Privacy Policy

This Privacy Policy explains how Fortiplace Global Limited, the operator of ZephfiChat, collects, uses, stores, discloses and protects personal data when you use the ZephfiChat website at https://zephfichat.com; the ZephfiChat web or mobile applications; our artificial intelligence chat services; our subscription and payment services; our customer-support channels; and any other service that links to this Privacy Policy.

In this Privacy Policy, ZephfiChat, Fortiplace, we, us and our refer to Fortiplace Global Limited.

Fortiplace Global Limited is the data controller responsible for determining how and why your personal data is processed through ZephfiChat, except where another organisation acts as an independent data controller.

We process personal data in accordance with applicable law, including the Nigeria Data Protection Act 2023.

By using ZephfiChat, you acknowledge that you have read this Privacy Policy. Where we rely on your consent, we will request it separately and you may withdraw it as described below.

This Privacy Policy applies to personal data collected through ZephfiChat and through communications you have directly with us.

It does not govern websites, applications or services operated independently by third parties. Those third parties are responsible for their own privacy practices.

The information we collect depends on how you use ZephfiChat.

Account information may include your name, email address, username, profile image, authentication-provider identifier, email-verification status, account preferences, subscription plan, account creation date and account status.

Where you sign in through Google or another authentication provider, we may receive limited profile information authorised by you and the provider. We do not receive your password for a third-party authentication provider.

When you use ZephfiChat, we process content that you provide, including prompts and instructions, chat messages, AI-generated responses, conversation titles and history, documents, images, code, text files, feedback and other materials you upload or submit. This information is referred to as User Content.

User Content may contain personal data about you or another person. You should only provide another person's personal data where you have a lawful reason and appropriate permission to do so.

Subscription, credit and payment information may include your selected plan, billing email address, transaction reference, amount and currency, payment status, payment date, subscription status, renewal date, Paystack customer or subscription identifier, payment channel, limited card information such as card brand and last four digits where provided by Paystack, refund and dispute information, and records of credits allocated, reserved, used, refunded or expired.

Payments are processed by Paystack. ZephfiChat does not intentionally collect or store complete payment-card numbers, card PINs, card-security codes or banking passwords on its own systems.

We may automatically collect usage and technical information, including internet protocol address, browser type and version, device type, operating system, preferred language, approximate location derived from your IP address, pages and features used, login and access times, session identifiers, referring pages, error and diagnostic information, model selections, token and credit usage, response times, security and fraud indicators, and actions taken within your account.

When you contact us, we may collect your name and contact information, the contents of your message, attachments, complaint information, support history and information required to investigate or resolve your request.

We may use cookies and similar technologies to keep you signed in, maintain secure sessions, remember your preferences, prevent fraud and abuse, understand how ZephfiChat is used, measure performance and improve the Services. Where required by law, we will request your consent before using non-essential cookies.

Prompts and uploaded files may contain sensitive personal data, including health, financial, biometric, religious, political, sexual-orientation or identification information.

ZephfiChat is not intended to serve as a secure storage service for highly sensitive information.

You should not submit passwords, one-time passwords, ZephfiChat one-time login codes, payment-card PINs, complete card details, private API keys, government identification numbers, confidential banking credentials, protected medical records or information you do not have permission to disclose.

Where you voluntarily include sensitive personal data in User Content, we will process it only as necessary to provide the requested service, comply with law, protect users or pursue another lawful purpose.

We may use personal data to provide the Services, including creating and managing accounts, authenticating users, processing prompts, generating AI responses, storing and displaying conversation history, processing uploaded content, calculating model usage, allocating and deducting credits, managing subscriptions, processing payments and refunds, providing customer support and delivering requested features.

We may use information to operate and improve ZephfiChat, including diagnosing technical problems, monitoring performance, improving reliability and usability, analysing aggregated usage patterns, testing new features, understanding model performance, managing capacity and developing new products and services. Where practicable, we use aggregated or de-identified information for analytics and product improvement.

