Your Rights Under the General Data Protection Regulation
Zylex AI is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
The GDPR gives you control over your personal data. This page explains your rights and how to exercise them.
Note: While Zylex AI strives to comply with GDPR principles globally, specific GDPR rights only apply to individuals in the European Economic Area (EEA), UK, and Switzerland.
You have the right to access your personal data and know how we use it.
How to exercise: Log in to your dashboard to view your account information and credit history. For a complete data export, contact us at privacy@zylexai.app.
You can update or correct your personal information at any time.
How to exercise: Update your email address through your account settings. Contact us for any corrections we need to make.
You can request deletion of your personal data.
How to exercise: Contact us at privacy@zylexai.app with your account email. We will delete your data within 30 days, except where we have legal obligations to retain it.
You can request that we limit how we use your data.
How to exercise: Contact us at privacy@zylexai.app to discuss restrictions on data processing.
You can receive your data in a structured, machine-readable format.
How to exercise: Request a data export by emailing privacy@zylexai.app. We will provide your data in JSON format within 30 days.
You can object to certain types of data processing, including marketing.
How to exercise: Opt out of marketing emails by clicking the unsubscribe link in any email, or contact us directly.
Under GDPR, we must be transparent about what data we collect, why we collect it, and how long we keep it. Here's a detailed breakdown:
Data Collected:
Email address, password (hashed), account creation date
Purpose:
Account management and authentication
Legal Basis:
Contractual necessity
Retention Period:
Until account deletion
Data Collected:
Tool usage, credit transactions, generation timestamps
Purpose:
Service provision and improvement
Legal Basis:
Legitimate interest
Retention Period:
90 days for transactions, account lifetime for totals
Data Collected:
Your inputs to AI tools
Purpose:
AI processing through third-party APIs
Legal Basis:
Contractual necessity
Retention Period:
Temporary (not permanently stored)
Data Collected:
IP address, browser type, device info
Purpose:
Security, fraud prevention, analytics
Legal Basis:
Legitimate interest
Retention Period:
30 days for logs
Zylex AI uses third-party services that may process data outside the EEA:
We ensure all third-party processors have adequate safeguards in place, including Standard Contractual Clauses (SCCs) where applicable.
For any questions about your data or to exercise your GDPR rights, contact us at:
privacy@zylexai.app
We will respond to all GDPR requests within 30 days as required by law. Complex requests may take up to 60 days, and we will notify you if an extension is needed.
If you believe we have not handled your data appropriately, you have the right to file a complaint with your local data protection authority:
We implement appropriate technical and organizational measures to protect your data:
For more details, please see our Privacy Policy and Terms of Service.
Last Updated: November 30, 2025