Zyno
Legal

Privacy Policy

We take your privacy seriously at Zynochat. This policy explains clearly what information we collect, how we use it, and what rights you have over your data.

Last updated: 1 June 2025  |  Effective: 1 June 2025  |  Applies to: zynochat.in and all Zynochat mobile applications.

Overview

Zynochat ("we," "our," or "us") is committed to protecting your personal information and your right to privacy. This Privacy Policy describes how we collect, use, store, and disclose information when you use the Zynochat platform, accessible at zynochat.in and through our mobile applications.

By using Zynochat, you agree to the collection and use of information as described in this policy. If you do not agree with any part of this policy, please discontinue use of the platform and contact us at privacy@zynochat.in to request deletion of your data.

We have designed this policy to be readable. Where legal language is unavoidable, we follow it immediately with a plain-language explanation. Privacy is a core value at Zynochat — not an afterthought.

Information We Collect

Information you provide directly

When you create a Zynochat account or use our services, you may provide:

  • Account information: Username, email address, phone number (if used for verification), and password (stored as a secure hash — we never see your raw password).
  • Profile information: Display name, profile picture, and any optional bio or status text you choose to add.
  • Message content: Text messages, images, files, voice notes, and other media you send through the platform. Private messages are end-to-end encrypted and are not accessible to Zynochat staff.
  • Community content: Posts, comments, and other content you contribute to public or private communities.
  • Support communications: Any information you submit through contact forms or support emails.

Information collected automatically

When you use Zynochat, we automatically collect certain technical information necessary to operate the service:

  • Device information: Device type, operating system, app version, and unique device identifiers for push notifications.
  • Log data: IP address (used for security and fraud prevention, not profiling), timestamps of login and activity, and error logs.
  • Usage data: Aggregate, anonymised information about feature usage (e.g., which features are most used) to help us improve the platform. This data cannot be tied back to individual users.
  • Connection metadata: Information required to route messages — such as sender, recipient, and timestamp — but not message content for encrypted conversations.

Information we do NOT collect

To be explicit about what Zynochat does not do:

  • We do not read the content of your end-to-end encrypted private messages.
  • We do not build behavioural advertising profiles.
  • We do not track your activity across other websites or apps.
  • We do not collect precise location data unless you explicitly share your location in a conversation.
  • We do not collect or process sensitive personal data such as biometrics, financial information, or health data.

How We Use Information

We use the information we collect for the following purposes:

  • To operate the platform: Delivering messages, managing accounts, processing media uploads, and maintaining community functionality.
  • To maintain security: Detecting and preventing fraud, abuse, spam, and unauthorised access. IP addresses and login metadata are retained for security audit purposes.
  • To improve the product: Analysing aggregate, anonymised usage patterns to understand which features are valuable and where improvements are needed.
  • To communicate with you: Sending service-related notifications (e.g., login alerts, account changes). We do not send unsolicited marketing emails unless you have explicitly opted in.
  • To resolve support requests: Using the information you provide in support communications to diagnose and resolve issues.
  • To comply with legal obligations: Retaining data where required by law and responding to valid legal requests in accordance with applicable law.

We do not use your data for advertising, we do not build advertising profiles, and we do not sell your data to any third party — ever.

Data Sharing

Zynochat does not sell, rent, or trade your personal information to third parties. We share data only in the following limited circumstances:

  • Service providers: We use a small number of trusted service providers to operate the platform (e.g., cloud hosting, push notification delivery). These providers are contractually required to process data only on our instructions and in accordance with this policy.
  • Legal requirements: We may disclose data if required to do so by a valid court order, subpoena, or other legal process in the jurisdiction in which we operate. We will notify affected users where permitted by law.
  • Safety: We may share data if we have a good-faith belief that disclosure is necessary to prevent imminent harm, protect the safety of Zynochat users or the public, or address fraud or abuse.
  • Business transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, user data may be transferred as part of that transaction. We will notify users via the platform before any such transfer occurs and before data becomes subject to a different privacy policy.

In all cases of data sharing, we apply the principle of minimum necessary disclosure — we share only what is required and nothing more.

Cookies & Analytics

Zynochat uses a minimal set of cookies and similar technologies. We do not use advertising cookies or third-party tracking cookies.

