Meet Zap 2: the AI agent that can handle your entire frontline support Learn more

Contact sales Get Started
megamenu-blog-image
New Release

Procurement Process 2026: Expert Guide to Smarter Decisions

Master the procurement process with this step-by-step guide. Boost efficiency, cut costs, and build stronger supplier relationships with ease.

Read now
By Industry

Our adaptable procurement solution delivers efficiency and cost savings for every industry.

By Personas

Zapro empowers every person in the procurement process to achieve their goals.

megamenu-blog-image
New Release

Buy from Amazon. Approve in Zapro. Track everything.

Punch-In or Punch-Out, every order flows through your approvals, budgets, and books without you lifting a finger.

Read now

Effective Date:August 31, 2025

Entity: Zapro AI Pvt. Ltd. (“Zapro AI,” “we,” “our,” or “us”)

Zapro AI is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our websites (zapro.ai, gozapro.com, thevendor.ai), applications, APIs, and related services (collectively, the “Services”).

If you have signed a Master Services Agreement (MSA) or Enterprise SLA with Zapro AI, that agreement will govern in case of conflict with this Privacy Policy.

1. Information We Collect

We collect the following categories of information:

  • Account Information: Name, email, phone, job title, billing and payment details.
  • Customer Data: Vendor data, procurement records, contracts, or other business information you upload or generate in the Services.
  • Usage Data: Log files, IP addresses, browser/device details, product usage metrics, cookies, and telemetry.
  • Support & Communications: Information you provide in emails, chats, or calls with our support team.
  • Cookies & Tracking: We use cookies, pixels, and analytics tools to understand usage and improve services. See our Cookie Policy for details.

2. How We Use Your Information

We use information to:

  1. Provide, operate, and secure the Services.
  2. Deliver AI-based features and Outputs (with safeguards).
  3. Communicate with you about your account, updates, and support.
  4. Send marketing emails and newsletters only with your prior consent; you may unsubscribe at any time via the link in our emails.
  5. Improve performance, reliability, and user experience.
  6. Detects fraud, abuse, or security risks.
  7. Comply with applicable laws and legal processes.

We do not sell or rent personal information.

Where applicable, our processing is based on:

  • Contractual necessity – providing Services you requested.
  • Legitimate interests – improving security, preventing fraud.
  • Consent – for marketing emails, optional cookies, and certain AI processing.
  • Legal obligations – tax, compliance, government requests.

4. How We Share Information

We may share information with:

  • Subprocessors: Cloud hosting, analytics, communications, and AI infrastructure providers (listed here).
  • Resellers/Partners: If you purchased through an authorized reseller, limited information is shared to support billing and provisioning.
  • Legal Authorities: When required by law, valid court order, or mutual legal assistance treaty.
  • Corporate Transactions: If Zapro AI undergoes a merger, acquisition, or reorganization.

We never sell Customer Data to third parties.

5. Data Retention

  • Customer Data is deleted from active systems within 30 days of account termination.
  • Backups are purged within 60 days.
  • Logs may be retained longer for security, audit, or compliance reasons.
  • Customers may request deletion of their data at any time by contacting infosec@zapro.ai.

6. Security

  • Zapro AI maintains ISO 27001:2022 certified ISMS and SOC 2 Type II audited controls.
  • Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • We apply least-privilege access controls, monitoring, vulnerability management, and incident response procedures.

⚠️ Important: The Services are not designed to process highly sensitive regulated data such as health information (PHI under HIPAA), payment card data (PCI DSS), or children’s data unless explicitly covered by a signed agreement.

7. International Data Transfers

  • Data may be processed in India, the US, or other jurisdictions where we or our subprocessors operate.
  • For EU/UK transfers, we rely on Standard Contractual Clauses (SCCs) and UK IDTA.
  • For India, we comply with the Digital Personal Data Protection Act (DPDP), 2023.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • GDPR/UK GDPR: Access, rectify, erase, restrict, object, portability.
  • CCPA/CPRA: Know, access, delete, opt-out of “sale/share” of data (not applicable; Zapro AI does not sell personal data).
  • DPDP (India): Access, correction, erasure, consent withdrawal, grievance redressal.

You may exercise rights by contacting us at privacy@zapro.ai. We may need to verify your identity before fulfilling requests.

9. Children’s Privacy

The Services are not directed to children under 16 (or minimum age in your country). We do not knowingly collect children’s data. If we learn we have, we will delete it promptly.

10. AI-Specific Disclosures

  • Inputs & Outputs: You control your prompts and Customer Data. Outputs are generated based on your inputs and are your responsibility to validate.
  • Model Training: We do not use Customer Data to train generalized AI models unless you provide explicit written opt-in consent.
  • Responsible Use: Outputs should not be used as the sole basis for medical, legal, financial, or safety-critical decisions.

11. Subprocessors and Third Parties

We maintain an updated subprocessor list here. We will notify customers before adding new subprocessors.

12. Cookies & Tracking

We use:

  • Strictly Necessary Cookies: Required for basic functionality.
  • Analytics Cookies: To understand usage and improve services.
  • Functional Cookies: To remember preferences.
  • Advertising/Retargeting Cookies: Only if you consent.

You can manage cookies via your browser settings or our cookie banner. See our Cookie Policy.

13. Changes to this Privacy Policy

We may update this Privacy Policy periodically. Updates will be posted on our website with a revised “Effective Date.” Where required by law, we will provide advance notice and obtain consent.

14. Contact Us

For questions or privacy requests:

📧 privacy@zapro.ai
📧 legal@zapro.ai
📍 Zapro AI Pvt. Ltd., WeWork Prestige Atlanta, Koramangala, Bengaluru, Karnataka, India

If you are in the EU/UK, you may also contact our appointed EU/UK Representative at:
📧 eu-privacy@zapro.ai

If you are in India, you may contact our appointed Grievance Officer at:
📧 privacy@zapro.ai

If you are not satisfied, you may escalate complaints to your local Data Protection Authority (EU/UK) or to the Data Protection Board of India (DPB).