Privacy Policy

Version 1.1 · Last updated: 11 July 2026

How we collect, use, share, and protect your personal data.

1. Who we are

ZENCRA LABS PRIVATE LIMITED ("Zencra Labs", "we", "us") operates the Zencra Labs platform and is the Data Fiduciary, or controller, for the personal data described in this policy. Our registered office is B-104, Shankar Dham, Vakola, Santacruz East, Mumbai 400055, Maharashtra, India (CIN U62020MH2026PTC472372). You, the user whose personal data we process, are the Data Principal.

Zencra Labs may expand its legal and operational presence to other jurisdictions, including the United States and the United Arab Emirates, in the future. Until any such entity is formally registered and announced, the operator of the platform remains ZENCRA LABS PRIVATE LIMITED, registered in India.

2. Scope

This policy applies to the Zencra Labs website, products, and creator features. It does not apply to third-party services with their own privacy policies, including the AI providers and payment processors we integrate.

3. Personal data we collect

  • Account and identity data: name, username, email, plan, and role.
  • Date of birth: collected during profile completion to confirm you are at least 18, to complete your profile, and for related bonus eligibility. Your age is derived from it and not stored separately. Your date of birth and age are private by default and are shown on your public profile only if you choose to turn on the relevant setting.
  • Authentication data needed to sign you in and secure your account.
  • Social sign-in data: if you choose to sign in with Google, Microsoft, or Facebook/Meta, we receive limited account and profile information from that provider (such as your name, email address, and a provider account identifier) to authenticate you and set up your account. The exact information varies by provider. We do not receive or store your social-provider password.
  • Content data: prompts, uploads, generated images, video, audio, and related metadata.
  • Usage and device data: activity and security logs, feature usage, IP address, device and browser details, and approximate location derived from IP.
  • Payment references processed by our payment processors. We do not store full card numbers.
  • Support data: messages and the context attached to support tickets.
  • Public profile and gallery content you choose to make public.

4. Purposes and lawful basis

We process personal data to create and manage your account, run generations, process payments, maintain credits and entitlements, provide support, secure the platform and prevent abuse and fraud, comply with legal obligations, and improve our products.

Depending on the activity and applicable law, we rely on your consent where requested, the performance of our contract with you, our legitimate and lawful uses such as security and service operation, and compliance with legal obligations. Where we rely on consent, you may withdraw it as described below; withdrawal does not affect processing already carried out.

5. AI providers and sharing

To generate outputs, your inputs and related data may be shared with third-party AI providers acting as our processors or sub-processors, or as independent controllers under their own terms. We also share data with cloud, storage, analytics, communications, and payment providers, and may share data to comply with law, enforce our terms, or protect rights and safety. Content you make public is visible to others. We do not sell your personal data.

6. Your rights

Subject to applicable law, including the Digital Personal Data Protection Act, 2023, you may request access to your personal data, correction or completion, updating, and erasure, withdraw consent, nominate another person to exercise your rights in the event of death or incapacity, and raise a grievance with us. To exercise these rights or raise a grievance, contact the details below; we will respond within the timelines required by applicable law.

7. Children

The platform is intended for users aged 18 and above and is not directed to children. We do not knowingly collect children's personal data and do not direct advertising to children. If you believe a child has provided us data, contact us so we can take appropriate action.

8. Retention

We retain account data for as long as your account is active, billing and tax records for the periods required by law, security and audit logs for as long as needed for security and compliance, and public content until you delete it or make it private. Residual copies may remain in backups for a limited period before deletion.

9. Security and breach handling

We use reasonable technical and organisational measures to protect personal data, including access controls, encryption in transit, and rate limiting. No system is completely secure. If a personal data breach occurs, we will act in accordance with applicable law, including notifying the relevant authority and affected users where required.

10. Cross-border processing

We are based in India and may process and store personal data in India and in other countries where we or our providers operate, including where AI providers are located outside India. Where required, we apply appropriate safeguards for such transfers.

11. Changes

We may update this policy from time to time. Material changes will be reflected by updating the date on this page and, where appropriate, by notice through the platform or by email.

12. Account deletion and the 14-day grace window

You can request deletion of your account and associated personal data. When you submit a deletion request, we begin a 14-day operational grace period before processing it. This grace window is Zencra Labs' operational safeguard against accidental or unauthorised deletion. It is not a statutory deadline under the Digital Personal Data Protection Act, 2023; we act on your rights within the timelines required by applicable law.

During the grace period you can cancel the request and keep your account. After the grace period, we delete or anonymise your personal data, subject to the retention exceptions below.

  • Deleted or anonymised: profile details, account identifiers, and private generated content and uploaded references where we are able to remove them.
  • Retained where required: billing, payment, tax, fraud-prevention, security, and audit records are kept in minimised form for the periods required by law or legitimate business need, and are de-identified where feasible.
  • Limits: content you previously made public may persist in cached or downstream copies, and outputs already shared with third-party AI providers may be outside our control to delete. Backups are purged on a rolling schedule.

To request deletion, see our Data Deletion page at /data-deletion, contact privacy@zencralabs.com, or use in-app support. We will confirm your request and act within the timelines required by applicable law.

13. Contact and grievances

For privacy questions, to exercise your rights, or to raise a grievance, contact privacy@zencralabs.com. For general support, contact support@zencralabs.com.

This document is effective from the Last updated date shown above and may be updated from time to time. When we make changes we will revise that date and, where appropriate, notify you through the platform or by email. Continued use of Zencra Labs after an update means you accept the revised version.

ZENCRA LABS PRIVATE LIMITED, CIN: U62020MH2026PTC472372, Registered Office: B-104, Shankar Dham, Vakola, Santacruz East, Mumbai 400055, Maharashtra, India.

Incorporated 13 June 2026 in India, under the Companies Act, 2013. Directors: Jai Kumar Nair and Prakash Nair.