ZemlyAI

ZemlyAI Privacy Policy

We are committed to protecting your personal data and being transparent about how we collect, use, and store your information.

Last updated: 7 March 2026

This Privacy Policy explains how Everpower Labs Pty Ltd (ABN 36 673 566 875) trading under the ZemlyAI brand (“ZemlyAI”, “we”, “us”, or “our”) collects, uses, stores, discloses, and protects personal information when you visit our website, create an account, use our platform, interact with our Services, or otherwise deal with us.

1. Scope

This Privacy Policy applies to:

  • visitors to the ZemlyAI website
  • prospective customers and customers
  • users of the ZemlyAI platform
  • individuals whose information is processed through our Services, including callers, tenants, landlords, agency staff, contractors, and other authorised users, where applicable

In some situations, we act as a service provider or processor on behalf of our business customers. In those cases, the customer controls the purpose for which personal information is processed, and you may also need to refer to that customer's privacy policy.

2. What Information We Collect

Depending on how you interact with us, we may collect the following categories of information.

Information you provide directly

  • name
  • business name
  • email address
  • phone number
  • billing information
  • account login details
  • enquiry details
  • support requests
  • documents, scripts, policies, and files uploaded to the platform
  • information included in forms, onboarding flows, or communications with us

Information collected through use of the Services

  • call recordings, where enabled
  • call transcripts
  • call metadata, such as date, time, duration, caller number, and routing details
  • notes, tags, summaries, action items, escalation outcomes, and sentiment indicators
  • platform settings, escalation rules, office hours, and workflow preferences
  • usage data, logs, diagnostics, and analytics

Information collected automatically

  • IP address
  • browser type
  • device information
  • operating system
  • pages viewed
  • referring URLs
  • timestamps
  • cookies and similar technologies

Information from third parties

  • integrations with property management platforms, CRMs, communication providers, ticketing tools, or identity and payment providers
  • publicly available business information
  • information provided by authorised users of our business customers

3. Sensitive Information

We ask customers not to upload or disclose sensitive personal information unless it is reasonably necessary and lawful to do so.

Where sensitive information is processed through the Services, it is the customer's responsibility to ensure they have a valid legal basis, authority, and any required notices or consents.

4. How We Use Personal Information

We may use personal information to:

  • provide, operate, maintain, and support the Services
  • create and manage accounts
  • process transactions and subscriptions
  • answer enquiries and provide customer support
  • enable AI-driven call handling, summaries, triage, and escalation
  • connect and operate third-party integrations
  • improve the quality, safety, performance, and reliability of the Services
  • detect, prevent, and investigate fraud, misuse, security incidents, and unlawful conduct
  • comply with legal, regulatory, and contractual obligations
  • send service-related notices and operational communications
  • send marketing communications where permitted by law and subject to your preferences

We may also use de-identified or aggregated information for analytics, service improvement, service training, and business reporting.

To deliver the Services, we may use a combination of internally developed systems and third-party service providers, including telephony, speech, transcription, hosting, and AI providers.

5. Legal Basis / Grounds for Processing

Where applicable, we process personal information because:

  • it is necessary to provide the Services requested by you or our customer
  • it is necessary for our legitimate business interests, such as operating, securing, and improving the Services
  • you or our customer have provided consent where required
  • we are required or authorised to do so by law

6. Call Recording and AI Analysis

Our Services may involve call recording, transcription, voice processing, and AI analysis to generate responses, summaries, classifications, and workflow outcomes.

Customers are responsible for:

  • determining whether call recording is enabled
  • configuring their use of the Services appropriately
  • giving legally required notices and obtaining required consents from callers and other individuals
  • ensuring their use of the Services complies with applicable surveillance, privacy, telecommunications, employment, consumer, and other relevant laws

7. Cookies and Analytics

We may use cookies, pixels, and similar technologies to:

  • keep the website functioning
  • remember preferences
  • understand usage and traffic patterns
  • improve performance and user experience
  • support security and fraud prevention

You can control cookies through your browser settings, although some features may not function properly if cookies are disabled.

