Privacy policy
Last updated : 28 May 2026
Zenvia is published by Dipicorp Ltd, a Mauritian company providing IT services and software development. This policy describes how we collect, use and protect your data when you use the Zenvia mobile application (iOS, Android) and the associated web service.
1. Data we collect
Account data
- Email address
- First and last name
- Password (stored in hashed form, never in plain text)
Business data you entrust to us
- Photos and PDFs of documents (receipts, invoices)
- Data extracted by automatic reading : amount, date, supplier, category
- The identity of the recipient accountant you designate
Activity log
- A history of your actions in the application (sending, validating, deleting documents) for audit and legal compliance purposes
1bis. What we do not collect
- No device or installation identifier
- No IP address retained
- No automatic telemetry (device type, OS version, crash logs)
- No third-party analytics SDK (Google Analytics, Firebase, Sentry, etc.)
2. What we do not collect
- No geolocation data
- No advertising identifier
- No cross-app tracking data
- No biometric data
- No contacts, calendar or microphone data
3. Purposes of processing
- Allow you to capture and organise your documents
- Forward your documents to the accountant you designate
- Provide user support
- Improve automatic reading (on aggregated and anonymous statistics only)
- Comply with our legal obligations (invoicing, fraud prevention)
4. Data sharing
Your documents are shared only with the accountant you explicitly designate in the application. This sharing ends as soon as you revoke it.
We never sell your data. We do not share it with advertisers.
We use the following technical sub-processors :
- OVH Cloud (France) — hosting, file storage
- OCR provider — automatic reading of documents (files are deleted after processing)
- Expo / EAS — distribution of application updates
5. Retention
- While your account is active : unlimited duration
- On deletion of your account : erasure within 30 days
- Encrypted backups : an additional 90 days, then purged
- Mauritian legal obligations (accounting retention) : 5 years for documents marked as exported to accounting
6. Security
- Encryption in transit (HTTPS / TLS 1.2+)
- Encryption at rest for stored files
- Token-based authentication, automatic expiration
- Server access strictly limited to the technical team under a confidentiality obligation
7. Your rights
In accordance with the Mauritian Data Protection Act 2017 and the GDPR for European users, you may at any time :
- Access your data
- Rectify it
- Export it (portability)
- Request its deletion
- Object to a processing operation
To exercise these rights, write to : contact@dipicorp.com
You may also lodge a complaint with the Mauritian Data Protection Office : dataprotection.govmu.org
8. Minors
Zenvia is reserved for users of legal age (18 or older). We do not knowingly collect data from minors.
9. Changes
This policy may be updated. The date of the last change is shown at the top. Material changes will be notified to you in the application.
10. Contact
Dipicorp Ltd (publisher of Zenvia)
Email : contact@dipicorp.com
Postal address : Avenue Badamier, Bellevue Phare, Albion, Mauritius
Data Protection Officer : contact@dipicorp.com