We may send email-verification messages, one-time login codes, account-security notices, receipts and billing notices, subscription-renewal notices, credit and usage notifications, service announcements, responses to support requests, policy updates and promotional communications where permitted.

You may unsubscribe from promotional communications. You cannot opt out of necessary account, payment, security or legal communications while your account remains active.

We may process information to protect ZephfiChat and its users, including preventing fraud, detecting suspicious activity, enforcing usage and credit limits, investigating abuse, protecting accounts, preventing cyberattacks, moderating prohibited content, enforcing our Terms of Service and protecting the rights, safety and property of ZephfiChat, our users and others.

We may process information to comply with legal obligations, including maintaining financial and transaction records, responding to valid legal requests, complying with tax and regulatory requirements, investigating complaints, establishing, exercising or defending legal claims, and meeting data-protection, consumer-protection and other legal obligations.

Depending on the circumstances, we rely on one or more lawful bases for processing.

Processing may be necessary to provide ZephfiChat, administer your subscription or perform our agreement with you.

We may rely on your consent for activities such as optional marketing, non-essential cookies or other processing presented to you at the time of collection. You may withdraw consent at any time. Withdrawal does not affect processing carried out before consent was withdrawn.

We may process information where necessary to comply with Nigerian law or another applicable legal requirement.

We may process information for legitimate interests including securing ZephfiChat, preventing fraud and abuse, improving service reliability, understanding service usage, maintaining business records and protecting legal rights. We consider the potential effect of such processing on your rights before relying on legitimate interests.

In limited circumstances, we may process information to protect a person's vital interests or perform a task permitted in the public interest.

ZephfiChat provides access to artificial intelligence models operated by third-party providers.

When you submit a prompt, file or image, information necessary to process your request may be sent to OpenRouter, the provider operating the selected AI model and technical providers necessary to deliver the response.

The particular provider may depend on the model you select, provider availability, routing configuration, performance, privacy settings, pricing and service reliability.

Different AI providers may have different policies concerning prompt retention, response retention, abuse monitoring, human review, regional processing, model training and legal compliance.

ZephfiChat does not use your private conversations or uploaded files to train a proprietary ZephfiChat foundation model.

However, an external AI provider's treatment of your content may depend on its applicable terms, data policy and the privacy configuration used for the request.

Where available, we may use routing controls intended to prevent prompts from being used for provider model training or to select providers offering reduced or zero retention. Such controls may not be available for every model, including certain free models.

You should review the data-policy information associated with a model before submitting confidential information.

AI providers may also process limited technical identifiers required for security, billing, abuse detection or service delivery.

We may share personal data with OpenRouter and AI model providers. Prompts, files, images, model selections and generated responses may be processed by OpenRouter and the selected provider to generate the requested output.

We use Paystack to process payments and administer payment-related subscription functions. Paystack may process payment details, transaction information, device information and fraud-prevention information according to its own privacy policy and legal obligations.

We use Resend to send transactional, account, authentication, support and other authorised emails. Resend may process recipient addresses, email content, delivery events, bounce information and limited engagement information where enabled.

We may use infrastructure and technology providers for hosting, database services, file storage, content delivery, monitoring, error reporting, cybersecurity, analytics, authentication, customer support, backup and recovery. These providers may process information only to the extent necessary to perform services for us, subject to contractual and legal requirements.

We may share information with lawyers, accountants, auditors, insurers and other professional advisers where reasonably necessary.

We may disclose information where we reasonably believe disclosure is necessary to comply with applicable law, respond to a valid court order or regulatory request, investigate fraud or unlawful conduct, protect users or the public, enforce our agreements, or establish or defend legal claims.

Information may be disclosed in connection with a merger, investment, financing, reorganisation, acquisition or sale of all or part of our business. Where appropriate, the recipient will be required to use personal data consistently with this Privacy Policy or provide notice of materially different practices.

