Get Started

MZX AI Privacy Policy

Effective Date: November 7, 2025
Last Revised: November 7, 2025
Previous Versions: This is the first version
Legal Entity & Address: Metrix Zenith X Artificial Intelligence; IFZA Business Park – Dubai Silicon Oasis – Dubai – United Arab Emirates
Privacy Contact: privacy@mzx.ai
EU/UK Representative:

1) Introduction & Scope

This Privacy Policy explains how Metrix Zenith X Artificial Intelligence (“MZX AI,” “we,” “us,” or “our”) collects, uses, shares, and safeguards personal information when you use our websites, portals, and services that link to this Policy (collectively, the “Services”), including:

  • Our public website(s) and marketing pages;
  • Our upload/download portals where users submit documents and content and receive AI-generated content;
  • Our communications (emails, support, events, and demos).

Controller vs. Processor

  • Processor role (B2B/Enterprise). When enterprise customers use our platform to process Customer Content (e.g., RfPs, attachments, generated presentations, and related metadata), we generally act as a processor (or service provider/contractor) and process such data per our agreement with the customer. If you have questions about data submitted by your organization, please contact your organization’s administrator.
  • Controller role. For our website visitors, prospects, and account-level information (e.g., billing, usage analytics, marketing preferences), MZX AI acts as a controller.

This Policy does not alter terms in any agreement between MZX AI and its enterprise customers. Where those terms conflict with this Policy, the agreement controls with respect to Customer Content.

2) Key Definitions

  • Customer Content. Documents and data you or your organization submit to the Service (e.g., documents, files, emails forwarded to our intake, attachments, slides), and metadata derived from them.
  • Personal Information. Information that identifies or can reasonably be linked to an individual.
  • Portals. Our client portal and secure upload/download webpages used to submit inputs and retrieve outputs.

3) Information We Collect

A. Information You Provide

  • Contact & Account Data. Name, email, phone, company, role/title, credentials.
  • Billing & Transaction Data. Billing contact, payment identifiers handled by our payment processors, transaction history.
  • Customer Content. RfPs, attachments (e.g., PDF, PPTX), instructions, comments, and generated outputs.
  • Communications. Support requests, demo scheduling, surveys, or referrals.

B. From Third Parties

  • Auth/SSO or social sign-in. Profile basics made available by the provider.
  • Marketing partners & event co-hosts. Lead details when you consent or register.
  • Public sources and data licensors. Where lawful and relevant (e.g., firmographic data).

C. Automatically Collected

  • Device & Log Data. IP address, device/browser type and settings, timestamps, pages viewed, referral URLs.
  • Portal Telemetry. Upload events, file types/counts, processing status, error diagnostics.
  • Email Interaction. Open/click metrics via pixels/UTM parameters.

D. Cookies & Similar Technologies

We use cookies and similar tools for authentication, preferences, analytics, and performance. See our Cookie Notice for details and controls.

4) How We Use Information

  • Provide & Operate the Services. Run portals, process documents, generate content and documents with artificial intelligence, deliver results, provide support, and maintain security.
  • Personalize & Improve. Remember preferences; diagnose issues; enhance UX; develop new features.
  • Analytics & Service Quality. Understand aggregate usage (pages visited, performance, file processing times).
  • Communications. Send service notices, onboarding tips, security alerts, and (with consent where required) marketing.
  • Compliance & Protection. Detect/prevent fraud/abuse, enforce terms, comply with legal obligations.

AI & Model Providers

  • No training on Customer Content by default. We do not use Customer Content to train our or third-party foundation models unless you explicitly opt in.
  • Subprocessors. We may use vetted providers (e.g., cloud infrastructure, email delivery, optional AI model APIs) under written data protection terms. See our Subprocessor List.

De-identified/Aggregated Data

We may de-identify or aggregate information (removing direct identifiers) and use it for analytics, benchmarking, and improving the Services.

Automated Decision-Making

We do not perform automated decision-making that produces legal or similarly significant effects.

