Legal
Privacy Policy
Version 1.0 · Effective July 1, 2026
This Privacy Policy explains how Zuhile Payments Limited, a company registered in the Republic of Zambia ("Zuhile", "we", "us", or "our"), collects, uses, discloses, and protects personal data when you use our platform, websites, and applications (the "Service").
Zuhile plays two roles. For personal data about our own account holders and website visitors, we act as a "controller". For personal data that our customers process through the Service about their own End Users (for example, chat visitors), we act as a "processor" / "service provider" acting on the customer’s behalf and on their instructions. If you are an End User of a business that uses Zuhile, please direct privacy requests to that business in the first instance.
1. Information We Collect
- Account information: name, work email, password (stored hashed), job title, profile photo, and organization details you provide when you register or configure your Workspace.
- Customer Data: the content you and your team submit to the Service, including knowledge-base documents, conversations, messages, tickets, notes, and configuration.
- End User data: information your End Users provide or that is collected when they interact with a support experience you operate (for example, name, email, message content, and basic device/analytics data), processed on your behalf.
- Usage and device data: log data, IP address, browser and device type, pages viewed, and interactions, collected automatically to operate and secure the Service.
- Communications: messages you send us, such as support requests.
- Payment data: if you purchase a paid plan, billing details are processed by our payment processor; we do not store full card numbers.
2. How We Use Information
We use personal data to:
- provide, operate, maintain, and secure the Service;
- power AI Features such as generating responses, summaries, and classifications;
- authenticate users, prevent fraud and abuse, and enforce our Terms;
- provide customer support and respond to your requests;
- send service, security, and transactional communications, and (where permitted) product updates you can opt out of;
- analyze and improve the Service, including reliability and quality; and
- comply with legal obligations and enforce our rights.
3. AI and Machine Learning
To provide AI Features, relevant Customer Data (such as a customer question and the knowledge retrieved to answer it) is sent to our AI subprocessors, including large-language-model providers, to generate a response. These providers process the data to return output to us and, per our agreements with them, do not use it to train their general foundation models.
We use Customer Data to operate the Service for you — for example, to index your knowledge base and ground responses. We do not sell Customer Data, and we do not use it to train models for other customers.
4. Legal Bases for Processing
Where the GDPR or similar laws apply and we act as a controller, we rely on the following legal bases: performance of a contract (to provide the Service you request); our legitimate interests (to secure, maintain, and improve the Service), balanced against your rights; your consent (where required, such as certain communications); and compliance with legal obligations.
6. Data Retention
We retain personal data for as long as your Account is active or as needed to provide the Service, and thereafter as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. When acting as a processor, we retain and delete Customer Data in accordance with our customer’s configuration and instructions and our documentation.
7. Data Security
We implement technical and organizational measures designed to protect personal data, including encryption in transit, access controls, tenant isolation, and least-privilege practices. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your credentials.
8. International Data Transfers
We may process and store personal data in countries other than where you are located. Where required, we use appropriate safeguards for international transfers, such as Standard Contractual Clauses, to protect personal data transferred across borders.
9. Your Privacy Rights
Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of your personal data, to object to certain processing, and to withdraw consent. To exercise these rights with respect to data for which we are the controller, contact us at privacy@usezuhile.com. We will respond as required by applicable law and may need to verify your identity.
If your personal data is processed by a business that uses the Service (i.e., we act as processor), please direct your request to that business; we will assist them in responding as required.
You may unsubscribe from non-essential communications at any time using the link in those messages or by contacting us.
11. Children's Privacy
The Service is intended for business users and is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us personal data, contact us and we will take appropriate steps to delete it.
12. Data We Process on Behalf of Customers
When a business uses the Service to support its own End Users, that business determines the purposes and means of processing and is the controller of the associated personal data. We process such data only on the business’s documented instructions to provide the Service, and pursuant to any applicable data processing terms between us and that business.
13. Third-Party Links and Services
The Service may link to or integrate with third-party sites and services that we do not control. Their privacy practices are governed by their own policies, and we encourage you to review them.
14. Changes to this Policy
We may update this Privacy Policy from time to time. If we make material changes, we will post the updated Policy with a new effective date and, where appropriate, provide additional notice. Your continued use of the Service after the changes take effect constitutes acceptance of the updated Policy.
15. Contact Us
If you have questions or requests regarding this Privacy Policy or our handling of personal data, contact us at privacy@usezuhile.com, or by mail to Zuhile Payments Limited, Lottie House, 8th Floor, Cairo Road, Lusaka, Zambia.
Questions? Email support@usezuhile.com. See also our Terms of Service.