ZenovaConnect
This page is a draft pending final legal review. The binding terms are those set out in the signed contract.

Privacy Policy

Last updated: pending legal review before launch

This page describes ZenovaConnect's current privacy practices for clients, trial users, and site visitors of the ZenovaConnect platform (connect.z-energy.tech). The final legal text will be confirmed and published by counsel before launch.

1. Scope

This applies to clients, trial users, and site visitors of the ZenovaConnect platform (https://connect.z-energy.tech). It does NOT apply to: (a) end-user (plant owner) data collected by your own platforms; (b) data collected by third-party vendor cloud APIs.

2. Data We Collect

We currently collect the following categories of data: - Account info: name, email, company, phone (via the contact form) - Technical info: IP, User-Agent, referrer (anti-spam and attribution) - Device telemetry: data we pull from vendor APIs on your behalf (representing your end customers) - Usage data: API access frequency, error logs (service operations)

3. How We Use Data

We currently use data for: - Providing and maintaining the service - Troubleshooting and performance monitoring - Anti-spam and security auditing - Service notifications and pre- and post-sales communication - Legal and compliance obligations Explicit commitments: no secondary use, no AI training, no resale, no unrelated marketing.

4. Data Retention

Cloud mode: device telemetry is retained short-term for security and backup-restore; specific durations are set in the contract. System logs are retained for security audit and compliance. Account and contact info is retained for a limited period after account closure for audit purposes. Self-Hosted mode: data stays entirely within the customer's domain — this clause does not apply.

5. Data Sharing

We do not sell customer data to third parties or use it for unrelated marketing. Infrastructure providers required to run the service (e.g. Alibaba Cloud, AWS, Cloudflare) access data only as necessary and under data-processor terms. A current list can be provided during procurement review.

6. Security Measures

Technical and organizational controls include: - Transport: TLS 1.3 - Data at rest: database encryption - Access control: least privilege, multi-factor authentication, audit logging - MLPS 2.0 alignment is described on the Enterprise page Other certifications (Xinchuang, ISO 27001, GuoMi) are on the roadmap; current progress is available via sales.

7. Your Rights

You have rights to access, correct, and delete your personal information, withdraw consent, or close your account. For data portability or complaints, reach us via the contact page or the channels specified in your contract.

8. Cookies & Tracking

Cookies in use: - NEXT_LOCALE (necessary, language preference, ~1 year) - Website analytics (optional, anonymized) We do not use third-party advertising cookies.

9. Children's Data

The service is not directed to users under 14, and we do not knowingly collect data from minors.

10. Changes to This Policy

Material changes will be announced by email and on the website with reasonable advance notice.

11. Contact Us

The final version of this notice will be confirmed by counsel. For data-protection questions, reach us via the contact page or our support email.