Discover Events

Happening soon on Sayzio

Browse all events

Privacy Policy

Last updated: July 1, 2026

This Privacy Policy explains what personal data Sayzio ("we", "us") collects when you use the Sayzio website, dashboard, APIs and related services, why we collect it, how we use, host and share it, how long we keep it, and the rights you have. We are committed to handling your data lawfully, transparently and with care. For any privacy question you can reach us at privacy@1in.me.

1. Who we are

The Service is operated by Sayzio, with its registered office at Hyderabad, Telangana, India. For the personal data in your account we act as the data controller. For privacy questions, data requests or to reach our Data Protection Officer, email privacy@1in.me or use the contact page.

2. Scope of this policy

This policy applies to personal data we process about: (a) account holders and the teammates they invite; (b) visitors to our website and marketing pages; and (c) visitors to the pages you publish, only to the limited extent we process their data on your behalf. It does not cover third-party websites or services you link to, which have their own privacy practices.

3. Controller and processor roles

For personal data about you as an account holder (your name, email, billing details and account activity), we are the data controller. For personal data of your own visitors and contacts that you collect through Sayzio (for example, form submissions, followers and subscribers), you are the data controller and we act as your data processor under our Data Processing Agreement. You are responsible for having a lawful basis and privacy notice for the personal data you collect from your visitors.

4. What data we collect

We collect data in the following broad categories:

  • Account data you give us — name, email address, phone number, password (hashed), billing address, profile handle and avatar.
  • Profile and content data — pages, blocks, links, files, images, forms, messages, contacts, posts and other content you create or upload.
  • Payment data — billing details handled by our payment processors. We never see or store full card numbers; we only retain the last four digits, brand and expiry for receipts.
  • Usage and analytics data — pages visited inside the dashboard, features used, clicks on your public links, QR-code scans, referrers and conversion events.
  • Device, log and cookie data — IP address, browser, operating system, language, time zone, device identifiers, and cookies/local storage entries necessary to keep you signed in and to remember preferences.

5. How we collect your data

We collect personal data: (a) directly from you when you register, configure your account, publish content, make a payment or contact us; (b) automatically as you use the Service, through cookies, local storage and server logs; and (c) from third parties such as payment processors, authentication providers and integrations you connect, and from public sources where you ask us to import data (for example contacts or reviews).

6. How we use your data

We use your personal data to: (a) provide, maintain and improve the Service; (b) authenticate you and protect accounts; (c) process payments and prevent fraud; (d) send essential service emails (receipts, security alerts, important changes); (e) provide customer support; (f) understand how the product is used so we can improve it; (g) power the AI features you choose to use; (h) comply with legal obligations; and (i) with your consent where required, send product updates or marketing. We do not sell your personal data.

8. Where your data is hosted

We host the Service on Amazon Web Services (AWS). Your account data and content are stored in managed AWS infrastructure, principally Amazon RDS (our PostgreSQL database) for structured data and Amazon S3 for uploaded files and media. AWS operates secure data centres with strong physical, network and operational controls. Data may be processed in AWS regions outside your country of residence; where that happens we apply the safeguards described in Section 13 (International data transfers).

9. AI features and your content

Some features use third-party artificial-intelligence providers to process the content you submit when you choose to use them:

  • OpenAI — text generation and embeddings that power the AI biolink builder, AI chat/agent and content suggestions.
  • OpenAI Whisper — speech-to-text transcription for voice features.
  • ElevenLabs — text-to-speech (voice synthesis).

When you use one of these features we send only the content needed to perform it (for example, your prompt, the text to read aloud, or the audio to transcribe). These providers act as our sub-processors under written agreements and are restricted from using your content to train their own models except as permitted by their terms. If you do not want this processing, simply do not use the AI features.

10. Analytics and tracking

We use first-party analytics to measure clicks on your links, QR-code scans, page sessions and feature usage so we can operate and improve the Service. These rely on cookies and local storage. On our public marketing pages we may also load optional third-party marketing/advertising pixels (for example Facebook, Google Analytics/Tag Manager, LinkedIn, Twitter/X, Pinterest, TikTok, Snapchat and Quora), only where you have consented if consent is required. The full list and your choices are described in our Cookie Policy.

11. Who we share data with

We share personal data only with the categories of recipient strictly required to run the Service:

  • Sub-processors — cloud hosting and storage, AI providers, transactional email, SMS gateways, payment processors, analytics, customer support tooling and error monitoring (see Section 12).
  • Professional advisers — lawyers, accountants and auditors when needed.
  • Authorities — when required by valid legal process or to protect our rights, users or the public.
  • Acquirers — in the event of a merger, acquisition or sale, in which case we will notify you before your data is transferred and becomes subject to a different privacy policy.