5) Legal Bases (EEA/UK only)

Where the GDPR/UK GDPR applies, we rely on:

  • Contractual necessity to provide the Services you request.
  • Legitimate interests to secure/improve our Services, prevent misuse, and market to business contacts, balanced against your rights.
  • Consent for certain cookies/marketing where required.
  • Legal obligations for tax, accounting, compliance purposes.

6) How We Share Information

  • Service Providers/Subprocessors. Hosting, storage, email/SMS, customer support, analytics, payment processing, optional AI APIs—bound by confidentiality and data-processing terms.
  • Enterprise Customer (Processor Context). We share Customer Content within the customer’s tenant/administrators per the enterprise agreement and settings.
  • Business Partners/Events. With your consent or where you register jointly.
  • Corporate Transactions. In M&A, financing, or similar events subject to appropriate safeguards.
  • Legal/Protection. To comply with law/enforce rights, or address security threats.
  • Other Users You Authorize. If you invite collaborators or share links, we disclose data as necessary to fulfill your request.

We do not sell personal information.

7) Your Choices

  • Marketing Opt-Out. Unsubscribe via links in emails or contact us (see Section 13).
  • Cookies. Manage in our Cookie Notice and your browser settings.
  • Declining to Provide Data. Certain features require specific data; if not provided, functionality may be limited.

8) Data Subject & U.S. State Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object, or port your personal information, and to withdraw consent where processing is based on consent. To exercise rights, contact us (Section 13). We may verify your identity and, where applicable, direct you to your organization’s administrator.

U.S. State Notices (e.g., CA/CO/VA/CT/UT). See our U.S. State Privacy Notice for state-specific disclosures and opt-out mechanisms (e.g., targeted advertising).

9) International Transfers

We may process data in countries that may have different data protection laws than your home jurisdiction (e.g., transfers to the U.S.). Where required, we use appropriate safeguards such as Standard Contractual Clauses and supplementary measures. Details available upon request.

10) Security

We implement technical and organizational measures aligned with industry practices, including encryption in transit and at rest, least-privilege access, logging/monitoring, and vulnerability management. No system is perfectly secure; we cannot guarantee absolute security.

11) Children

Our Services are not intended for individuals under 18. If you believe a child has provided personal information, contact us and we will delete it as required by law.

12) Retention

We keep personal information only as long as necessary for the purposes described above or as required by law.

Default retention parameters (subject to customer configuration and legal requirements):

  • Uploaded client documents & attachments: auto-delete after 360 days
  • Generated content and documents: retained for 360 days or per customer setting
  • Operational logs/telemetry: 24 months
  • Billing/transaction records: retained as required by law (7 years)

We may retain de-identified or aggregated data for longer.

13) How to Contact Us

  • Privacy Email: privacy@mzx.ai
  • Postal Address: Metrix Zenith X Artificial Intelligence; IFZA Business Park – Dubai Silicon Oasis – Dubai – United Arab Emirates
  • EU/UK Representative:

If you are an enterprise end user, please contact your organization first for requests about Customer Content processed under our agreement.

14) Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will update the “Effective Date” above and provide additional notice where required. Your continued use of the Services after the effective date means you acknowledge the updated Policy.

15) Supplemental Notices

Appendix (GDPR/UK GDPR – Legal Basis Matrix)

PurposeCategoriesLegal Basis
Service delivery & account administrationContact, account, device/log data, Customer ContentContractual necessity
Security, fraud prevention, and misuse detectionAny relevant categoriesLegitimate interests; legal obligation where applicable
Product improvement & analyticsDe-identified/aggregated data, device/log data, limited usage metricsLegitimate interests; consent for optional cookies
Marketing to business contactsContact & preference dataLegitimate interests; consent where required
Compliance (tax, accounting, legal requests)Billing/transaction data; any as requiredLegal obligation

 

Notice to European Users

This section applies only to individuals located in the European Economic Area (“EEA”) and the United Kingdom (“UK”) and supplements the MZX AI Privacy Policy.

Identity of the Controller

For personal data we collect and process in connection with our websites, marketing, trials/demos, accounts, and billing, Metrix Zenith X Artificial Intelligence (“MZX AI”) is the controller.

