ZetaLoop

Privacy Policy

Last Updated: June 27, 2026

At ZetaLoop, we take privacy seriously — yours and your customers'. This policy explains how we collect, use, and protect personal data when you use our AI workflow automation services, including missed call capture, AI Native CRM, email triage, invoice chasing, lead generation, data extraction, and data enrichment.

1. Information We Collect

  • Business account data: Your company name, contact details, and billing information provided when you sign up.
  • Connected system data: Data from the tools you integrate with ZetaLoop, including email inboxes (Gmail, Outlook), accounting software (QuickBooks, Xero), calendars, and ERP systems. We access only what is necessary to run your automations.
  • Customer interaction data: Messages, call logs, and emails processed by your automations, including names, phone numbers, email addresses, and conversation content.
  • Document data: Invoices, purchase orders, contracts, and other documents submitted for data extraction. These are processed to extract structured fields and are not retained beyond what is needed to complete the task.
  • Lead and prospect data: Contact records, company information, and enrichment data generated or processed as part of lead generation and data enrichment workflows.
  • Usage and performance data: Logs of automation activity, outcomes, and system performance used to operate and improve the service.

2. How We Use Your Data

We use the data we collect to:

  • Build, deploy, and operate your custom automations
  • Process inbound communications (calls, emails, messages) on your behalf
  • Extract, enrich, and structure data from documents and contact lists
  • Update your AI Native CRM after calls, emails, and interactions
  • Chase overdue invoices and send automated follow-ups
  • Generate and send outbound lead generation outreach
  • Provide you with activity summaries, notifications, and dashboard data
  • Improve our AI through aggregated, anonymised analysis — we never use your specific customer data to train models serving other clients

3. Data Security and PII Handling

We apply strict controls to protect sensitive information at every step:

  • PII redaction: Our processing pipeline uses automated PII detection to identify and redact sensitive personal data (payment details, identification numbers, full addresses) before data is stored or passed to AI models. Redacted values are re-hydrated only when generating outputs, and only locally.
  • Minimal retention: Document data processed for extraction is not stored beyond what is needed to complete the task and push results to your system of record.
  • Pass-through for sensitive fields: Customer data collected during automations (contact details, deal information, conversation history) is written directly to your connected systems. We do not retain this data on our servers any longer than necessary to complete the action.
  • Encryption: Data in transit is encrypted using TLS. Data at rest is encrypted using AES-256.
  • Access controls: Access to customer data is restricted to personnel who need it to operate and support your automations.

We do not sell your data or your customers' data to any third party.

4. Data Sharing

We share data only where necessary:

  • With sub-processors required to operate the service (messaging providers, AI model providers, cloud infrastructure) under strict data processing agreements.
  • With your connected systems (CRM, accounting tools, ERP) as directed by your automation configuration.
  • With legal authorities when required by law.

5. Your Rights (GDPR)

We comply with UK GDPR. You have the right to access, correct, delete, or restrict the processing of your personal data at any time. If your automations process personal data on behalf of your customers, you are the data controller and we act as a data processor. Contact us at the address below to exercise your rights or to request a Data Processing Agreement.

6. Data Retention

Automation logs and conversation records are retained for up to 12 months to support your dashboard and reporting, after which they are securely deleted or anonymised. Document extraction data is deleted once successfully pushed to your system of record. You can request earlier deletion at any time.

7. Cookies and Analytics

Our website uses analytics tools (including Google Analytics and Microsoft Clarity) to understand how visitors use the site. These tools may set cookies. You can opt out via your browser settings. We do not use cookies to track your customers or their interactions with your automations.

Questions or requests? Contact us at: privacy@zetaloop.ai