Skip to main content
Zenic

Privacy Policy

Last updated: March 31, 2026

Zenic ("we," "our," or "us") operates the website and application at zenic.app. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (hashed). If you sign in through a third-party provider (e.g., Google), we receive your name, email, and profile picture from that provider.

Financial Data

You may voluntarily provide financial goals, expense records, and related notes. This data is stored in your account and is never shared with third parties for advertising purposes.

Receipt Images

If you use our receipt scanning feature, uploaded images are processed using Google Cloud Vision for optical character recognition (OCR). Images are transmitted securely, processed in real time, and are not retained by Google after processing.

Billing Information

Payment processing is handled by Stripe. We do not store your full credit card number. Stripe retains payment method details, transaction history, and billing address in accordance with their Privacy Policy.

Usage & Analytics Data

We use PostHog for product analytics. This includes page views, feature usage, device type, browser, and approximate location (country/region). Analytics data is aggregated and used to improve the product. You can opt out of analytics tracking in your account settings.

2. How We Use Your Information

  • To provide, maintain, and improve Zenic's features and services
  • To process transactions and manage subscriptions via Stripe
  • To extract data from receipt images using Google Cloud Vision OCR
  • To power our AI-driven True Cost Calculator using Anthropic's language models
  • To send transactional emails (account verification, password resets, billing receipts)
  • To analyze usage patterns and improve the user experience via PostHog
  • To detect, prevent, and address technical issues or abuse

3. Data Storage & Security

Your data is stored in Supabase (built on PostgreSQL). We implement the following security measures:

  • Row Level Security (RLS): Database policies ensure you can only access your own data
  • Encryption in transit: All data is transmitted over TLS/HTTPS
  • Encryption at rest: Database storage is encrypted at rest
  • Authentication: Secure session management via Supabase Auth with JWT tokens

4. Third-Party Services

We share data with the following third-party services only as necessary to operate Zenic:

  • Supabase— Database hosting, authentication, and storage
  • Stripe— Payment processing and subscription management
  • Google Cloud Vision— Receipt image OCR processing
  • Anthropic— AI-powered financial calculations and insights
  • PostHog— Product analytics and feature tracking

5. Cookies

Zenic uses essential cookies for authentication and session management. We also use analytics cookies through PostHog to understand how users interact with our service. You can disable non-essential cookies through your browser settings or account preferences.

6. Your Rights (GDPR & CCPA)

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of all personal data we hold about you
  • Right to Export: Download your data in a portable format (JSON/CSV) from your account settings
  • Right to Rectification: Update or correct your personal information at any time
  • Right to Deletion: Request deletion of your account and all associated data. Upon request, your account enters a 30-day grace period during which you can cancel the deletion. After 30 days, all data is permanently and irreversibly deleted
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Object: Opt out of analytics tracking and non-essential data processing
  • Right to Data Portability: Receive your data in a structured, machine-readable format

To exercise any of these rights, visit your account settings or contact us at privacy@zenic.app.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. If you delete your account, your data will be permanently removed after the 30-day grace period. We may retain anonymized, aggregated data for analytics purposes.

8. Children's Privacy

Zenic is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of Zenic after changes constitutes acceptance of the revised policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@zenic.app
Website: zenic.app