  • Controller contact: privacy@mzx.ai
  • Registered address: Metrix Zenith X Artificial Intelligence; IFZA Business Park – Dubai Silicon Oasis – Dubai – United Arab Emirates

For Customer Content (e.g., files, attachments, generated content and files) that we process on behalf of an enterprise customer inside
its tenant, MZX AI generally acts as a processor (service provider). In that case, the enterprise customer is the controller. Please contact your organization first for requests about Customer Content.

EU/UK Representatives (Article 27)

  • EU Representative:
  • UK Representative:

You may contact our EU/UK representatives for matters related to GDPR/UK GDPR.

Legal Bases for Processing

We process your personal data only where a legal basis applies:

  • Contractual Necessity: to register your account, provide the Services, support, and deliver proposals.
  • Legitimate Interests: to secure and improve the Services, prevent misuse, understand usage, and market to business contacts (B2B), balanced against your rights and freedoms.
  • Consent: for certain cookies/analytics and for direct marketing where required; you may withdraw consent at any time.
  • Legal Obligation: to satisfy tax, accounting, and compliance requirements, or respond to lawful requests.

Purpose-Basis Matrix

PurposeExamples of DataLegal Basis
Service delivery & account administrationContact details, account credentials, device/log data, Customer
Content metadata		Contractual necessity
Security & fraud preventionIP address, logs, telemetry, abnormal activity indicatorsLegitimate interests; legal obligation where applicable
Product improvement & analyticsDe-identified/aggregated metrics, device/log data, cookie data (where
applicable)		Legitimate interests; consent for optional
cookies/analytics
Marketing (B2B)Work email, name, role, preferencesLegitimate interests; consent where required
ComplianceBilling/transaction data; records required by lawLegal obligation

Training notice. We do not use Customer Content to train foundation models unless you explicitly opt in.

International Data Transfers

We may transfer personal data outside the EEA/UK (e.g., to the United States). Where we do so, we implement appropriate safeguards such as the EU/UK Standard Contractual Clauses and, where relevant, supplementary measures. You can request a copy or summary of the applicable
safeguards by contacting us at privacy@mzx.ai.

Your Rights

Subject to conditions and exemptions in the GDPR/UK GDPR, you have the right to:

  • Access your personal data and obtain information about our processing.
  • Rectify inaccurate or incomplete personal data.
  • Erase your personal data (right to be forgotten).
  • Restrict processing in certain circumstances.
  • Object to processing based on legitimate interests and to object at any time to direct marketing.
  • Portability: receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Withdraw consent at any time where processing is based on consent (this does not affect prior lawful processing).

How to exercise your rights. Contact us at privacy@mzx.ai. We may need to verify your identity. If we process your data as a processor for your organization, we will direct your request to the relevant controller (your organization).

Automated Decision-Making

We do not engage in automated decision-making, including profiling, that produces legal or similarly significant effects.

Sensitive Personal Data

Our Services are not designed to process special categories of personal data (including and not limited to, health, biometric, racial/ethnic origin, political opinions). We request that you do not intentionally submit this information. If we become aware that we have inadvertently processed such data, we will take steps to securely delete it or otherwise treat it in accordance with legal requirements.

Data Retention

We retain personal data only for as long as necessary for the purposes described in our Privacy Policy or as required by law (see Retention section). Customer-configurable deletion schedules may apply to Customer Content.

Complaints

If you believe our processing of your personal data infringes GDPR/UK GDPR, you have the right to lodge a complaint with your local supervisory authority.
You may also contact us first at privacy@mzx.ai and we will do our best to resolve your concern.

  • EEA: Contact details for supervisory authorities are available from national DPAs.
  • UK: Information Commissioner’s Office (ICO), ico.org.uk (or latest contact details).

Contact (EU/UK matters):

  • EU Rep: [PLACEHOLDER]
  • UK Rep: [PLACEHOLDER]
  • MZX AI Privacy: privacy@mzx.ai

Contact

Resources

Follow us

Copyright © 2025 MZX.AI