Privacy Policy for Zensus

Last Updated: November 28, 2025

We at Zensus Inc. (together with our affiliates, "Zensus," "we," "our," or "us") respect your privacy and are strongly committed to keeping secure any information we obtain from you or about you. This Privacy Policy describes our practices with respect to Personal Data that we collect from or about you when you use our website at https://zensus.app, mobile applications, AI voice assistant, and related services (collectively, "Services").

As an early-stage startup company developing innovative Consensus AI technology for financial education and guidance, we are committed to transparency about how we collect, use, and protect your information. This Privacy Policy applies to all users of our Services, whether you access them through our website, mobile applications, or other platforms.

Important Note About AI Training:

For information about how we use conversational data to improve our Consensus AI agents and the financial guidance they provide, and your choices with respect to that data, please see Section 2.3 below. We are committed to using your data responsibly to enhance the accuracy and reliability of our AI-powered financial education platform.

Contact Information:
Zensus Inc.
Austin, Texas, United States
Email: hello@zensus.app
Website: https://zensus.app

1. Personal Data We Collect

We collect Personal Data about you when you use our Services. "Personal Data" means information that identifies, relates to, describes, or is reasonably capable of being associated with you. The categories of Personal Data we collect depend on how you interact with our Services.

1.1 Information You Provide Directly

We collect Personal Data that you provide directly to us, including:

Account Information:

  • Name and email address
  • Password (stored encrypted)
  • Phone number (if provided)
  • Profile picture (optional)
  • Account preferences and settings

Financial Profile Information:

  • Financial goals and objectives
  • Income information (if provided)
  • General financial situation details
  • Risk tolerance and investment preferences
  • Debt and savings information (if provided)

Communication Data:

  • Messages you send to our support team
  • Conversations with our AI voice assistant
  • Feedback, survey responses, and reviews
  • Questions and queries submitted through the Services

Payment Information:

  • Payment card information (processed by Stripe; we do not store full card numbers)
  • Billing address
  • Transaction history

1.2 Information Collected Automatically

When you use our Services, we automatically collect certain information, including:

Device Information:

  • Device type, model, and manufacturer
  • Operating system and version
  • Browser type and version
  • Device identifiers (such as IDFA or Android Advertising ID)
  • Screen resolution and device settings

Usage Information:

  • Pages and features you access
  • Time spent on different sections of the Services
  • Clickstream data and navigation paths
  • Search queries and interactions with AI agents
  • Features used and frequency of use

Location Information:

  • IP address and general geographic location
  • Time zone
  • Precise location (only if you grant permission)

Technical Information:

  • Log data (access times, errors, performance data)
  • Cookies and similar tracking technologies
  • Session identifiers
  • Referral sources and URLs

1.3 Information from Third-Party Services

If you choose to connect your account with third-party services, we may collect:

  • Profile information from social media authentication (Google, Apple, Auth0)
  • Information you authorize third-party services to share with us
  • Data from integrated financial services (if and when available)

1.4 Voice Data

When you use our AI voice assistant feature, we collect and process:

  • Audio recordings of your voice interactions
  • Transcriptions of your spoken queries
  • Voice characteristics for speech recognition (not used for biometric identification)

You can control voice data collection through your device settings and can request deletion of voice recordings at any time by contacting hello@zensus.app.

1.5 Cookies and Tracking Technologies

We use cookies and similar technologies to collect information and improve our Services:

  • Essential Cookies: Required for the Services to function properly
  • Analytics Cookies: Help us understand how users interact with our Services
  • Preference Cookies: Remember your settings and preferences
  • Performance Cookies: Monitor and improve Service performance

You can control cookies through your browser settings, though disabling certain cookies may limit functionality.

2. How We Use Personal Data

We use the Personal Data we collect for the following purposes:

2.1 To Provide and Improve Our Services

  • Create, maintain, and authenticate your account
  • Provide personalized AI-powered financial guidance through our Consensus AI agents
  • Process your voice queries and generate appropriate responses
  • Track your financial goals and provide progress updates
  • Customize content and recommendations based on your profile
  • Develop new features and improve existing functionality
  • Analyze usage patterns to enhance user experience
  • Conduct research and development for our AI technology

2.2 To Communicate With You

  • Send you service-related notifications and updates
  • Respond to your questions, comments, and support requests
  • Send educational content and financial literacy resources
  • Notify you of changes to our Services, policies, or terms
  • Send marketing communications (with your consent; you may opt out at any time)
  • Request feedback and conduct surveys

2.3 To Train and Improve Our AI Models

AI Training and Development:

We use conversational data from your interactions with our AI agents to train and improve our Consensus AI technology. This helps us:

  • Improve the accuracy and reliability of financial guidance
  • Reduce AI hallucinations and errors
  • Enhance the consensus-building process among specialized agents
  • Better understand user needs and common financial questions
  • Develop new agent specializations and capabilities

Your Choices: You can opt out of having your conversation data used for AI training by contacting us at hello@zensus.app. Opting out will not affect your ability to use our Services, but may limit the personalization of your experience.

