Privacy & Trust Center

We are committed to protecting your data and your privacy. Here's how we do it.

Last Updated: March 14, 2026

We Do Not Sell Your Data

Encrypted In Transit & At Rest

You Control Your Data

PCI-Compliant Billing

Introduction

Welcome to ZeroDue. We are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your information.

Information We Collect

We only collect what is necessary to operate and improve ZeroDue. This includes:

  • Personal Information: Name, email address, and securely hashed account credentials.
  • Financial Information: Income, expenses, debts, credit cards, and subscription details. This data is logically isolated to your workspace.
  • OAuth Data: When signing in with Google or Apple, we receive your name and email. We do not store your social media passwords.
  • Usage Data: Anonymized data on features accessed and time spent to improve user experience.

How We Use Your Information

We use your data to provide, improve, and secure our service. This includes processing transactions, sending security alerts, and analyzing usage patterns to enhance our application.

How We Share Your Information

We do not sell your personal data. We only share it in limited circumstances with trusted partners for essential services:

  • Service Providers: For payment processing (Stripe) and email delivery.
  • Legal Requirements: If required by law or to protect our rights.

Workspace Data Isolation

Your financial data is logically separated from all other users within our secure infrastructure. Key points:

  • Every piece of financial data you enter is tied to your unique workspace identifier, ensuring complete separation from other users.
  • Our application code is built to enforce this separation at every query, ensuring you can only ever access your own workspace's data.
  • This model allows you to securely invite team members to your workspace in the future, knowing your data boundaries are strictly maintained.

How We Protect Your Data

We use bank-level security to protect your information 24/7.

  • Encryption: AES-256 for data at rest and TLS 1.3 for data in transit.
  • Authentication: Secure JWT sessions, OAuth 2.0, and role-based access controls.
  • Infrastructure: Regular security audits and continuous monitoring on secure cloud infrastructure.
  • Payment Security: All billing is handled by PCI-compliant providers (Stripe). We never store your full credit card details.

Your Data Rights

You have full control over your data, including the right to access, correct, delete, and export it at any time. To exercise these rights, please contact us at privacy@getzerodue.com.

Data Retention

Your data is retained while your account is active. Upon account deletion, your data is permanently deleted from our production systems within 30 days.

Third-Party Services

We partner with industry-standard secure providers for critical services. You can view their privacy policies for more information:

Contact Us

If you have any questions about this Privacy Policy, please contact our privacy team at privacy@getzerodue.com. We respond to all privacy-related inquiries within 3 business days.