Zyvarin Logo
ZyvarinWrite Once, Publish Everywhere

Privacy Policy

Last updated: December 8, 2025

1. Introduction

Zyvarin Social ("Company," "we," "us," "our," or "Platform") operates the Zyvarin.com website and mobile applications (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with our Service, and the rights and choices available to you regarding your information.

We are committed to protecting your privacy and ensuring you have a positive experience on our platform. Please read this Privacy Policy carefully and contact us if you have any questions.

2. Information We Collect

2.1 Account Registration Information

When you create a Zyvarin account, we collect:

  • Email address
  • Full name
  • Password (hashed using bcrypt, never stored in plain text)
  • Timezone and language preferences
  • Profile avatar and bio
  • Company name and website (optional)

2.2 Social Media Credentials

To enable post publishing, we collect OAuth 2.0 tokens from connected platforms:

  • LinkedIn API tokens (encrypted at rest)
  • Twitter/X API tokens (encrypted at rest)
  • Dev.to API keys (encrypted at rest)

Important: We never store your social media passwords. We only store OAuth tokens required to post on your behalf. These tokens are encrypted using AES-256 encryption.

2.3 Payment Information

For paid subscription plans, payment is processed through Razorpay, a PCI-DSS Level 1 compliant payment processor. We do not store full credit card details. We collect:

  • Last 4 digits of card (for reference)
  • Card brand (Visa, Mastercard, etc.)
  • Billing address
  • Transaction history and invoice records

2.4 Content Information

We collect and store:

  • Post content (text, images, media URLs)
  • Scheduled publishing times
  • Post status and performance metrics
  • Draft posts and templates
  • Media files uploaded (images, videos)

2.5 Usage Data

We automatically collect information about how you interact with our Service:

  • Device information (IP address, browser type, OS)
  • Pages visited and time spent
  • Click patterns and feature usage
  • Login times and frequency
  • Error logs and crash reports
  • Referral source (where you came from)

2.6 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your experience:

  • Session Cookies: NextAuth.js authentication tokens (httpOnly, Secure flags)
  • Analytics Cookies: Google Analytics for usage insights
  • Preference Cookies: Remember your theme and language preferences
  • Third-party Cookies: From Razorpay (payment processing)

3. How We Use Your Information

We use collected information for:

  • Providing and maintaining the Service
  • Processing subscriptions and payments
  • Publishing posts to your connected social media accounts
  • Generating AI-powered content suggestions
  • Tracking analytics and engagement metrics
  • Sending service updates and notifications
  • Resolving disputes and providing customer support
  • Detecting and preventing fraud and abuse
  • Complying with legal obligations
  • Improving our Service through analysis and testing

4. Data Security

We implement comprehensive security measures to protect your data:

  • Encryption: All sensitive data encrypted with AES-256 at rest
  • HTTPS: All data in transit protected with TLS 1.3
  • OAuth 2.0: Social media authentication without storing passwords
  • Database Security: PostgreSQL with role-based access control
  • Regular Audits: Monthly security assessments
  • SOC 2 Type II: Compliant with SOC 2 standards
  • Access Control: Principle of least privilege for employee access

While we implement strong security measures, no system is completely immune to breaches. We maintain cyber liability insurance and a responsible disclosure program.

5. Data Retention

We retain your information for as long as necessary to provide the Service and comply with legal obligations:

  • Active Accounts: Data retained while account is active
  • Deleted Accounts: Data deleted within 30 days of account deletion
  • Backups: Backups retained for 90 days for disaster recovery
  • Payment Records: Retained for 7 years (tax compliance)
  • OAuth Tokens: Deleted immediately upon account deletion or platform disconnection

6. Data Sharing & Disclosure

We do not sell your personal data. We only share data when:

  • Social Media Platforms: We share posts/content you authorize to LinkedIn, Twitter, Dev.to
  • Payment Processor: Razorpay processes payments and securely stores billing information
  • AI Services: Google Gemini API for content suggestions (anonymized prompts)
  • Analytics: Google Analytics (anonymized usage data)
  • Legal Requirements: Law enforcement requests (with proper legal process)
  • Service Providers: Email (Nodemailer), hosting (Vercel)

We do not allow third parties to use your data for their own marketing purposes.

7. Your Privacy Rights

7.1 GDPR Rights (EU Users)

If you are an EU resident, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion ("right to be forgotten")
  • Data Portability: Export your data in machine-readable format
  • Restrict Processing: Limit how we use your data
  • Object: Opt-out of specific processing activities

7.2 CCPA Rights (California Users)

If you are a California resident, you have the right to:

  • Know what personal information we collect
  • Know whether your personal information is sold or disclosed
  • Opt-out of the sale or sharing of your personal information
  • Access your personal information
  • Request deletion of personal information
  • Correct inaccurate information

7.3 Exercising Your Rights

To exercise any of these rights, contact us at privacy@zyvarin.com with the subject line "Data Request." Include your name, email, and specific request. We will respond within 30 days.

8. Third-Party Links

Our Service may contain links to third-party websites and services not operated by Zyvarin. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. Please review their privacy policies before providing any information.

9. Children's Privacy

Zyvarin is not intended for users under 18 years old. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will delete it promptly. If you believe we have collected information from a child, please contact us immediately.

10. Policy Changes

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes by updating the "Last Updated" date at the top of this policy. Your continued use of the Service constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Zyvarin Social Inc.

Email: privacy@zyvarin.com

Support: zyvarin.com/support

Data Protection Officer: dpo@zyvarin.com

Stay in the loop

Get the latest on product updates, tips, and social media insights.

Zyvarin Logo
ZyvarinWrite Once

The smarter way to manage social media. Trusted by 50,000+ teams worldwide.

Product

  • Pricing
  • Compare

Resources

  • Help Center
  • Use Cases

Company

  • About
  • Contact

Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • Acceptable Use Policy
  • Data Processing Agreement
  • Security & Compliance

© 2025 Zyvarin, Inc. All rights reserved.

TwitterLinkedInGitHubYouTube