2.4 To Process Payments and Subscriptions

  • Process payment transactions for premium subscriptions
  • Manage billing and invoicing
  • Detect and prevent payment fraud
  • Handle refunds and subscription changes

2.5 For Security and Legal Compliance

  • Detect, prevent, and respond to security incidents and fraud
  • Monitor and analyze security threats
  • Enforce our Terms of Service and other policies
  • Comply with legal obligations and respond to legal requests
  • Protect our rights, property, and safety, and that of our users
  • Resolve disputes and investigate complaints

2.6 For Analytics and Business Operations

  • Understand how users interact with our Services
  • Measure the effectiveness of our features and marketing
  • Conduct market research and competitive analysis
  • Generate aggregated, de-identified statistics for business purposes
  • Plan for future development and scaling of Services

2.7 Legal Basis for Processing (for EEA/UK users)

If you are located in the European Economic Area or United Kingdom, we process your Personal Data based on the following legal grounds:

  • Contractual Necessity: To provide the Services you've requested
  • Legitimate Interests: To improve our Services, ensure security, and conduct business operations
  • Consent: When you've provided explicit consent (e.g., for marketing communications)
  • Legal Obligation: To comply with applicable laws and regulations

3. Disclosure of Personal Data

We do not sell your Personal Data. We may share your Personal Data with third parties in the following circumstances:

3.1 Service Providers

We share Personal Data with third-party service providers who perform services on our behalf, including:

  • Cloud Infrastructure: AWS for hosting and data storage
  • Payment Processing: Stripe for payment and subscription management
  • AI Services: Anthropic (Claude API) and other AI service providers for powering our Consensus AI
  • Analytics: Service providers that help us understand usage patterns
  • Communication Services: Email and notification service providers
  • Customer Support: Tools and services to help us provide support

These service providers are contractually obligated to protect your Personal Data and use it only for the purposes we specify.

3.2 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your Personal Data may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your Personal Data.

3.3 Legal Requirements and Protection of Rights

We may disclose Personal Data if required to do so by law or if we believe in good faith that such disclosure is necessary to:

  • Comply with legal obligations, court orders, or government requests
  • Enforce our Terms of Service or other agreements
  • Protect the rights, property, or safety of Zensus, our users, or the public
  • Detect, prevent, or address fraud, security, or technical issues
  • Protect against legal liability

3.4 With Your Consent

We may share your Personal Data with third parties when you explicitly consent to such sharing, such as when you choose to connect third-party services to your Zensus account.

3.5 Aggregated and De-Identified Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you. This data may be used for research, analytics, marketing, or other business purposes.

3.6 Enterprise Customers

If you use our Services through an enterprise plan provided by your employer or organization, we may share usage and performance data with that organization as specified in the enterprise agreement.

4. Retention

We retain your Personal Data for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary depending on the type of data and the purposes for which we use it.

4.1 Retention Periods

Account Data:

  • Retained for the duration of your account plus 90 days after account closure (unless you request immediate deletion)
  • Some information may be retained longer for legal, tax, or regulatory purposes

Financial Profile Data:

  • Retained while your account is active and for 90 days after account closure
  • You may request deletion at any time

Conversation Data:

  • Voice recordings retained for 90 days unless you request earlier deletion
  • Transcriptions and conversation logs retained for up to 2 years for AI training purposes (unless you opt out)
  • De-identified conversation data may be retained indefinitely for research

Payment Data:

  • Transaction records retained for 7 years for tax and accounting purposes
  • Payment card information is not stored by us (handled by Stripe)

Usage and Analytics Data:

  • Typically retained for 24 months
  • Aggregated, de-identified data may be retained indefinitely

Support Communications:

  • Retained for 3 years to help improve our support services

4.2 Data Deletion

When we no longer need your Personal Data, or when you request deletion, we will:

  • Securely delete or anonymize the data
  • Ensure our service providers also delete the data
  • Retain only what is necessary for legal, regulatory, or legitimate business purposes

Please note that some data may remain in backup systems for a limited period even after deletion from active systems.

5. Your Rights

Depending on your location and applicable law, you may have certain rights regarding your Personal Data. We are committed to honoring these rights regardless of your location.

5.1 Access and Portability

  • Right to Access: You can request a copy of the Personal Data we hold about you
  • Right to Data Portability: You can request your data in a structured, commonly used, machine-readable format

To request access to your data, contact us at hello@zensus.app. We will provide your data within 30 days of verification.

