Privacy Policy

1. Introduction

Zynoviq Solutions Private Limited (“Zynoviq”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, store, and share information when you use the Zynoviq ProfitGuard Enterprise License Management Platform (“Service”) at portal.zynoviqprofitguard.com.

2. Information We Collect

2.1 Account Information

When you register, we collect:

• Full name and email address
• Company name and job title
• Password (stored as a salted bcrypt hash — never in plain text)
• Authentication tokens from OAuth providers (GitHub, Google, Microsoft)

2.2 Usage Data

We automatically collect:

• API request logs (timestamp, endpoint, response code — not payload content)
• License activation and usage events
• Feature usage metrics for service improvement
• IP addresses and device information for security purposes

2.3 Enterprise Data

When you connect your ERP systems (SAP S/4HANA, Oracle, etc.), we process transaction data solely to deliver the fraud detection and analytics features you have subscribed to. This data is processed in-memory and is not persistently stored beyond your configured retention period.

3. How We Use Your Information

We use collected information to:

• Create and manage your account and licenses
• Provide, maintain, and improve the Service
• Authenticate your identity and secure your account
• Send transactional emails (account confirmations, license expiry alerts)
• Send product updates and marketing emails (only with your explicit consent)
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations

We do not use your enterprise transaction data to train AI/ML models or for any purpose other than delivering the Service to you.

4. Data Storage and Security

Your data is protected with enterprise-grade security measures:

• Encryption at rest: AES-256 for all stored data
• Encryption in transit: TLS 1.3 for all API communications
• Access controls: Role-based access with principle of least privilege
• Infrastructure: Hosted on AWS with SOC 2 Type II certified data centers
• Audit logs: Tamper-proof audit trails for all data access events

We retain account data for the duration of your subscription plus 90 days after termination, unless you request earlier deletion.

5. Data Sharing and Third Parties

We do not sell your personal information. We may share data with:

5.1 Service Providers

Trusted third-party vendors that help us operate the Service (cloud hosting, email delivery, analytics). These vendors are contractually bound to use your data only to provide services to us.

5.2 Legal Requirements

We may disclose information when required by law, court order, or to protect the rights, property, or safety of Zynoviq, our customers, or others.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, with prior notice to you.

6. Cookies and Tracking

The portal uses cookies strictly necessary for authentication and session management. We use the following types:

• Session cookies: Required for login and CSRF protection (expire when you close the browser)
• Preference cookies: Store your theme (light/dark) preference (30-day expiry)

We do not use third-party advertising or tracking cookies on the portal.

7. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your account and personal data (“right to be forgotten”)
• Portability: Export your data in a machine-readable format
• Opt-out: Unsubscribe from marketing emails at any time
• Restriction: Request that we limit how we use your data

To exercise any of these rights, contact us at privacy@zynoviq.com. We will respond within 30 days.

8. GDPR Compliance

For users in the European Economic Area (EEA), we process your data under the following legal bases:

• Contract performance: Data needed to provide the Service you've subscribed to
• Legitimate interests: Security monitoring and fraud prevention
• Legal obligation: Compliance with applicable laws
• Consent: Marketing communications (you may withdraw consent at any time)

9. Children's Privacy

The Service is intended for enterprise use only and is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or an in-app notice at least 30 days before the changes take effect. The “Last updated” date at the top reflects when the most recent revision was made.

11. Contact Us

For privacy inquiries, data requests, or concerns about this policy: