Zormly
Sign inGet Started
LEGAL AGREEMENT

Privacy Policy

Last updated: May 22, 2026

1. Introduction

Welcome to Zormly. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice or our practices with regard to your personal info, please contact us at support@zormly.com.

This privacy policy applies to all information collected through our website, SaaS platform, and related APIs.

2. Information We Collect

We collect personal information that you voluntarily provide to us when registering, customizing workspaces, subscribing to plans, creating forms, or contacting customer support:

  • Account Credentials: Email address, password hash, fullName, and Google OAuth unique identifier.
  • Billing Data: Dodo Payments Customer ID, Subscription status, billing address, and transaction histories. We do not store credit card details on our servers.
  • User-Generated Submissions: Form configurations, custom styles, schemas, and public responder file attachments.
  • Automatically Collected Data: IP addresses, browser types, device information, and operating systems collected automatically when you or your respondents access our platform.

3. How We Use Your Information

We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent. Specifically, we use it to:

  • Facilitate account creation, login, and team workspace member invitations.
  • Enforce billing limits, submission quotas, and premium branding removal checks.
  • Deliver system notifications, password recovery links, and security updates.
  • Track and record aggregate page-view counters and response drop-off analytics.
  • Protect our Services from fraud, abuse, and security threats.

4. Share and Storage of Information

We use secure, PCI-compliant vendors to maintain database, files, and transaction lifecycles:

  • Neon / Render: Hosting PostgreSQL databases under strict workspace tenancy constraints.
  • Dodo Payments: Managing subscriptions, customer portal entries, and card transactions securely.
  • UploadThing / AWS S3: Storing avatar uploads and user attachment uploads.
  • Resend: Delivering transactional registration verification and workspace invitation emails.

5. Cookie Policy

We use cookies and similar tracking technologies to access or store information. We primarily use essential cookies to maintain your authenticated session securely. We may also use analytics cookies to understand how our website is being used and to improve the user experience. You can manage your cookie preferences through your browser settings.

6. Your Privacy Rights (GDPR & CCPA)

Depending on your location, you possess specific rights governing the accessibility and disposal of your personal data:

  • Right to Access: You can request copies of your personal data.
  • Right to Rectification: You can request that we correct inaccurate information.
  • Right to Erasure (Right to be Forgotten): You can request that we delete your personal data, subject to certain conditions.
  • Right to Data Portability: You can request a transfer of your data to another organization.

To exercise any of these rights, please email us at support@zormly.com. We will respond to your request within 30 days. We do not sell your personal information to third parties.

7. Data Retention

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). Upon account deletion, all associated forms and responses are permanently purged from our active databases.

8. Updates to This Policy

We may update this privacy notice from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated version will be indicated by an updated "Revised" date and will be effective as soon as it is accessible. We encourage you to review this policy periodically.