Your data, used only to serve you.

Ziv is a WhatsApp-based AI assistant operated by ADB Media LLC (“Ziv”, “we”, “us”). Our principal place of business is 7612 NW 20th Ct, Pembroke Pines, FL 33024, United States. This Privacy Policy applies to the Ziv service, the app.myziv.ai portal, the admin.myziv.ai portal, the api.myziv.ai API, and the marketing website at myziv.ai.

For questions about this policy or your data, contact us at privacy@myziv.ai.

Ziv has two distinct relationships you should understand:

• Customers — the businesses, religious organizations, contractors, and other entities that subscribe to Ziv and use it to serve their members, clients, or staff. Ziv acts as a data processor for the personal data the customer entrusts to us.
• End users — the people who message a customer's Ziv number on WhatsApp (e.g., a congregant texting their rabbi, a homeowner texting their general contractor). Ziv is acting on behalf of the customer; the customer is the data controller for those messages.

If you are an end user and want to understand how a specific business uses Ziv to handle your messages, contact that business directly. We will assist them with any deletion or access request you make through them.

From customers (account holders):

• Account details: name, email, phone number, organization name, billing address.
• OAuth credentials and refresh tokens for tools you connect (e.g., Zoho Books, Zoho Calendar, Google Workspace). Stored encrypted at rest.
• Configuration data: organization preferences, profile observations, custom workflows.
• Audit logs of actions Ziv took on your behalf.

Through WhatsApp messaging:

• The content of messages sent to and from your Ziv number — text, voice notes, images, documents, PDFs.
• Sender phone numbers and WhatsApp profile names.
• Timestamps and message metadata.

From connected business tools:

• Contacts, invoices, estimates, receipts, calendar events, and other records you authorize Ziv to read and write on your behalf.

Automatic / technical:

• IP address, browser, device type, and operating system when you use our portals.
• Server logs of API requests and webhook events.

• To execute the actions you request (create invoices, log expenses, send messages, schedule events, place calls).
• To understand your messages, including transcribing voice notes and extracting structured information from photos and documents.
• To remember conversation context so Ziv can handle follow-up messages and corrections.
• To send you proactive reminders and digests you have configured (e.g., Hebrew birthday digests, proposal expiration alerts).
• To detect abuse, fraud, and security incidents.
• To comply with our legal obligations and respond to lawful requests.
• To improve Ziv. We do not use your message content or business data to train any AI model.

Ziv uses third-party AI providers to understand your messages and generate responses. When you send a message to Ziv, the relevant content (and only what is needed to handle the request) is transmitted to one of the following providers under their respective enterprise / API terms:

• Anthropic (Claude models) — complex reasoning, message drafting.
• Google (Gemini models) — receipt OCR, audio transcription, routine sub-tasks.
• OpenAI (GPT models) — available as a fallback; not actively used for production traffic at this time.

These providers process your data only to respond to the request. Under their API terms, they do not use this data to train their models, and they store the request only as long as needed to operate the API service (typically zero retention or short-term abuse logs only). We do not have control over these third-party policies and recommend reviewing them directly: Anthropic, Google, OpenAI.

We share information with the following categories of recipients only to operate the service:

• Meta Platforms, Inc. — to send and receive messages through the WhatsApp Business Platform.
• Anthropic, Google, OpenAI — to process your messages (see Section 5).
• VAPI — to place outbound voice calls when you request them.
• Hetzner Online GmbH — our hosting provider in Germany.
• Resend — to deliver outbound email on your behalf.
• Connected business tools (e.g., Zoho) — only when you authorize the connection.
• Professional advisors and authorities — when required by law.

We do not sell or rent your personal information. We do not share your data for cross-context behavioral advertising.

Ziv is a WhatsApp Business Solution. Our use of information received from the WhatsApp Business Platform complies with WhatsApp's Business Messaging Policy. In particular:

• We only message users who have opted in by initiating contact with the customer's Ziv number.
• We do not use phone numbers obtained from WhatsApp for any purpose other than facilitating the customer's service.
• We honor user requests to stop receiving messages from a Ziv number.

• Active customer data: retained for as long as the customer's account is active.
• Message history: retained as long as needed to provide the service. Customers can request shorter retention.
• Backups: daily database backups retained for 7 days on a rolling basis.
• Audit logs and legal-hold records: retained for up to 7 years to meet financial and legal recordkeeping obligations.
• After account deletion: we erase or de-identify personal data within 30 days, except items subject to legal hold.

We protect your data using industry-standard technical and organizational measures: TLS encryption in transit, AES-256 encryption of OAuth tokens at rest, network isolation, principle-of-least-privilege access controls, permanent system-user tokens with scoped permissions, daily off-disk backups, and audit logging. No method of transmission or storage is 100% secure; we will notify affected users of a confirmed breach as required by law.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data (see our Data Deletion page).
• Receive a portable copy of your data.
• Object to or restrict certain processing.
• Withdraw consent for processing based on consent.
• Lodge a complaint with a supervisory authority (EU/UK) or attorney general (U.S. states with applicable laws).

California residents have additional rights under the California Consumer Privacy Act (CCPA/CPRA). EEA, UK, and Swiss residents have rights under the GDPR / UK GDPR / FADP. To exercise any right, email privacy@myziv.ai. We will respond within 30 days. We do not discriminate against users who exercise their privacy rights.

Ziv is hosted in Germany (EU) by Hetzner. AI providers and Meta may process your data in the United States and other countries. Where required, we rely on Standard Contractual Clauses or other approved transfer mechanisms.

Ziv is not directed to children under 13 (or under 16 in jurisdictions where that is the relevant threshold). We do not knowingly collect data from children. If you believe a child has used Ziv, contact us and we will delete the data.

We may update this policy from time to time. Material changes will be announced via email to account admins and noted at the top of this page (“Last updated”). Continued use of Ziv after changes take effect constitutes acceptance.

Privacy and data questions: privacy@myziv.ai
Mailing address: ADB Media LLC, 7612 NW 20th Ct, Pembroke Pines, FL 33024, USA
Data deletion requests: /data-deletion