1. Who We Are

Thorsen Digital operates the Zira AI platform. This Privacy Policy explains how we collect, use, and protect information when you use our website at ziraaitd.com and our services. By using our services, you agree to the practices described in this policy.

2. Information We Collect

From business clients (you, our subscriber): When you purchase a plan, we collect your name, email address, business name, and payment information (processed securely by Stripe — we do not store card details). When you configure Zira AI for your business, we collect your business details, branding preferences, and service information.

From your customers (end users of the Zira widget): When a visitor interacts with a Zira AI widget deployed on your website, we collect the conversation content, any lead information they voluntarily provide (name, phone, email, service request), and basic session metadata (timestamp, session ID). We do not collect IP addresses or device fingerprints from widget users.

3. How We Use Information

We use collected information to: deliver and improve the Zira AI service, send purchase confirmation and onboarding emails, notify business clients of new leads captured by their widget, provide customer support, and comply with legal obligations. We do not sell, rent, or share your personal information or your customers' information with third parties for marketing purposes.

4. Data Storage and Security

All data is stored on secure cloud infrastructure. Conversation history and lead data are retained for the duration of your active subscription and for 90 days after cancellation, after which it is permanently deleted. We use industry-standard encryption in transit (TLS) and at rest. Access to customer data is restricted to authorized Thorsen Digital personnel only.

5. Cookies

Our website uses minimal cookies necessary for session management and authentication. We do not use third-party advertising cookies or tracking pixels. The Zira AI widget uses a session cookie to maintain conversation continuity during a single browser session; this cookie expires when the browser is closed.

6. Third-Party Services

We use the following third-party services to operate our platform: Stripe (payment processing), and cloud infrastructure providers for hosting and storage. Each of these providers has their own privacy policy governing their use of data. We do not share data with any other third parties.

7. Your Rights

You have the right to access, correct, or request deletion of your personal data at any time. To exercise these rights, contact us at [email protected]. We will respond to all requests within 30 days. If you are located in the European Economic Area, you may also have rights under GDPR including the right to data portability and the right to lodge a complaint with your supervisory authority.

8. Children's Privacy

Our services are intended for businesses and are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active subscribers of material changes via email. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact

For any privacy-related questions or requests, please contact us at [email protected].