8. Disclosure of Personal Information

We may disclose personal information to:

  • our employees, contractors, and related entities
  • hosting, cloud, storage, and infrastructure providers
  • communications and telephony providers, including providers used to send, receive, route, record, or transcribe calls and messages
  • artificial intelligence, language model, transcription, speech-processing, and voice service providers
  • analytics, support, billing, identity, and email service providers
  • integration partners you choose to connect
  • professional advisers, auditors, insurers, and legal counsel
  • regulators, law enforcement, courts, or government agencies where required or authorised by law
  • a purchaser or successor in connection with a merger, acquisition, restructuring, or sale of assets

For example, depending on how the Services are configured, ZemlyAI may use third-party providers for telephony, call recording, speech-to-text, text-to-speech, language processing, AI-generated responses, hosting, analytics, and customer communications.

We do not sell personal information as a standalone data product.

9. Data Residency and Cross-Border Data Handling

ZemlyAI is designed so that customer data is stored and processed within the relevant geographic region in which the Services are deployed for that customer, subject to the capabilities of the selected infrastructure and service providers.

Where we offer region-specific deployments, we aim to keep personal information within that geographic area, such as Australia, Singapore, the United Kingdom, or another designated service region applicable to the customer environment.

We do not intentionally transfer personal information outside the customer's designated service region unless:

  • the customer requests or authorises such transfer
  • it is required to provide a specific integration or third-party service selected by the customer
  • it is necessary for legal, security, support, disaster recovery, or regulatory reasons
  • it is otherwise permitted or required by applicable law

If cross-border disclosure or processing is required, we take reasonable steps to ensure that the recipient handles personal information in a manner consistent with applicable privacy and data protection obligations.

10. Data Security

We take reasonable technical, organisational, and administrative measures to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure.

These measures may include:

  • access controls
  • encryption in transit and at rest where appropriate
  • audit logging
  • role-based permissions
  • backups and disaster recovery measures
  • staff confidentiality obligations
  • security monitoring and incident response procedures

No system is completely secure, and we cannot guarantee absolute security.

11. Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

  • provide the Services
  • comply with legal, accounting, tax, or regulatory obligations
  • resolve disputes
  • enforce agreements
  • maintain security and business records

We may delete, anonymise, or de-identify information when it is no longer required.

12. Access and Correction

Subject to applicable law, you may request access to personal information we hold about you and request correction of inaccurate, incomplete, or out-of-date information.

Where we hold personal information only on behalf of a customer, we may direct your request to that customer.

13. Marketing Communications

We may send you product updates, newsletters, event invitations, or marketing messages where permitted by law. You can opt out at any time by using the unsubscribe link or contacting us.

We may still send important non-marketing communications about your account, billing, service changes, or security.

14. Children

Our Services are not directed to children, and we do not knowingly collect personal information directly from children through our website for independent use of the Services.

15. Access, Complaints and Contact

If you would like to access or correct your personal information, or if you believe we have mishandled your personal information or breached applicable privacy law, please contact us.

Please include enough detail for us to investigate. We will review your complaint and respond within a reasonable time.

Everpower Labs Pty Ltd

ABN: 36 673 566 875
Email: hello@zemly.ai
Address: Unit G10/48 Gungahlin Pl, Gungahlin ACT 2912

16. Australia-Specific Information

If the Privacy Act 1988 (Cth) applies to our handling of your personal information, you may also have rights under that law.

If you are not satisfied with our response to your privacy complaint, you may contact the Office of the Australian Information Commissioner.

17. International Customers

If you access or use the Services from outside Australia, your information will generally be handled within the designated geographic region for your deployment, subject to the data residency and cross-border handling provisions described in this Privacy Policy.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will publish the updated version on our website and revise the “Last updated” date.

Your continued use of the Services after an update takes effect indicates acceptance of the revised Privacy Policy, to the extent permitted by law.