Essential cookies

These cookies are strictly necessary to provide the service and cannot be disabled. They include session authentication tokens and security cookies that protect against CSRF attacks.

Preference cookies

These cookies remember your preferences (such as theme selection and notification settings). They are first-party cookies and are not used for tracking.

Analytics

We use privacy-preserving analytics to understand aggregate usage patterns. Our analytics implementation does not use fingerprinting, does not track users across sessions or devices, and does not share data with advertising networks. All analytics data is anonymised before storage.

You can opt out of analytics data collection at any time from your account settings, without any impact on the functionality of the platform.

Third-Party Services

Zynochat integrates with a limited number of third-party services to operate the platform. These services have their own privacy policies and we encourage you to review them:

  • Cloud infrastructure: Zynochat's servers and databases are hosted on reputable cloud providers that comply with industry-standard security certifications (ISO 27001, SOC 2 Type II).
  • Push notifications: Mobile push notifications are delivered via Apple Push Notification Service (APNS) and Google Firebase Cloud Messaging (FCM). Only non-sensitive notification metadata (not message content) is transmitted through these services.
  • Payment processing: Premium subscription payments are processed by a PCI-DSS-compliant payment provider. Zynochat does not store your payment card information.

We do not embed social media tracking pixels, advertising SDKs, or third-party analytics frameworks on the Zynochat platform.

Data Retention

We retain your personal data for as long as your account remains active or as needed to provide the service. Specific retention periods:

  • Account data: Retained for the lifetime of your account. Deleted within 30 days of a verified account deletion request.
  • Messages: Messages are stored on our servers to enable sync across your devices. End-to-end encrypted message content cannot be read by Zynochat. Messages can be deleted by the sender at any time.
  • Security logs: IP addresses and login records are retained for up to 90 days for security purposes, then automatically purged.
  • Support communications: Retained for 2 years to enable us to resolve recurring issues, then deleted.
  • Anonymised analytics: Retained indefinitely, as this data cannot be linked to individual users.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right of rectification: You may correct inaccurate personal data at any time through your account settings.
  • Right of erasure: You may request deletion of your account and associated personal data. We will process this within 30 days.
  • Right to data portability: You may request an export of your data in a machine-readable format.
  • Right to object: You may object to processing of your personal data in certain circumstances.
  • Right to restrict processing: You may request that we limit how we use your data in certain circumstances.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, please contact us at privacy@zynochat.in. We will respond within 30 days. We may need to verify your identity before processing requests.

Security

Zynochat implements industry-standard security measures to protect your information:

  • All data in transit is encrypted using TLS 1.3 or higher.
  • Data at rest is encrypted using AES-256.
  • Private conversations use end-to-end encryption (X25519 key exchange, XSalsa20-Poly1305).
  • Passwords are stored using a strong, salted hashing algorithm (bcrypt). We never store raw passwords.
  • We conduct regular security reviews and vulnerability assessments.
  • Access to production systems is restricted to authorised personnel using multi-factor authentication.

Despite these measures, no system is completely immune to risk. We encourage you to use a strong, unique password and enable two-factor authentication on your Zynochat account.

If you discover a security vulnerability, please report it responsibly to security@zynochat.in. We take all security reports seriously and respond within 48 hours.

Children's Privacy

Zynochat is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected data from a child under 13, we will delete it promptly.

If you are a parent or guardian and believe your child has provided personal information to Zynochat, please contact us at privacy@zynochat.in and we will investigate and act accordingly.

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:

  • Update the "Last updated" date at the top of this policy.
  • Notify registered users via an in-app notification or email at least 14 days before the changes take effect.
  • Where required by law, seek your consent before applying new data processing practices.

Your continued use of Zynochat after changes take effect constitutes your acceptance of the updated policy. If you do not agree with changes, you may close your account before they take effect.

Contact Us

If you have questions about this Privacy Policy or how Zynochat handles your personal data, please reach out:

We aim to respond to all privacy-related enquiries within 5 business days. For formal data subject requests (access, erasure, portability), please allow up to 30 days.

This policy applies to: zynochat.in and all official Zynochat mobile applications. It does not apply to any third-party websites or services linked from our platform, including any website claiming to be "Zylochat." Always verify you are on the official zynochat.in domain.