Privacy Policy

Last updated · April 27, 2026

This Privacy Policy explains how Zinthi LLC ("Zinthi", "we", "us", or "our") collects, uses, and protects your information when you use our service at zinthi.io.

1. Information we collect

We collect information you provide directly to us, including:

• Account information such as your name and email address
• Messages, files, and content you create within Zinthi
• Payment information (processed securely by our payment provider — we do not store card details)
• Communications you send to us

We also collect limited technical data automatically, including IP addresses, browser type, and usage data to help us maintain and improve the Service.

1.1 When you connect a Gmail account

If you choose to connect a Gmail account to Zinthi, we access:

• Mail metadata: subjects, senders, recipients, timestamps, labels, and short snippets of message text. We store this metadata in our database to power inbox lists, search, and threading.
• Mail bodies and attachments: we read these on demand from Gmail when you open a message. We do not permanently store mail bodies or attachment content; bodies may be temporarily cached in memory for up to 30 minutes for performance.
• Send permission: when you send a reply or new message through Zinthi, we send it on your behalf via Gmail's API. We never send mail without your explicit action.
• Modify permission: when you archive, label, mark as read, or otherwise manage your inbox in Zinthi, we apply those changes to your Gmail account.

You can revoke Zinthi's access to your Gmail account at any time from your Google account at myaccount.google.com or from Zinthi's settings.

2. How we use your information

We use the information we collect to:

• Provide, operate, and improve the Service
• Send transactional emails such as account confirmations and product updates
• Respond to your support requests
• Detect and prevent fraud or abuse

We do not sell your personal information to third parties. We do not use your content for advertising.

2.1 Use of Google user data

Zinthi's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we use Google user data only to provide and improve the user-facing features of Zinthi. We do not:

• Use Google user data to train, develop, or improve generalized AI or machine learning models
• Transfer Google user data to third parties except as necessary to provide the service, comply with applicable law, or as part of a merger or acquisition (in which case the receiving party will be bound by this policy)
• Use Google user data for advertising
• Allow humans to read Google user data unless we have your explicit consent, it's necessary for security purposes (such as investigating abuse), to comply with applicable law, or for internal operations where the data has been aggregated and anonymized

3. Data storage

Your data is stored securely using industry-standard practices. We use Neon (serverless Postgres) for database storage and Cloudflare R2 for file storage. All data is encrypted in transit via TLS.

For Zinthi Mail specifically:

• Mail metadata (subjects, senders, threading) is stored in Neon Postgres, encrypted in transit and at rest
• OAuth refresh tokens are encrypted at rest using AES-GCM with a key separate from the database encryption
• Mail bodies and attachment content are not persistently stored — they're fetched from Gmail on demand and cached in memory for up to 30 minutes
• Drafts you compose in Zinthi Mail are stored both in our database and synced to your Gmail drafts folder

4. Third-party services

We use a small number of trusted third-party services to operate Zinthi:

• LiveKit — for voice and video calling
• Loops — for transactional and marketing emails
• Cloudflare — for infrastructure and file storage
• Neon — for database storage
• Google (Gmail API) — when you connect a Gmail account, we access your mail through Google's APIs. Your mail content remains primarily on Google's servers; we access it on your behalf only.

Each of these services has their own privacy policy governing their use of data.

5. Cookies

We use minimal cookies necessary to keep you logged in and maintain your session. We do not use tracking or advertising cookies.

6. Your rights

You have the right to access, correct, or delete your personal data at any time. To make a request, email us at hello@zinthi.com and we'll respond within 30 days.

7. Data retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it.

If you disconnect a Gmail account from Zinthi, we delete the associated metadata and revoke our access tokens within 7 days. Mail content itself is unaffected — it remains in your Gmail account.

8. Children's privacy

Zinthi is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children.

9. Changes to this policy

We may update this Privacy Policy from time to time. We'll notify you of significant changes via email. Continued use of the Service after changes constitutes acceptance.

10. Contact

Questions about your privacy? Email us at hello@zinthi.com.