We do not sell your personal data and we do not run third-party advertising trackers on the public pages you publish.

12. Sub-processors

We engage the following categories of sub-processor, each bound by a written data-processing agreement:

  • Cloud hosting & storage — Amazon Web Services (AWS), including Amazon RDS and Amazon S3.
  • AI providers — OpenAI (text), OpenAI Whisper (speech-to-text) and ElevenLabs (text-to-speech).
  • Payments — our payment processors.
  • Communications — transactional email and SMS providers.
  • Operations — analytics, error monitoring and customer-support tooling.

The current detailed list of sub-processors is available on request via privacy@1in.me or the contact page.

13. International data transfers

Your data may be processed in countries other than the one you live in, including in AWS regions and at the AI sub-processors named above, which may be outside the EU/EEA or the UK. Where we transfer personal data internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK addendum where relevant) with each sub-processor.

14. How long we keep your data

We keep your account data for as long as your account is open. When you delete your account or close it, we remove personal data from active systems within 30 days and from backups within 90 days, except where we are required to keep certain records for longer (for example, invoices and tax records, typically 6–10 years depending on jurisdiction). Anonymised, aggregated statistics may be retained indefinitely.

15. Security

We use industry-standard measures to protect personal data, including encryption in transit (TLS) and at rest, network isolation, role-based access controls, multi-factor authentication for privileged accounts, audit logging, regular backups and routine security reviews. No system is perfectly secure — please use a strong unique password and enable any additional security features available to you.

16. Data breach notification

If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority and, where required, affected users without undue delay and in accordance with applicable law (including, where the GDPR applies, within 72 hours of becoming aware). We maintain internal procedures to detect, investigate and respond to security incidents.

17. Your rights

Depending on where you live, you have the right to: access your personal data; correct inaccurate or incomplete data; delete your data (right to be forgotten); restrict or object to certain processing; receive your data in a portable format; and withdraw any consent you previously gave. You can exercise most of these directly from your account settings or by contacting us at privacy@1in.me. We will respond to verified requests within 30 days. You also have the right to lodge a complaint with your local data-protection authority.

18. Your rights under the India DPDP Act

If you are in India, the Digital Personal Data Protection Act, 2023 ("DPDP Act") gives you rights over your personal data, including the right to access a summary of the personal data we process, the right to correction and erasure, the right to nominate another person to exercise your rights in the event of death or incapacity, and the right of grievance redressal. You can exercise these rights, or raise a grievance, by contacting our Grievance Officer at grievance@1in.me (see Section 20). Where we rely on your consent, you may withdraw it at any time.

19. Marketing communications

We only send you marketing communications where you have opted in or where otherwise permitted by law. Every marketing email includes an unsubscribe link, and you can also manage your preferences in your account settings. Opting out of marketing does not affect essential service messages (such as receipts, security alerts and important account notices), which we need to send to operate the Service.

20. Grievance Officer

In accordance with the Information Technology Act, 2000 (and the rules made under it) and the Digital Personal Data Protection Act, 2023, you may contact our Grievance Officer about any privacy grievance at grievance@1in.me, or by post at Hyderabad, Telangana, India. Please include your name, contact details and a clear description of the grievance. We will acknowledge your grievance within 24 hours and endeavour to resolve it within 15 days of receipt, or sooner where the law requires.

21. Children's privacy

The Service is not directed to children under 16, and we do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us at privacy@1in.me so we can delete it.

22. Do Not Track

Some browsers can transmit a "Do Not Track" (DNT) signal. There is currently no industry standard for how to respond to DNT signals, so we do not respond to them. You can still control non-essential cookies via your browser settings — see our Cookie Policy for details.

23. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes we will notify you by email or inside the dashboard, and we will update the "Last updated" date above.

24. Contact us / Data Protection Officer

If you have any questions, requests or complaints about this Privacy Policy or how we handle your data, please contact Sayzio by email at privacy@1in.me or through the contact page. You can address data-protection enquiries to our Data Protection Officer, and privacy grievances to our Grievance Officer at grievance@1in.me, at the same registered office: Hyderabad, Telangana, India.

Questions about this policy?

We're happy to clarify anything you read on this page. Reach out and a real person on our team will get back to you.

⌘I