Privacy Policy
Last updated: April 2026
1. Who we are
Zobrx is a product of Evanik Networks Private Limited ("Evanik", "we", "us" or "our"), a company incorporated in India with its registered office at D79, Ground Floor, Sector 2, Noida, Uttar Pradesh — 201301, India, and an additional office at Balaji Complex, Vivek Vihar Block, Shakarpur, Delhi — 110092, India. Evanik operates the Zobrx marketing intelligence platform at www.zobrx.com and its parent e-commerce management platform at www.evanik.ai.
2. What data we process
We process data in three categories: (a) account data (your name, email, role, company); (b) workspace data (marketing performance data you authorize us to ingest from third parties like Google Ads, Meta, LinkedIn, GA4, etc.); and (c) product telemetry (usage of the Zobrx app).
3. Lawful basis
We process your data under (a) legitimate interest, (b) contractual necessity, and where required (c) your explicit consent. Under GDPR, EU users have Article 15–22 rights. Under India's Digital Personal Data Protection Act 2023 (DPDP), Indian data principals have rights to access, correction, erasure, grievance redressal and nominee designation. CCPA/CPRA rights apply to California residents.
4. Data residency
You control where your workspace data lives. We operate data regions in the US (Virginia), EU (Frankfurt), UK (London), APAC (Singapore) and India (Mumbai). Enterprise customers may request additional regions.
5. Sub-processors
A current list of sub-processors is public at zobrx.com/subprocessors. We notify customers 30 days in advance of any material changes.
6. AI & training
We do not use customer data to train any AI model. Groq and Google Gemini endpoints operate under enterprise no-retention contracts. On the Enterprise plan you may bring your own model endpoint.
7. Security
Zobrx is GDPR, CCPA/CPRA and DPDP 2023 compliant with HIPAA-ready controls. SOC 2 Type II is in audit (report expected 2027-Q1); ISO 27001 and ISO 27701 certifications are in progress. All data is encrypted in transit (TLS 1.3) and at rest (AES-256-GCM with KMS envelope). Field-level envelope encryption protects integration credentials and PII. Access is role-based with tamper-evident audit logging and enforced MFA.
8. Your rights
You may request access, deletion, correction, portability and restriction of processing at privacy@zobrx.com. We respond within 30 days, at no cost. Indian data principals can additionally raise grievances to our Indian grievance officer; the contact details are published in the Zobrx app and on request. Automated decision-making (GDPR Article 22): AI recommendations are advisory by default and can be opted out of in workspace settings.
9. Contact
Data Protection Officer: privacy@zobrx.com. India Grievance Officer under the DPDP Act 2023 and IT Rules can be reached at grievance@evanik.ai or by post at Evanik Networks Private Limited, D79, Ground Floor, Sector 2, Noida, Uttar Pradesh — 201301, India. Postal and email correspondence is acknowledged within 48 hours and resolved within 30 days per DPDP. EU Article 27 representative available on request.