Privacy Policy & Data Processing Addendum (DPA)

Version 2.0 | Last Updated: May 1, 2026

This policy describes how Zolvari Technologies, LLC ("Zolvari", "we", "us", or "our") collects, uses, and shares your personal information when you use the SevenTwelvez platform.

1. Information We Collect

We collect information you provide directly to us, information collected automatically, and information from third parties:

  • Account Data: Name, email address, password, company details, and role (buyer, creator, affiliate).
  • Usage Data: Log data, device information, browser type, IP address, and interactions with the platform.
  • Payment Data: Billing details and transaction history. Financial information is processed directly by Stripe; we do not store full credit card numbers.
  • Creative Content: Videos, briefs, assets, scripts, and communications submitted through the platform.
  • Cookies & Tracking: We use cookies to maintain sessions and track performance.

2. How We Use Information

We use the collected information for the following purposes:

  • Service Delivery: To operate the platform, process orders, and facilitate creator fulfillment.
  • Payments & Settlements: To process payments, handle subscriptions, and distribute creator payouts.
  • AI Processing: To analyze briefs and creative content for quality control (QC) using AI models.
  • Analytics & Improvement: To monitor platform performance and optimize algorithms.
  • Fraud Prevention: To protect against unauthorized access, fraudulent transactions, and platform abuse.
  • Communications: To send transactional emails, platform updates, and marketing (where permitted).

3. Legal Bases for Processing

We process your data under the following legal bases (applicable under GDPR):

  • Contract Performance: To fulfill our Terms of Service and deliver the requested services.
  • Legitimate Interests: To improve our platform, ensure security, and prevent fraud.
  • Consent: Where you have explicitly agreed (e.g., marketing communications, certain cookies).
  • Legal Obligation: To comply with tax, accounting, and regulatory requirements.

4. Data Sharing & Subprocessors

We share your data with trusted third-party service providers who assist in operating the platform:

  • Stripe: Payment processing and financial settlements.
  • Google Gemini: AI processing for content analysis and automated QC.
  • UploadThing: Secure file hosting and storage for creative assets.
  • OneSignal: Delivery of push notifications.
  • Resend: Delivery of transactional emails.

For a complete list of current providers, please review our Subprocessors page.

5. International Transfers

Your information may be transferred to, and processed in, the United States and other countries where our subprocessors operate. We ensure such transfers are protected by appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission, where applicable.

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy or as required by law. Typically, account data is retained for the lifecycle of your account plus 12 months after cancellation. For more details, please review our Data Retention policy.

7. Your Rights

Depending on your location, you may have specific rights regarding your personal data:

  • GDPR (Europe): The right to access, rectify, erase, restrict processing, portability, and object to processing.
  • CCPA/CPRA (California): The right to know what is collected, delete data, opt-out of sales/sharing, and non-discrimination.

To exercise these rights, please contact us at the address provided below.

8. Children's Privacy

The SevenTwelvez platform is strictly for business use. We do not knowingly collect personal information from individuals under the age of 18. If we discover that a minor has provided us with personal information, we will immediately delete such data.

9. Security Measures

We implement rigorous security measures, including:

  • Encryption of data in transit (TLS 1.2+) and at rest.
  • AES-256 encryption for sensitive tokens and credentials.
  • Strict Role-Based Access Controls (RBAC) across the platform.

Review our Trust & Security Statement for more details.

10. Data Processing Addendum (DPA)

This section constitutes the Data Processing Addendum governing the processing of personal data on behalf of our customers (Data Controllers).

10.1 Definitions

Terms such as "Data Controller", "Data Processor", "Personal Data", and "Processing" shall have the meanings given under the GDPR.

10.2 Processing Scope

Zolvari acts as a Data Processor for the purpose of providing the platform services. We process data strictly according to the documented instructions of the Data Controller.

10.3 Sub-processors

The Controller authorizes the Processor to engage sub-processors (as listed in Section 4). The Processor will provide 30 days' notice of any new sub-processor, giving the Controller the opportunity to object.

10.4 Data Subject Rights

The Processor shall assist the Controller, using appropriate technical and organizational measures, to respond to requests from data subjects exercising their rights.

10.5 Security Measures

The Processor implements industry-standard technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and regular audits.

10.6 Breach Notification

The Processor shall notify the Controller without undue delay, and no later than 72 hours, after becoming aware of a personal data breach affecting the Controller's data.

10.7 Audit Rights

The Processor shall make available to the Controller all information necessary to demonstrate compliance with this DPA and allow for audits conducted by the Controller or an appointed auditor.

10.8 Term & Deletion

Upon termination of the service, the Processor shall, at the choice of the Controller, delete or return all personal data to the Controller, unless applicable law requires continued storage.

11. Contact Information

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: privacy@zolvaritech.com
Governing Law: North Carolina