systems according to their zero-retention policies.

3.5 AI Processing and Data Handling

Zero Retention: Your content is processed via API calls with zero-retention agreements

Temporary Processing: AI providers process content only to generate responses, then delete it immediately

No Model Training: Your content is never used to improve or train third-party AI models

Encrypted Transit: All data is encrypted in transit via TLS/SSL when sent to AI providers

4. Information Sharing and Disclosure

We do not sell your personal information.

We share information only in these circumstances:

4.1 Service Providers
Provider Purpose Privacy Policy
OpenAI AI text and image generation (GPT, DALL-E) openai.com/privacy
Anthropic AI text generation (Claude) anthropic.com/privacy
Google (Gemini) AI text and multimodal generation policies.google.com/privacy
Lemon Squeezy Payment processing (Merchant of Record) lemonsqueezy.com/privacy
Microsoft Azure Cloud infrastructure and hosting privacy.microsoft.com
Analytics Providers Service usage analysis (anonymized only) Various

Data Processing Agreements: All AI service providers operate under zero-retention API agreements. Your content is processed temporarily to generate outputs and is NOT retained or used for training their models. We have Data Processing Agreements (DPAs) in place with all third-party providers to ensure GDPR compliance.

4.2 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:

Comply with legal obligations

Protect our rights, property, or safety

Prevent fraud or abuse

Respond to government requests

5. Data Security

We implement industry-standard security measures including:

Encryption

• In transit (TLS 1.3)
• At rest (AES-256)

Authentication

• Passwordless login
• Secure token rotation

Monitoring

• Security audits
• Penetration testing

Access Control

• Least privilege
• Regular reviews

5.5 Data Breach Notification

Our Commitment to Transparency:

In the unlikely event of a data breach affecting your personal information, we commit to:

72-Hour Notification: Notify affected users within 72 hours of discovering a breach (GDPR requirement)

Email Notification: Send detailed breach notifications to your registered email address

Full Disclosure: Provide details of what data was affected, scope of the breach, and remediation steps

Immediate Action: Take immediate steps to contain the breach, secure systems, and prevent future incidents

Regulatory Reporting: Report to relevant authorities as required by GDPR, CCPA, and other applicable laws

Follow-Up: Provide ongoing updates and support to affected users throughout the incident response

6. Data Retention

Generous Retention Policy

We believe your content should be accessible when you need it. That's why we retain your content for 12 months after account cancellation — giving you plenty of time to come back or export your work.

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

Data Type Retention Period Why?
Active Content Unlimited while account is active Your work stays with you
Content After Cancellation 12 months grace period Time to export or reactivate
Deleted Content Recovery 30 days in trash Accidental deletion protection
Account Data 12 months after cancellation Easy reactivation with preferences intact
Usage Logs & Analytics 12 months Service improvement and security
Payment Records 7 years Legal and tax compliance (India)

Want to delete everything immediately? You can request immediate deletion of all your content by emailing privacy@gixo.ai. We'll process your request within 48 hours.

7. Your Rights

Depending on your location, you may have the following rights:

Access

Request a copy of your personal data

Correction

Update or correct inaccurate information

Deletion

Request deletion of your personal data

Portability

Receive your data in machine-readable format

Restriction

Limit processing of your data

Objection

Object to certain uses of your data

To exercise these rights, contact us at privacy@gixo.ai.

7.5 California Privacy Rights (CCPA)

California Residents: You have additional rights under the California Consumer Privacy Act (CCPA)

Your CCPA Rights:

Right to Know: Request disclosure of what personal information we collect, use, disclose, and sell (if any)

Right to Delete: Request deletion of your personal information (subject to certain exceptions)

Right to Opt-Out: Opt-out of the "sale" of your personal information (Note: We do NOT sell personal data)

Right to Non-Discrimination: Exercise your rights without discriminatory treatment

Right to Correct: Request correction of inaccurate personal information

Right to Limit Use: Request limitation of sensitive personal information use (if applicable)

We Do NOT Sell Your Personal Information

Gixo.ai does NOT sell, rent, or trade your personal information to third parties for monetary or other valuable consideration. We have never sold personal information in the past 12 months and do not plan to do so in the future.

How to Exercise Your CCPA Rights:

Email us at privacy@gixo.ai with "CCPA Request" in the subject line

We will verify your identity before processing your request

We will respond within 45 days (may extend to 90 days for complex requests)

There is no fee to exercise these rights

Authorized Agents: You may designate an authorized agent to submit a request on your behalf. The agent must provide written permission from you and verify their identity.

8. Cookies and Tracking

We use cookies and similar technologies to:

Maintain your session and authentication state

Remember your preferences and settings

Analyze usage patterns and improve our Service

Provide security features

For detailed information, see our Cookie Policy.

9. Children's Privacy

Gixo.ai is not intended for users under 18 years of age. We do not knowingly collect information from minors. If we learn we have collected information from a minor, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through the Service. Your continued use after changes constitutes acceptance of the updated policy.

11. Contact Information
Zencraft Consultancy Private Ltd.

A/10, Nootan Nagar, First Floor,
Bandra West, Mumbai 400050
Maharashtra, India

General Inquiries: support@gixo.ai
Privacy Concerns: privacy@gixo.ai
Data Protection Officer: dpo@gixo.ai

AI-powered content operating system for modern creators. Create, optimize, and scale your content with intelligence.

© 2025 Gixo.ai. All rights reserved.

Legal

Terms of Service Privacy Policy Cookie Policy Acceptable Use

Billing

Refund Policy Billing Terms Disclaimer Legal Overview

Compliance

DPA GDPR Compliance Security Policy Cookie Settings
Built with for content creators worldwide
High Contrast Mode Disabled
An error has occurred. This application may no longer respond until reloaded. Reload 🗙