5.2 Correction and Update

  • Right to Rectification: You can correct inaccurate or incomplete Personal Data
  • Most information can be updated directly through your account settings
  • For data you cannot update yourself, contact us at hello@zensus.app

5.3 Deletion

  • Right to Erasure: You can request deletion of your Personal Data
  • To delete your account and associated data, go to account settings or contact us
  • Some data may be retained for legal or legitimate business purposes
  • Backup copies may persist for a limited time after deletion

5.4 Restriction and Objection

  • Right to Restrict Processing: You can request that we limit how we use your Personal Data
  • Right to Object: You can object to our processing of your Personal Data for certain purposes, such as marketing
  • To exercise these rights, contact us at hello@zensus.app

5.5 Withdraw Consent

  • Where we rely on your consent to process Personal Data, you can withdraw consent at any time
  • Withdrawal does not affect the lawfulness of processing before withdrawal
  • Some Services may not be available if you withdraw consent

5.6 Marketing Communications

  • Opt-Out: You can unsubscribe from marketing emails using the link in the email or through account settings
  • We will still send you essential service-related communications even if you opt out of marketing

5.7 Automated Decision-Making

Our Consensus AI system makes automated recommendations about financial strategies. While these recommendations are AI-generated, they are:

  • Educational in nature, not binding financial advice
  • Accompanied by confidence scores and explanations
  • Subject to your independent verification and decision-making

You have the right to request human review of AI-generated recommendations. Contact us at hello@zensus.app for assistance.

5.8 How to Exercise Your Rights

To exercise any of these rights:

  1. Send an email to hello@zensus.app with your request
  2. Specify which right(s) you wish to exercise
  3. Provide information to verify your identity
  4. We will respond within 30 days of verification

5.9 Complaints

If you believe we have not complied with applicable privacy laws, you have the right to lodge a complaint with:

  • Us directly at hello@zensus.app
  • Your local data protection authority (for EEA/UK residents)
  • The Federal Trade Commission (for U.S. residents)

6. Children

Age Requirement

Our Services are not intended for, and we do not knowingly collect Personal Data from, individuals under the age of 18 (or the age of majority in your jurisdiction). If you are under 18, do not use our Services or provide any Personal Data to us.

6.1 Parental Notice

If you are a parent or guardian and believe that your child under 18 has provided Personal Data to us, please contact us immediately at hello@zensus.app. We will promptly:

  • Investigate the matter
  • Delete the child's Personal Data from our systems
  • Terminate the account if applicable
  • Take steps to prevent future collection from that individual

6.2 Educational Context

While Zensus provides financial education content, we are not a platform designed for use in K-12 educational settings. Our Services are intended for adults (18+) seeking to improve their financial literacy and receive AI-powered financial guidance.

6.3 COPPA Compliance

We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13. If we discover we have collected such information, we will delete it immediately.

7. Security

We take the security of your Personal Data seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction.

7.1 Security Measures

Technical Safeguards:

  • Encryption: Data in transit is protected using TLS 1.3; data at rest is encrypted using AES-256
  • Zero Trust Architecture: Every access request is verified and authenticated
  • Secure Infrastructure: Services hosted on AWS with enterprise-grade security
  • Regular Security Audits: Third-party penetration testing and vulnerability assessments
  • Access Controls: Role-based access controls and multi-factor authentication
  • Monitoring: 24/7 security monitoring and intrusion detection

Organizational Safeguards:

  • Employee training on data protection and security practices
  • Strict access policies limiting who can access Personal Data
  • Incident response plan for security breaches
  • Regular security policy reviews and updates
  • Vendor security assessments and contractual protections

Payment Security:

  • Payment processing through PCI DSS compliant provider (Stripe)
  • We do not store full payment card numbers
  • Tokenization of payment information

7.2 Your Security Responsibilities

While we implement strong security measures, you also play a role in protecting your data:

  • Use a strong, unique password for your Zensus account
  • Enable multi-factor authentication when available
  • Do not share your account credentials with others
  • Log out from shared or public devices
  • Keep your email account secure (it's used for account recovery)
  • Report suspicious activity immediately

7.3 Security Breach Notification

In the event of a data breach that affects your Personal Data, we will:

  • Notify you within 72 hours of discovering the breach (as required by applicable law)
  • Provide information about what data was affected
  • Explain the steps we're taking to address the breach
  • Offer guidance on how you can protect yourself
  • Notify relevant authorities as required by law

7.4 Limitations

No security system is impenetrable. While we strive to protect your Personal Data, we cannot guarantee absolute security. You acknowledge that you provide your Personal Data at your own risk.

7.5 SOC 2 Compliance Roadmap

We are working toward SOC 2 Type II compliance, with a target certification by Month 15 of our operations. This certification will provide independent verification of our security controls and practices.

