Privacy Policy

This privacy policy describes how zevsend ("we," "us," or "the service") collects, uses, and protects information about you when you use our product or visit this website. zevsend is part of the Zev product family.

Two kinds of data

Most messaging products mix two very different things into one privacy policy. We don't. Read whichever applies to you:

• Customer data: you (or your employer) signed up to send messages through zevsend. We hold an account record for you and the messages you send through the API.
• Recipient data: you received an email or SMS from a product that uses zevsend to deliver transactional messages. We're the delivery provider; the sender is our customer.

Information we collect from customers

• Account information. When you sign up, we receive your name and email from ZevID, our single sign-on identity provider.
• Sending domains. The domains you verify for sending, the DNS records you publish to verify them, and the DKIM key material we generate on your behalf (or that you upload).
• API keys. Hashed only. We never store the plaintext after creation. The key fingerprint is logged with each request you make.
• Message metadata. Sender, recipient, subject, message id, send status, bounce reason. Body content is retained only long enough to deliver the message and is removed from our systems on a short rolling schedule.
• Usage data. Standard server logs (timestamps, IP address, user-agent, requested URL) and anonymous product analytics so we can diagnose problems and improve the service.

Information we collect from recipients

If you received a message delivered by zevsend, we process the minimum information needed to deliver it:

• Your email address, phone number, or WhatsApp identifier, whichever the sender supplied.
• The message body, attachments, and headers, for the period needed to deliver and surface delivery status to the sender.
• Delivery status events (delivered, bounced, complained, opened, clicked) returned by upstream carriers.

We do not enrich, profile, or sell recipient data. We do not use recipient data to train machine-learning models. We do not run our own remarketing or analytics inference on recipients.

How we use information

• Operate, maintain, and improve the service.
• Authenticate customers and protect accounts, including detecting and preventing abuse.
• Send operational emails: receipts, security notifications, AUP enforcement actions.
• Surface message-delivery status back to the sender.
• Respond to support requests.
• Comply with legal obligations.

We do not sell personal information, and we do not use message content or recipient data to train machine-learning models.

How information is shared

• Upstream carriers. Messages route through delivery providers (e.g. AWS SES for email, regional SMS carriers, the WhatsApp Business API). They receive the minimum data required to deliver the message.
• Sibling Zev products. When you authorise it explicitly (e.g. linking a zevcloud domain), we exchange the minimum data needed to fulfil the action via the ZPIP protocol.
• Service providers. Infrastructure (hosting, monitoring, backups) operating under contractual data-protection obligations.
• Legal compliance. When required by valid legal process. We push back on overbroad requests.

Retention

Message body and attachment content is removed shortly after delivery. Delivery metadata (sender, recipient, status, message id) is retained for up to 90 days for support and abuse-handling purposes. Bounce / complaint suppression entries are retained indefinitely so we never re-attempt a known-bad address.

Account and billing records are retained for the period required by applicable accounting and tax law.

Your rights

You can request access, correction, or deletion of personal data we hold about you by emailing hello@zevsend.com. If you're a recipient and want to be excluded from future messages from a specific sender, contact that sender directly. They control who they send to.

Security

Sensitive customer fields (API keys, DKIM private keys, encryption secrets) are encrypted at rest with rotating keys. Transport is TLS only. Security reports to security@zevsend.com; we triage promptly.

Changes

Material changes to this policy are announced via email to customers and posted on this page. The effective date at the top reflects the current revision.

Contact

Questions about this policy or how we handle your data: hello@zevsend.com. Abuse reports: abuse@zevsend.com.