← Back to home

Privacy Policy

Last updated: March 4, 2026

This Privacy Policy describes how Zeakat (“we,” “us,” or “our”) collects, uses, and protects your personal information when you use our platform, website, and services (the “Service”). We are committed to protecting your privacy and being transparent about our data practices.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, and password (stored as a secure hash). If you subscribe to a paid plan, payment processing is handled by Stripe — we do not store your credit card details directly.

1.2 Brand Vault Data

You may voluntarily provide information about your brand, including brand voice descriptions, audience profiles, content pillars, offers, and platform strategies. This data is stored securely and used exclusively to personalize AI-generated content for your account.

1.3 Generated Content

We store the content you generate using our tools, including drafts, final outputs, scheduled posts, and associated metadata (tool used, credits charged, timestamps). This content is stored to provide you with a content library, version history, and publishing capabilities.

1.4 Usage Data

We automatically collect information about how you use the Service, including pages visited, tools used, generation frequency, and feature interactions. This data helps us improve the Service and identify technical issues.

1.5 Social Media Connections

When you connect social media accounts for publishing, we store access tokens and basic account information (platform, account name, account ID). Access tokens are encrypted at rest. We only access your social media accounts to publish content you explicitly schedule or send.

1.6 Cookies and Analytics

We use essential cookies for authentication and session management. We may use analytics tools to understand aggregate usage patterns. We do not use third-party advertising cookies or trackers.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Personalize AI-generated content using your brand vault data
  • Process payments and manage your subscription
  • Publish content to your connected social media accounts
  • Send transactional emails (account verification, password resets, billing notifications)
  • Send product updates and announcements (with your consent, which you can withdraw at any time)
  • Monitor and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

3. How We Do NOT Use Your Information

We want to be explicit about what we do not do:

  • We do not use your content or vault data to train AI models. Your brand data and generated content are never fed back into model training.
  • We do not sell your personal information to third parties for advertising or any other purpose.
  • We do not share your vault data or content with other users or third parties, except as necessary to provide the Service (e.g., publishing to your connected platforms).
  • We do not serve targeted advertising or allow third-party ad networks to track you on our platform.

4. Data Sharing

We share your information only in these limited circumstances:

  • AI Processing: Your prompts and vault context are sent to Anthropic’s Claude API for content generation. Anthropic processes this data according to their API terms and does not use API inputs for model training. See Anthropic’s Privacy Policy for details.
  • Payment Processing: Billing information is processed by Stripe. See Stripe’s Privacy Policy.
  • Social Media Publishing: When you publish content, it is sent to the connected platform (LinkedIn, Instagram, Facebook, X, TikTok, YouTube) via their APIs.
  • File Storage: Uploaded files (such as profile avatars) are stored using Vercel Blob storage.
  • Legal Requirements: We may disclose information if required by law, court order, or government request, or if necessary to protect the rights, safety, or property of Zeakat or others.

5. Data Storage and Security

Your data is stored in secure, encrypted databases hosted on reputable cloud infrastructure. We implement industry-standard security measures including:

  • Password hashing using bcrypt with a work factor of 12
  • Encryption of sensitive data (social media tokens) at rest
  • HTTPS encryption for all data in transit
  • Session management with token versioning for session invalidation
  • Rate limiting to prevent abuse

While we take reasonable measures to protect your data, no system is 100% secure. You are responsible for maintaining the security of your account credentials.

6. Data Retention

We retain your account data for as long as your account is active. When you delete your account, we soft-delete your data immediately (making it inaccessible) and permanently delete it from our systems within 30 days. Some information may be retained longer if required for legal, tax, or accounting purposes.

Credit transaction history is retained for billing and audit purposes for up to 7 years after account deletion, as required by financial regulations.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data — you can export all your data from Settings > Data & Privacy
  • Correct inaccurate data — you can update your profile and vault data at any time
  • Delete your account and data — available in Settings > Data & Privacy
  • Port your data — the data export feature provides a machine-readable JSON file
  • Withdraw consent for optional communications — manage notification preferences in Settings
  • Object to certain processing — contact us to discuss

To exercise any of these rights, use the self-service tools in your account settings or contact us at hello@zeakat.com.

8. Team Accounts

If you are part of a team, the team owner and administrators may have access to content and activity within the team workspace. Your personal account settings, vault data, and individual content remain private to you unless explicitly shared with the team.

9. Children’s Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information promptly.

10. International Data Transfers

Your data may be processed and stored in the United States and other countries where our service providers operate. By using the Service, you consent to the transfer of your data to these jurisdictions, which may have different data protection laws than your country of residence.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at: