Privacy Policy
Last updated: 10 June 2026
ZenGem BV ("ZenGem") provides a B2B Marketing and Sales application and website at zengem.ai (the "Service"). This policy explains how ZenGem handles personal data. Questions? Email us at: [email protected].
1. Data ZenGem processes
ZenGem does not sell personal data and does not use it for advertising.
Any personal data the User processes through the platform is governed by ZenGem's Data Processing Agreement (provided as part of the User's customer agreement), under which ZenGem acts as the User's processor.
2. Connected email accounts (Gmail and Outlook)
If the User connects their Google or Microsoft account to send email through the Service, ZenGem requests only the permissions needed to send on the User's behalf:
-
Google — https://www.googleapis.com/auth/gmail.send (send email on the User's behalf). ZenGem requests no read scopes.
-
Microsoft — Mail.Send (send email on the User's behalf), plus basic profile (the User's name and email address) used only to identify the connected account.
What this means (for both):
-
ZenGem uses this access only to send the specific emails the User composes, reviews, and approves inside the Service.
-
ZenGem cannot and does not read, download, search, or store the contents of the User's mailbox or received messages. The send permissions grant no read access.
-
To send on the User's behalf, ZenGem securely stores the access and refresh tokens. They are encrypted at rest and never shared.
-
The User can revoke access at any time
— Google: myaccount.google.com/permissions; Microsoft: myaccount.microsoft.com (My Sign-Ins)
— or by disconnecting the account in the Service. This immediately stops ZenGem from sending on the User's behalf.
Limited Use. ZenGem's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
3. Sharing
ZenGem shares personal data only with service providers (sub-processors) that help ZenGem run the Service — such as cloud hosting, infrastructure, and AI processing providers — under agreements that limit them to acting on ZenGem's instructions. Some may process data outside the EEA under appropriate safeguards. A current list of ZenGem's sub-processors is available on request at [email protected]. ZenGem may also disclose data where required by law.
4. Retention
ZenGem keeps personal data only as long as needed to provide the Service. When the User deletes their account or disconnects a connected account, ZenGem deletes the associated data and tokens, except where the law requires ZenGem to keep it longer.
5. Security
ZenGem protects data with encryption in transit and at rest, access controls, and audit logging. OAuth tokens for connected accounts are stored encrypted in a dedicated secrets vault.
6. The User's rights
The User can access, correct, or delete their personal data in their account settings or by emailing [email protected].
7. Changes
ZenGem may update this policy. Material changes will be notified in the Service or by email, and the date above will change.
Connected email
account data
Usage data
See Section 2
Log data, feature usage, device/browser info
Only to send email on the User's behalf
To operate and improve the Service
To create and secure the User's account
The User's name and
email address
Account data