We may share information with another person or service where you direct us to do so or provide valid consent.

We do not sell or rent personal data to advertisers or data brokers.

We do not allow advertisers to purchase access to your private ZephfiChat conversations.

Some of our service providers and AI providers operate outside Nigeria. Consequently, personal data may be transmitted to or processed in other countries.

Where required, we use appropriate measures designed to protect internationally transferred personal data. These may include contractual data-protection obligations, approved transfer mechanisms, assessment of the destination's data-protection framework, your consent where legally appropriate, transfers necessary to perform a contract or another transfer basis permitted by law.

The laws of the destination country may differ from Nigerian law.

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy.

Retention periods depend on whether your account remains active; the type of information; whether you retain or delete a conversation; contractual requirements; security and fraud-prevention needs; backup schedules; payment and accounting requirements; legal limitation periods; and applicable regulatory obligations.

Conversation history may remain available until you delete the conversation or close your account, subject to legal, security, backup and technical requirements.

Deleting a conversation from your visible account may not immediately remove every temporary, cached or backup copy.

Payment and transaction records may be retained for longer periods where required for tax, accounting, anti-fraud, chargeback, dispute or regulatory purposes.

Where information is no longer required, we will delete, anonymise or securely isolate it, subject to applicable law and technical limitations.

Subject to applicable law and relevant exceptions, you may have rights to be informed about how your personal data is processed; request access to your personal data; request correction of inaccurate or incomplete data; request deletion of personal data; object to certain processing; request restriction of processing; request data portability; withdraw consent; object to direct marketing; request information about significant automated decisions; request human review where legally applicable; and complain to the Nigeria Data Protection Commission.

We may request information necessary to verify your identity before acting on a request.

We may refuse or limit a request where permitted by law, including where the request would adversely affect another person's rights, conflict with a legal obligation or is manifestly unfounded or excessive.

To exercise your rights, contact support@zephfichat.com. You may also submit a complaint to the Nigeria Data Protection Commission.

You may delete individual conversations through available account controls.

You may request deletion of your account by using the account-deletion feature, where available, or by contacting us.

Deleting your account may result in permanent loss of conversation history, uploaded files, preferences, unused promotional credits, subscription access and other account information.

We may retain limited information after account deletion where necessary to comply with law, prevent fraud, resolve disputes or enforce agreements.

We may send promotional messages where you have consented, you are an existing customer and the communication is legally permitted, or another lawful basis applies.

You may unsubscribe using the link included in a promotional email or by contacting us.

Unsubscribing from marketing does not prevent necessary service-related communications.

We use reasonable technical and organisational measures intended to protect personal data, including measures relating to encrypted transmission, access controls, credential and secret management, account authentication, secure software development, logging and monitoring, backups, incident response and third-party provider management.

No system connected to the internet is completely secure. We cannot guarantee that unauthorised access, loss or misuse will never occur.

You are responsible for maintaining the security of your email account, one-time login codes, authentication provider, device and active sessions.

Security issues may be reported to support@zephfichat.com.

ZephfiChat is intended for people who are at least 18 years old.

We do not knowingly permit children under 18 to create independent ZephfiChat accounts.

If you believe that a child has provided personal data to us contrary to this Policy, contact support@zephfichat.com. We will investigate and take appropriate action, which may include deleting the information and closing the account.

ZephfiChat may contain links to third-party websites or services.

We do not control the privacy or security practices of third parties. You should review their privacy policies before providing personal data.

We may update this Privacy Policy to reflect changes to our Services; changes to our providers; new legal requirements; changes to our data practices; or security and operational improvements.

We will update the Last Updated date when changes are made.

Where a change materially affects your rights or how we process personal data, we may provide additional notice through the Services or by email.

For privacy questions, complaints or data-subject requests, contact Fortiplace Global Limited, operator of ZephfiChat.

Country of registration: Nigeria. Website: https://zephfichat.com. Support: support@zephfichat.com.