Privacy Policy

Last updated: 2026-06-02 · United States

⚠ Template content — pending legal review
This is template legal text for the United States, drawn from common patterns in the United States's privacy and consumer-protection frameworks. It has not been reviewed by counsel licensed in the United States and is not a substitute for jurisdiction-specific legal advice. Review by qualified counsel is required before commercial launch in this jurisdiction. If you have any concerns, please contact us at the email address at the bottom of this page.

This Privacy Policy explains what data ZenZ Voice collects about you, how we use it, what we don’t do, and the rights you have under applicable US state privacy laws (including the California Consumer Privacy Act and similar laws in other states).

1. The short version

We collect the minimum data needed to run the Platform.
We never sell your personal information. We never share it with advertisers.
Your real name, phone number, and any government ID details are never displayed publicly.
You can ask us to delete your account and data at any time.

2. What we collect

When you create an account:

Phone number — used as your sign-in identifier. Stored encrypted; never shown publicly.
Email address — for password recovery and notifications. Stored encrypted; never shown publicly.
Password — stored as a salted hash; we never see your plain password.
Language preference.
Pseudonym — auto-generated; the only identifier shown publicly.

When you post issues, comments, or reactions:

Content — title, body, media, location of the issue. Publicly visible.
IP address and browser info — kept for security and abuse forensics. Not displayed publicly.

Automatic technical data:

Cookies / session tokens — strictly necessary; no advertising cookies.
IP-based country — to pre-select your country on the Platform.

3. What we do NOT collect

Your home address (we never ask for it).
Your social-media accounts or contacts list.
Information about other people on your device.
Continuous or background location. See Section 3a below for the opt-in, one-time location feature.

3a. Optional location detection (opt-in)

To help you find civic issues in your area, we offer an optional “Use my location” button on certain pages. We do not access your location automatically or without your action.

If you click the button:

Your browser asks for your permission. If you decline, nothing is shared.
If you allow, your device sends your latitude and longitude to bigdatacloud.net, a third-party reverse-geocoding service operated from Australia, to convert the coordinates into a ZIP code.
The ZIP code is sent to our server, which looks up your county or district.
Your raw GPS coordinates are NOT stored on our server or kept in your browser. Only the resolved area (and only after you confirm) is saved to your session.
You can always pick your area manually instead.

This collection is by your direct request (you clicked the button). California residents: precise geolocation is treated as “sensitive personal information” under CCPA/CPRA and we limit its use to the purpose described above. We do not use it for any other purpose and do not sell or share it.

Separately, we read your approximate country from your IP address on every visit so we can show you the right interface — this does not require browser permission and is not stored long-term.

4. Categories of personal information (CCPA disclosure)

Under California Civil Code § 1798.100 et seq., we disclose that in the past 12 months we have collected the following categories of personal information about California residents:

Identifiers (account email, phone number, IP address, pseudonym)
Customer records (account preferences)
Internet activity (interactions with the Platform)
Geolocation data:
- Country-level, derived from IP, on every visit.
- Precise geolocation (sensitive PI) — only if you click “Use my location” and grant browser permission. Used once to resolve to a ZIP code and is not retained.

We do not collect biometric information, characteristics of protected classifications, sensory data beyond what users voluntarily attach to posts, or inferences drawn from any of the above.

We do not sell or share personal information for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA. We limit our use of sensitive personal information (including precise geolocation) to the purposes described in this Policy, in accordance with CPRA § 1798.121.

5. How we use what we collect

To operate the Platform — show your posts, let people co-sign, send notifications.
To prevent abuse — block accounts that violate the Terms; rate-limit suspicious traffic.
To improve the Platform — aggregate, de-identified analytics.
To comply with law — respond to valid legal process.

6. How we protect your data

Encryption at rest — AES-256-GCM for all personally identifying fields including phone and email.
Encryption in transit — TLS 1.2+ for every connection.
Access control — role-based; every PII view is written to an append-only audit log.

7. Your rights

Depending on your state of residence, you may have the right to:

Know what personal information we have collected, used, and disclosed about you.
Access a copy of that information in a portable format.
Correct any inaccurate information.
Delete your personal information (subject to legal exceptions).
Opt out of any sale or sharing (we do not sell or share, but you may exercise this right).
Not be discriminated against for exercising these rights.

To exercise these rights, write to voicezenz@gmail.com with your registered email and the request. We respond within the timeframe required by applicable law (typically 45 days under the CCPA, with one 45-day extension where reasonably necessary).

You may also designate an authorized agent to make a request on your behalf, subject to verification of the agent’s authority.

8. How long we keep your data

Account data — for as long as your account exists.
Deleted account data — purged within 30 days, except where retention is required by law.
Audit logs — retained for one year for security and forensic purposes.

9. Lawful disclosure

We disclose user data only against valid legal process (subpoena, court order, search warrant) served on us under applicable US law. We notify the affected user where permitted by law. Every disclosure is logged. We publish a transparency report twice a year.

10. Children

The Platform is for adults. We do not knowingly collect personal information from children under 13, in compliance with the Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501. If you believe we have inadvertently collected data from a child, write to voicezenz@gmail.com and we will delete it.

11. Changes to this Policy

We may update this Policy. Material changes will be announced on the homepage and by email to registered users.

12. Contact

Privacy contact
Email: voicezenz@gmail.com