Privacy Policy

Last updated: March 2026

Zera Align ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our project management and lead management application.

1. Information We Collect

We collect the following information when you use Zera Align:

  • Account Information: Full name, email address, phone number, and company name provided during registration.
  • Profile Photo: Optional profile image you choose to upload.
  • Project Data: Projects, tasks, team members, leads, and other content you create within the app.
  • Usage Data: Information about how you interact with the app, including features used and actions taken.
  • Device Information: Device type, operating system, app version, and push notification tokens.
  • Location Data: Approximate location when you use the attendance check-in feature (only with your permission).
  • Phone Call Metadata (Android, optional): When you explicitly enable "Lead Capture from Calls," the app reads the phone number of the most recent call from your device's call log immediately after a call ends, so you can save that number as a lead. This happens only on your device, only when call detection is enabled, and only the phone number is read - never call audio, contact names, or call history beyond the most recent number. The number stays on your device unless you choose to save it as a lead.
  • Contacts (optional): If you grant contacts permission, the app reads contact names and phone numbers solely to let you pick team members to invite to a project. Contacts are read on-device at the moment of picking; we do not upload your full address book to our servers.
  • Camera & Photos: With your permission, the camera or photo library is used to capture profile pictures, project icons, chat images, and face photos for attendance registration. Media you choose to upload (profile/project/chat) is stored on our cloud storage; face photos are processed on-device and discarded after we extract the embedding (see Face Data).
  • Face Data (biometric, optional): When you register your face for attendance verification, we extract a numerical face embedding (a 128-number mathematical representation) on your device. Only this embedding is sent to our server for identity matching during check-in — we do not store or transmit your actual face photo for recognition purposes. You can delete your face data at any time from company settings.
  • Chat & Project Content: Messages, files, voice notes, tasks, and leads you create within a project are stored on our servers so all project members can access them in real time. Content is visible only to participants of the project.

Why we ask for boot-completion access on Android: the app needs to re-arm the call-detection listener after a device restart. We do not run any background service, do not show overlays, and do not collect data at boot. The boot signal only wakes the app process so the system can later notify it when a call ends.

2. Data from Meta (Facebook/Instagram)

When you connect your Meta account, we collect the following data as authorized by you through Facebook Login for Business:

  • Page Information: Names and IDs of the Facebook Pages you manage and choose to connect.
  • Lead Ad Data: Contact information (name, phone number, email) submitted by potential customers through your Facebook and Instagram Lead Ad forms.
  • Ad Campaign Data: Campaign names, form names, and ad IDs associated with leads.
  • Access Tokens: Encrypted OAuth tokens to maintain your connection (stored securely using AES-256-GCM encryption).

We only access the specific data you authorize. We do not access your personal Facebook profile, posts, friends list, or messages.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Zera Align application.
  • Manage your account and enable project collaboration with your team.
  • Import and display leads from your Meta Lead Ad campaigns so you can follow up with potential customers.
  • Send push notifications about new leads, messages, and project updates.
  • Detect duplicate leads within your organization to avoid redundant follow-ups.
  • Provide customer support and respond to your requests.

4. Data Sharing

We do not sell, rent, or trade your personal data or Meta data to any third party. We may share your information only in the following cases:

  • Team Collaboration: Project data and leads are shared with team members within your company as configured by you.
  • Service Providers: We use cloud hosting and storage providers to operate our service. These providers process data on our behalf under strict contractual obligations.
  • Legal Requirements: We may disclose information if required by law, court order, or to protect our legal rights.

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encrypted data transmission (HTTPS/TLS) for all communications.
  • AES-256-GCM encryption for stored Meta access tokens.
  • Secure authentication using JWT tokens.
  • HMAC-SHA256 signature verification for incoming Meta webhooks.
  • Regular security reviews and updates.

However, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. Lead data imported from Meta is retained until you delete it or disconnect your Meta account. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law.

7. Data Deletion

You can request deletion of your data at any time by:

  • Disconnecting Meta: Go to Settings > Meta Integration > Disconnect. This removes your Meta connection and access tokens.
  • Deleting your account: Contact us at the email below to request complete account deletion. All data will be permanently deleted within 30 days.
  • Deleting specific leads: You can delete individual leads from within the app at any time.

8. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Update: Correct or update your personal information through your profile settings.
  • Delete: Request deletion of your account and all associated data.
  • Revoke Meta Access: Disconnect your Meta account at any time.
  • Export: Request a portable copy of your data.
  • Withdraw Consent: You may withdraw consent for data processing at any time by contacting us.

9. Children's Privacy

Zera Align is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy within the app and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

support@zeraalign.com