8. Additional U.S. State Disclosures

If you are a resident of certain U.S. states, you may have additional privacy rights under state law. This section provides required disclosures and explains your rights under these laws.

8.1 California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights regarding your Personal Information.

Categories of Personal Information We Collect:

  • Identifiers (name, email, IP address)
  • Financial information (payment data, financial goals)
  • Internet activity (usage data, browsing history)
  • Audio/voice data (voice assistant interactions)
  • Geolocation data (general location from IP address)
  • Inferences (derived from usage patterns and AI interactions)

Business Purposes for Collection:

  • Providing and improving our Services
  • Personalizing user experience
  • Processing transactions
  • Customer support
  • Security and fraud prevention
  • Analytics and research
  • AI training and development

Your California Privacy Rights:

  • Right to Know: Request disclosure of Personal Information we collect, use, and share
  • Right to Delete: Request deletion of your Personal Information
  • Right to Correct: Request correction of inaccurate Personal Information
  • Right to Opt-Out: Opt out of sale or sharing of Personal Information (Note: We do not sell Personal Information)
  • Right to Limit: Limit use and disclosure of Sensitive Personal Information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

Sensitive Personal Information: We collect the following categories of Sensitive Personal Information: financial information and precise geolocation (only with permission). We use this data only to provide the Services you request and as described in this Privacy Policy.

Retention: See Section 4 for details on how long we retain different categories of data.

Sale and Sharing: We do not "sell" Personal Information as defined by California law. We do not "share" Personal Information for cross-context behavioral advertising.

How to Exercise Your Rights: Email hello@zensus.app with your request. We will verify your identity and respond within 45 days. You may designate an authorized agent to make requests on your behalf.

8.2 Virginia, Colorado, Connecticut, and Utah Residents

If you are a resident of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), or Utah (UCPA), you have rights similar to those described for California residents, including:

  • Right to access your Personal Data
  • Right to correct inaccuracies in your Personal Data
  • Right to delete your Personal Data
  • Right to obtain a copy of your Personal Data (data portability)
  • Right to opt out of targeted advertising (Note: We do not engage in targeted advertising)
  • Right to opt out of sale of Personal Data (Note: We do not sell Personal Data)

To exercise these rights, contact us at hello@zensus.app. If you are not satisfied with our response, you may appeal by replying to our response email.

8.3 Nevada Residents

Nevada residents have the right to opt out of the sale of certain Personal Information. We do not sell Personal Information as defined under Nevada law. If you have questions, contact us at hello@zensus.app.

8.4 Other States

We extend similar privacy protections to residents of all U.S. states. If your state has enacted privacy legislation and you wish to exercise rights under that law, please contact us at hello@zensus.app.

9. Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

9.1 Notice of Changes

  • Update the "Last Updated" date at the top of this Privacy Policy
  • Post the revised Privacy Policy on our website and in our mobile applications
  • For material changes, provide additional notice through:
    • Email notification (if you have an account)
    • Prominent notice in the Services
    • Push notification (for mobile app users)

9.2 What Constitutes a Material Change

Material changes include, but are not limited to:

  • Changes in how we collect, use, or share Personal Data
  • Changes in your rights or our obligations
  • Changes in data retention periods
  • New categories of Personal Data collected
  • New purposes for processing Personal Data
  • Changes in third parties with whom we share data

9.3 Your Acceptance of Changes

By continuing to use our Services after we post or send a notice about changes to this Privacy Policy, you accept the updated Privacy Policy. If you do not agree to the changes, you must stop using our Services and may delete your account.

9.4 Prior Versions

If you would like to review a prior version of this Privacy Policy, please contact us at hello@zensus.app.

10. How to Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Zensus Inc.

Email: hello@zensus.app
Website: https://zensus.app
Mail: Zensus Inc., Austin, Texas, United States

Subject Line for Privacy Requests: "Privacy Request" or "Data Rights Request"

10.1 Response Time

We strive to respond to all privacy-related inquiries within:

  • General questions: 5 business days
  • Data access requests: 30 days
  • Data deletion requests: 30 days
  • Security concerns: 24-48 hours

10.2 Verification Process

To protect your privacy and security, we will verify your identity before fulfilling data rights requests. We may ask you to:

  • Provide your email address associated with your account
  • Confirm recent account activity
  • Provide additional identifying information
  • Respond to an email sent to your registered email address

10.3 Authorized Agents

You may designate an authorized agent to submit requests on your behalf. The authorized agent must:

  • Provide written proof of authorization
  • Verify their own identity
  • Provide information to help us verify your identity

Thank you for trusting Zensus with your Personal Data.

We are committed to protecting your privacy and being transparent about our data practices. As a startup company, we continuously work to improve our privacy and security measures as we grow.

© 2025 Zensus Inc. All rights reserved.